admserv/newinst/src/AdminServer.pm.in | 71 ++++++++++++++-------------
admserv/newinst/src/AdminUtil.pm.in | 2
admserv/newinst/src/register-ds-admin.pl.in | 10 ++-
admserv/newinst/src/register-ds-admin.res.in | 4 +
4 files changed, 51 insertions(+), 36 deletions(-)
New commits:
commit 6a3de6820d086770083b681c56e6b0a2c2ea831c
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Mon Oct 7 16:46:41 2013 -0600
Ticket #418 Error with register-ds-admin.pl
https://fedorahosted.org/389/ticket/418
Reviewed by: nhosoi (Thanks!)
Branch: master
Fix Description: Make sure the inf given to the registration procedure has
the keys ConfigDirectoryAdminID and ServerAdminID. In addition, do not
display .removed slapd instances for registration, and clean up the
messages.
Platforms tested: RHEL6 x86_64
Flag Day: no
Doc impact: no
diff --git a/admserv/newinst/src/AdminUtil.pm.in b/admserv/newinst/src/AdminUtil.pm.in
index 27130e0..d370f9e 100644
--- a/admserv/newinst/src/AdminUtil.pm.in
+++ b/admserv/newinst/src/AdminUtil.pm.in
@@ -760,6 +760,8 @@ sub registerScatteredDSWithConfigDS {
$instinf->{General}->{ConfigDirectoryLdapURL} =
$inf->{General}->{ConfigDirectoryLdapURL};
$instinf->{General}->{AdminDomain} =
$inf->{General}->{AdminDomain};
+ $instinf->{General}->{ConfigDirectoryAdminID} =
$inf->{General}->{ConfigDirectoryAdminID};
+ $instinf->{General}->{ServerAdminID} =
$inf->{General}->{ServerAdminID};
if (!registerDSWithConfigDS($dsinst, $errs, $instinf,
$conn, $admConf, $configdir)) {
return 0;
diff --git a/admserv/newinst/src/register-ds-admin.pl.in
b/admserv/newinst/src/register-ds-admin.pl.in
index 0cc251b..45ca806 100644
--- a/admserv/newinst/src/register-ds-admin.pl.in
+++ b/admserv/newinst/src/register-ds-admin.pl.in
@@ -110,7 +110,7 @@ my $instconfigdir = $setup->{configdir};
my %instances = ();
for my $dir (glob("$setup->{configdir}/slapd-*"))
{
- if (-d $dir)
+ if (-d $dir and ($dir !~ /.removed$/))
{
my $dname = dirname($dir);
my $bname = basename($dir);
@@ -131,7 +131,7 @@ while ( !$done && ($ans = reg_get_response($setup,
'subds_conf_prompt', "@instc
{
;
}
- elsif ( basename($ans) =~ /^slapd-/ )
+ elsif ( (basename($ans) =~ /^slapd-/) and ($ans !~ /.removed$/) )
{
my $dname = dirname($ans);
my $bname = basename($ans);
@@ -167,7 +167,7 @@ out0:
my $file = "";
while ( defined($file = readdir(DIR)) )
{
- next if ( !("$file" =~ /^slapd-/) );
+ next if ( !("$file" =~ /^slapd-/) or ($file =~ /.removed$/) );
if ( exists $instances{$ans} )
{
my $addit = 1;
@@ -486,6 +486,10 @@ foreach my $subconfdir (keys %instances)
}
}
+ if (!$done and !@errs) {
+ $setup->msg('post_create_subds', $subinst, $subinst);
+ }
+
# add the aci that allows the admin user to administer the server
@errs = ();
if (!addConfigACIsToSubDS($setup->{inf}, \@errs)) {
diff --git a/admserv/newinst/src/register-ds-admin.res.in
b/admserv/newinst/src/register-ds-admin.res.in
index 56bb0f2..df022bf 100644
--- a/admserv/newinst/src/register-ds-admin.res.in
+++ b/admserv/newinst/src/register-ds-admin.res.in
@@ -14,7 +14,7 @@ register_subds = Registering Sub DSes:
end_ds_registration = Finished registration of the Directory Server
-input_rootdn_passwd = Input the Directory Server password on the server %s:
+input_rootdn_passwd = Input the Directory Manager password on the server %s:
input_rootdn_passwd_sub = If you want to register the server %s, input the Directory
Manager password on the server.\n\nIf you don't, type return.\n[Directory Manager
password on %s or return]:
@@ -39,3 +39,5 @@ error_register_configds = Error: failed to register the configuration
server inf
error_register_subds = Error: failed to register the additional server info to the
Configuration Directory Server %s.\n
error_unregister_ds = Error: failed to clean up the configuration info from the old
Configuration\nDirectory Server %s.\n
+
+post_create_subds = Instance '%s' was registered.\n\nYou must restart
'%s' in order to complete console registration.\n
commit 6b672320ac31bd111f09f5d1122eae3d14bbd0ca
Author: Wes Hardin <wes.hardin(a)maxim-ic.com>
Date: Mon May 21 10:50:22 2012 -0500
fix for bug 377 - Unchecked use of SELinux command
Reviewed by: rmeggins
diff --git a/admserv/newinst/src/AdminServer.pm.in
b/admserv/newinst/src/AdminServer.pm.in
index 937df8a..1d7d06f 100644
--- a/admserv/newinst/src/AdminServer.pm.in
+++ b/admserv/newinst/src/AdminServer.pm.in
@@ -696,26 +696,30 @@ sub removeAdminServer {
# turn off the switch to allow admin server to connect to the ldap port
$? = 0; # clear error
- my $cmd = "getsebool httpd_can_connect_ldap";
- my $output = `$cmd 2>&1`;
- chomp($output);
- if ($output =~ /Error getting active value for httpd_can_connect_ldap/) {
- # this version of selinux does not support the boolean value
- debug(1, "This version of selinux does not support
httpd_can_connect_ldap\n");
- } elsif ($?) {
- $setup->msg($SetupLog::WARN, 'error_running_command', $cmd,
$output, $!);
- } elsif ($output =~ /on$/) {
- $cmd = "setsebool -P httpd_can_connect_ldap off";
- $? = 0; # clear error
- $output = `$cmd 2>&1`;
+
+ $rc = system("/usr/sbin/selinuxenabled");
+ if ($rc == 0) {
+ my $cmd = "getsebool httpd_can_connect_ldap";
+ my $output = `$cmd 2>&1`;
chomp($output);
- if ($?) {
+ if ($output =~ /Error getting active value for httpd_can_connect_ldap/) {
+ # this version of selinux does not support the boolean value
+ debug(1, "This version of selinux does not support
httpd_can_connect_ldap\n");
+ } elsif ($?) {
$setup->msg($SetupLog::WARN, 'error_running_command', $cmd,
$output, $!);
+ } elsif ($output =~ /on$/) {
+ $cmd = "setsebool -P httpd_can_connect_ldap off";
+ $? = 0; # clear error
+ $output = `$cmd 2>&1`;
+ chomp($output);
+ if ($?) {
+ $setup->msg($SetupLog::WARN, 'error_running_command',
$cmd, $output, $!);
+ } else {
+ debug(1, "$cmd was successful\n");
+ }
} else {
- debug(1, "$cmd was successful\n");
+ debug(1, "selinux boolean httpd_can_connect_ldap is already off -
$output\n");
}
- } else {
- debug(1, "selinux boolean httpd_can_connect_ldap is already off -
$output\n");
}
}
@@ -809,26 +813,29 @@ sub updateSelinuxPolicy {
# turn on the switch to allow admin server to connect to the ldap port
$? = 0; # clear error
- my $cmd = "getsebool httpd_can_connect_ldap";
- my $output = `$cmd 2>&1`;
- chomp($output);
- if ($output =~ /Error getting active value for httpd_can_connect_ldap/) {
- # this version of selinux does not support the boolean value
- debug(1, "This version of selinux does not support
httpd_can_connect_ldap\n");
- } elsif ($?) {
- $setup->msg($SetupLog::WARN, 'error_running_command', $cmd,
$output, $!);
- } elsif ($output =~ /off$/) {
- $cmd = "setsebool -P httpd_can_connect_ldap on";
- $? = 0; # clear error
- $output = `$cmd 2>&1`;
+ $rc = system("/usr/sbin/selinuxenabled");
+ if ($rc == 0) {
+ my $cmd = "getsebool httpd_can_connect_ldap";
+ my $output = `$cmd 2>&1`;
chomp($output);
- if ($?) {
+ if ($output =~ /Error getting active value for httpd_can_connect_ldap/) {
+ # this version of selinux does not support the boolean value
+ debug(1, "This version of selinux does not support
httpd_can_connect_ldap\n");
+ } elsif ($?) {
$setup->msg($SetupLog::WARN, 'error_running_command', $cmd,
$output, $!);
+ } elsif ($output =~ /off$/) {
+ $cmd = "setsebool -P httpd_can_connect_ldap on";
+ $? = 0; # clear error
+ $output = `$cmd 2>&1`;
+ chomp($output);
+ if ($?) {
+ $setup->msg($SetupLog::WARN, 'error_running_command',
$cmd, $output, $!);
+ } else {
+ debug(1, "$cmd was successful\n");
+ }
} else {
- debug(1, "$cmd was successful\n");
+ debug(1, "selinux boolean httpd_can_connect_ldap is already on -
$output\n");
}
- } else {
- debug(1, "selinux boolean httpd_can_connect_ldap is already on -
$output\n");
}
}
}