1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
|
#!/bin/sh
exec smbscript "$0" ${1+"$@"}
/*
provision a Samba4 server
Copyright Andrew Tridgell 2005
Released under the GNU GPL v2 or later
*/
options = GetOptions(ARGV,
"POPT_AUTOHELP",
"POPT_COMMON_SAMBA",
"POPT_COMMON_VERSION",
"POPT_COMMON_CREDENTIALS",
'realm=s',
'host-name=s',
'ldap-manager-pass=s',
'root=s',
'quiet',
'ldap-backend-type=s',
'ldap-backend-port=i');
if (options == undefined) {
println("Failed to parse options");
return -1;
}
sys = sys_init();
libinclude("base.js");
libinclude("provision.js");
/*
print a message if quiet is not set
*/
function message()
{
if (options["quiet"] == undefined) {
print(vsprintf(arguments));
}
}
/*
show some help
*/
function ShowHelp()
{
print("
Samba4 provisioning
provision [options]
--realm REALM set realm
--host-name HOSTNAME set hostname
--ldap-manager-pass PASSWORD choose LDAP Manager password (otherwise random)
--root USERNAME choose 'root' unix username
--quiet Be quiet
--ldap-backend-type LDAPSERVER Select either \"openldap\" or \"fedora-ds\" as a target to configure
--ldap-backend-port PORT Select the TCP port (if any) that the LDAP backend should listen on (Fedora DS only)
You must provide at least a realm and ldap-backend-type
");
exit(1);
}
if (options['host-name'] == undefined) {
options['host-name'] = hostname();
}
/*
main program
*/
if (options["realm"] == undefined ||
options["ldap-backend-type"] == undefined ||
options["host-name"] == undefined) {
ShowHelp();
}
/* cope with an initially blank smb.conf */
var lp = loadparm_init();
lp.set("realm", options.realm);
lp.reload();
var subobj = provision_guess();
for (r in options) {
var key = strupper(join("", split("-", r)));
subobj[key] = options[r];
}
var paths = provision_default_paths(subobj);
provision_fix_subobj(subobj, paths);
message("Provisioning LDAP backend for %s in realm %s into %s\n", subobj.HOSTNAME, subobj.REALM, subobj.LDAPDIR);
message("Using %s password: %s\n", subobj.LDAPMANAGERDN, subobj.LDAPMANAGERPASS);
var tmp_schema_ldb = subobj.LDAPDIR + "/schema-tmp.ldb";
sys.mkdir(subobj.LDAPDIR, 0700);
provision_schema(subobj, message, tmp_schema_ldb, paths);
var mapping;
var ext;
var slapd_command;
if (options["ldap-backend-type"] == "fedora-ds") {
mapping = "schema-map-fedora-ds-1.0";
ext = "ldif";
if (options["ldap-backend-port"] != undefined) {
message("Will listen on TCP port " + options["ldap-backend-port"] + "\n");
subobj.SERVERPORT="ServerPort = " + options["ldap-backend-port"];
} else {
message("Will listen on LDAPI only\n");
subobj.SERVERPORT="";
}
setup_file("fedorads.inf", message, subobj.LDAPDIR + "/fedorads.inf", subobj);
setup_file("fedorads-partitions.ldif", message, subobj.LDAPDIR + "/fedorads-partitions.ldif", subobj);
slapd_command = "(see documentation)";
} else if (options["ldap-backend-type"] == "openldap") {
provision_ldapbase(subobj, message, paths);
mapping = "schema-map-openldap-2.3";
ext = "schema";
setup_file("slapd.conf", message, subobj.LDAPDIR + "/slapd.conf", subobj);
setup_file("modules.conf", message, subobj.LDAPDIR + "/modules.conf", subobj);
sys.mkdir(subobj.LDAPDIR + "/db", 0700);
subobj.LDAPDBDIR = subobj.LDAPDIR + "/db/user";
sys.mkdir(subobj.LDAPDBDIR, 0700);
sys.mkdir(subobj.LDAPDBDIR + "/bdb-logs", 0700);
sys.mkdir(subobj.LDAPDBDIR + "/tmp", 0700);
setup_file("DB_CONFIG", message, subobj.LDAPDBDIR + "/DB_CONFIG", subobj);
subobj.LDAPDBDIR = subobj.LDAPDIR + "/db/config";
sys.mkdir(subobj.LDAPDBDIR, 0700);
sys.mkdir(subobj.LDAPDBDIR + "/bdb-logs", 0700);
sys.mkdir(subobj.LDAPDBDIR + "/tmp", 0700);
setup_file("DB_CONFIG", message, subobj.LDAPDBDIR + "/DB_CONFIG", subobj);
subobj.LDAPDBDIR = subobj.LDAPDIR + "/db/schema";
sys.mkdir(subobj.LDAPDBDIR, 0700);
sys.mkdir(subobj.LDAPDBDIR + "/tmp", 0700);
sys.mkdir(subobj.LDAPDBDIR + "/bdb-logs", 0700);
setup_file("DB_CONFIG", message, subobj.LDAPDBDIR + "/DB_CONFIG", subobj);
if (options["ldap-backend-port"] != undefined) {
message("\nStart slapd with: \n");
slapd_command = "slapd -f " + subobj.LDAPDIR + "/slapd.conf -h \"ldap://0.0.0.0:" + options["ldap-backend-port"] + " " + subobj.LDAPI_URI "\"";
} else {
slapd_command = "slapd -f " + subobj.LDAPDIR + "/slapd.conf -h " + subobj.LDAPI_URI;
}
}
var schema_command = "ad2oLschema --option=convert:target=" + options["ldap-backend-type"] + " -I " + lp.get("setup directory") + "/" + mapping + " -H tdb://" + tmp_schema_ldb + " -O " + subobj.LDAPDIR + "/backend-schema." + ext;
message("\nCreate a suitable schema file with:\n%s\n", schema_command);
message("\nStart slapd with: \n%s\n", slapd_command);
message("All OK\n");
return 0;
|