[SCM] Samba Shared Repository - branch v4-0-test updated -
release-4-0-0alpha5-314-gfc6b4f0
Andrew Bartlett
abartlet at samba.org
Tue Aug 19 04:13:48 GMT 2008
The branch, v4-0-test has been updated
via fc6b4f03ebba015a13a6ab93221b0bc3ef8ef2ed (commit)
via 08257c6d6ce809fcd53f9b2b4d558fef616b74ce (commit)
via 6ed0b3f2475022288f636605492ca27fde97cd52 (commit)
from 27d07df301d60e49d36efd003f2fd2305c83c3fe (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test
- Log -----------------------------------------------------------------
commit fc6b4f03ebba015a13a6ab93221b0bc3ef8ef2ed
Merge: 08257c6d6ce809fcd53f9b2b4d558fef616b74ce 27d07df301d60e49d36efd003f2fd2305c83c3fe
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Aug 19 14:11:51 2008 +1000
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
commit 08257c6d6ce809fcd53f9b2b4d558fef616b74ce
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Aug 19 14:10:14 2008 +1000
Fix up new OpenLDAP MMR code.
This changes the MMR password from hard-coded value of 'linux',
adds tests and fixes the Fedora DS backend.
Currently the MMR password matches the admin password, but we can
change this to be another random value if required.
Also require the port to be specified on the command line, so we don't
hard-code a port of 9000.
Andrew Bartlett
commit 6ed0b3f2475022288f636605492ca27fde97cd52
Author: Oliver Liebel <oliver at itc.li>
Date: Tue Aug 19 12:03:04 2008 +1000
Generate Multi-Master Replication configuration for OpenLDAP
This patches provision-backend and the related scripts to generate the
correct configuration blobs for N-way multi-master replication using
OpenLDAP.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
-----------------------------------------------------------------------
Summary of changes:
source/scripting/python/samba/provision.py | 69 ++++++++++++++++++++--
source/setup/mmr_serverids.conf | 2 +
source/setup/mmr_syncrepl.conf | 12 ++++
source/setup/provision-backend | 7 ++-
source/setup/slapd.conf | 36 ++++++++++-
source/setup/tests/blackbox_provision-backend.sh | 1 +
6 files changed, 116 insertions(+), 11 deletions(-)
create mode 100644 source/setup/mmr_serverids.conf
create mode 100644 source/setup/mmr_syncrepl.conf
Changeset truncated at 500 lines:
diff --git a/source/scripting/python/samba/provision.py b/source/scripting/python/samba/provision.py
index 836509a..0855efe 100644
--- a/source/scripting/python/samba/provision.py
+++ b/source/scripting/python/samba/provision.py
@@ -76,7 +76,9 @@ class ProvisionPaths(object):
self.memberofconf = None
self.fedoradsinf = None
self.fedoradspartitions = None
-
+ self.olmmron = None
+ self.olmmrserveridsconf = None
+ self.olmmrsyncreplconf = None
class ProvisionNames(object):
def __init__(self):
@@ -241,9 +243,13 @@ def provision_paths_from_lp(lp, dnsdomain):
paths.memberofconf = os.path.join(paths.ldapdir,
"memberof.conf")
paths.fedoradsinf = os.path.join(paths.ldapdir,
- "fedorads.inf")
+ "fedorads.inf")
paths.fedoradspartitions = os.path.join(paths.ldapdir,
"fedorads-partitions.ldif")
+ paths.olmmrserveridsconf = os.path.join(paths.ldapdir,
+ "mmr_serverids.conf")
+ paths.olmmrsyncreplconf = os.path.join(paths.ldapdir,
+ "mmr_syncrepl.conf")
paths.hklm = "hklm.ldb"
paths.hkcr = "hkcr.ldb"
paths.hkcu = "hkcu.ldb"
@@ -331,7 +337,7 @@ def guess_names(lp=None, hostname=None, domain=None, dnsdomain=None, serverrole=
names.hostname = hostname
names.sitename = sitename
names.serverdn = "CN=%s,CN=Servers,CN=%s,CN=Sites,%s" % (netbiosname, sitename, configdn)
-
+
return names
@@ -1151,7 +1157,8 @@ def provision_backend(setup_dir=None, message=None,
smbconf=None, targetdir=None, realm=None,
rootdn=None, domaindn=None, schemadn=None, configdn=None,
domain=None, hostname=None, adminpass=None, root=None, serverrole=None,
- ldap_backend_type=None, ldap_backend_port=None):
+ ldap_backend_type=None, ldap_backend_port=None,
+ ol_mmr_urls=None):
def setup_path(file):
return os.path.join(setup_dir, file)
@@ -1265,7 +1272,51 @@ def provision_backend(setup_dir=None, message=None,
refint_config = read_and_sub_file(setup_path("refint.conf"),
{ "LINK_ATTRS" : refint_attributes})
-
+
+# generate serverids, ldap-urls and syncrepl-blocks for mmr hosts
+ mmr_on_config = ""
+ mmr_serverids_config = ""
+ mmr_syncrepl_schema_config = ""
+ mmr_syncrepl_config_config = ""
+ mmr_syncrepl_user_config = ""
+
+ if ol_mmr_urls is not None:
+ mmr_hosts=filter(None,ol_mmr_urls.split(' '))
+ if (len(mmr_hosts) == 1):
+ mmr_hosts=filter(None,ol_mmr_urls.split(','))
+
+
+ mmr_on_config = "MirrorMode On"
+
+ z=0
+ for i in mmr_hosts:
+ z=z+1
+ mmr_serverids_config += read_and_sub_file(setup_path("mmr_serverids.conf"),
+ { "SERVERID" : str(z),
+ "LDAPSERVER" : i })
+
+ z=z+1
+ mmr_syncrepl_schema_config += read_and_sub_file(setup_path("mmr_syncrepl.conf"),
+ { "RID" : str(z),
+ "MMRDN": names.schemadn,
+ "LDAPSERVER" : i,
+ "MMR_PASSWORD": adminpass})
+
+ z=z+1
+ mmr_syncrepl_config_config += read_and_sub_file(setup_path("mmr_syncrepl.conf"),
+ { "RID" : str(z),
+ "MMRDN": names.configdn,
+ "LDAPSERVER" : i,
+ "MMR_PASSWORD": adminpass})
+
+ z=z+1
+ mmr_syncrepl_user_config += read_and_sub_file(setup_path("mmr_syncrepl.conf"),
+ { "RID" : str(z),
+ "MMRDN": names.domaindn,
+ "LDAPSERVER" : i,
+ "MMR_PASSWORD": adminpass })
+
+
setup_file(setup_path("slapd.conf"), paths.slapdconf,
{"DNSDOMAIN": names.dnsdomain,
"LDAPDIR": paths.ldapdir,
@@ -1273,8 +1324,14 @@ def provision_backend(setup_dir=None, message=None,
"CONFIGDN": names.configdn,
"SCHEMADN": names.schemadn,
"MEMBEROF_CONFIG": memberof_config,
+ "MIRRORMODE": mmr_on_config,
+ "MMR_SERVERIDS_CONFIG": mmr_serverids_config,
+ "MMR_SYNCREPL_SCHEMA_CONFIG": mmr_syncrepl_schema_config,
+ "MMR_SYNCREPL_CONFIG_CONFIG": mmr_syncrepl_config_config,
+ "MMR_SYNCREPL_USER_CONFIG": mmr_syncrepl_user_config,
+ "MMR_PASSWORD": adminpass,
"REFINT_CONFIG": refint_config})
- setup_file(setup_path("modules.conf"), paths.modulesconf,
+ setup_file(setup_path("modules.conf"), paths.modulesconf,
{"REALM": names.realm})
setup_db_config(setup_path, os.path.join(paths.ldapdir, "db", "user"))
diff --git a/source/setup/mmr_serverids.conf b/source/setup/mmr_serverids.conf
new file mode 100644
index 0000000..c6d1401
--- /dev/null
+++ b/source/setup/mmr_serverids.conf
@@ -0,0 +1,2 @@
+# Generated from template mmr_serverids.conf
+ServerID ${SERVERID} "${LDAPSERVER}"
diff --git a/source/setup/mmr_syncrepl.conf b/source/setup/mmr_syncrepl.conf
new file mode 100644
index 0000000..5fa8b8f
--- /dev/null
+++ b/source/setup/mmr_syncrepl.conf
@@ -0,0 +1,12 @@
+# Generated from template mmr_syncrepl.conf
+
+syncrepl rid=${RID}
+ provider="${LDAPSERVER}"
+ searchbase="${MMRDN}"
+ type=refreshAndPersist
+ retry="10 +"
+ bindmethod=simple
+ binddn="CN=Manager,${MMRDN}"
+ credentials="${MMR_PASSWORD}"
+
+
diff --git a/source/setup/provision-backend b/source/setup/provision-backend
index 845dc86..049b875 100755
--- a/source/setup/provision-backend
+++ b/source/setup/provision-backend
@@ -64,6 +64,9 @@ parser.add_option("--server-role", type="choice", metavar="ROLE",
help="Set server role to provision for (default standalone)")
parser.add_option("--targetdir", type="string", metavar="DIR",
help="Set target directory")
+parser.add_option("--ol-mmr-urls", type="string", metavar="LDAPSERVER",
+ help="List of LDAP-URLS separated with whitespaces for Use with OpenLDAP-MMR")
+
opts = parser.parse_args()[0]
@@ -99,4 +102,6 @@ provision_backend(setup_dir=setup_dir, message=message, smbconf=smbconf, targetd
adminpass=opts.ldap_admin_pass,
root=opts.root, serverrole=server_role,
ldap_backend_type=opts.ldap_backend_type,
- ldap_backend_port=opts.ldap_backend_port)
+ ldap_backend_port=opts.ldap_backend_port,
+ ol_mmr_urls=opts.ol_mmr_urls)
+
diff --git a/source/setup/slapd.conf b/source/setup/slapd.conf
index 4dcfd2a..141c0cd 100644
--- a/source/setup/slapd.conf
+++ b/source/setup/slapd.conf
@@ -1,5 +1,10 @@
loglevel 0
+### Multimaster-ServerIDs and URLs ###
+
+${MMR_SERVERIDS_CONFIG}
+
+
include ${LDAPDIR}/backend-schema.schema
pidfile ${LDAPDIR}/slapd.pid
@@ -52,10 +57,12 @@ suffix cn=Samba
directory ${LDAPDIR}/db/samba
rootdn cn=Manager,cn=Samba
-
+########################################
+### cn=schema ###
database hdb
suffix ${SCHEMADN}
rootdn cn=Manager,${SCHEMADN}
+rootpw "${MMR_PASSWORD}"
directory ${LDAPDIR}/db/schema
index objectClass eq
index samAccountName eq
@@ -64,16 +71,25 @@ index objectCategory eq
index lDAPDisplayName eq
index subClassOf eq
index cn eq
+index entryUUID,entryCSN eq
#syncprov is stable in OpenLDAP 2.3, and available in 2.2.
#We only need this for the contextCSN attribute anyway....
overlay syncprov
-syncprov-checkpoint 100 10
syncprov-sessionlog 100
+# syncprov-checkpoint 100 10
+
+### Multimaster-Replication of cn=schema Subcontext ###
+${MMR_SYNCREPL_SCHEMA_CONFIG}
+${MIRRORMODE}
+
+#########################################
+### cn=config ###
database hdb
suffix ${CONFIGDN}
rootdn cn=Manager,${CONFIGDN}
+rootpw "${MMR_PASSWORD}"
directory ${LDAPDIR}/db/config
index objectClass eq
index samAccountName eq
@@ -85,16 +101,24 @@ index subClassOf eq
index dnsRoot eq
index nETBIOSName eq
index cn eq
+index entryUUID,entryCSN eq
#syncprov is stable in OpenLDAP 2.3, and available in 2.2.
#We only need this for the contextCSN attribute anyway....
overlay syncprov
-syncprov-checkpoint 100 10
syncprov-sessionlog 100
+# syncprov-checkpoint 100 10
+
+### Multimaster-Replication of cn=config Subcontext ###
+${MMR_SYNCREPL_CONFIG_CONFIG}
+${MIRRORMODE}
+########################################
+### cn=users /base-dn ###
database hdb
suffix ${DOMAINDN}
rootdn cn=Manager,${DOMAINDN}
+rootpw "${MMR_PASSWORD}"
directory ${LDAPDIR}/db/user
index objectClass eq
index samAccountName eq
@@ -110,10 +134,14 @@ index subClassOf eq
index dnsRoot eq
index nETBIOSName eq
index cn eq
+index entryUUID,entryCSN eq
#syncprov is stable in OpenLDAP 2.3, and available in 2.2.
#We only need this for the contextCSN attribute anyway....
overlay syncprov
-syncprov-checkpoint 100 10
syncprov-sessionlog 100
+# syncprov-checkpoint 100 10
+### Multimaster-Replication of cn=user/base-dn context ###
+${MMR_SYNCREPL_USER_CONFIG}
+${MIRRORMODE}
diff --git a/source/setup/tests/blackbox_provision-backend.sh b/source/setup/tests/blackbox_provision-backend.sh
index 312ca5c..04f22db 100755
--- a/source/setup/tests/blackbox_provision-backend.sh
+++ b/source/setup/tests/blackbox_provision-backend.sh
@@ -13,6 +13,7 @@ shift 1
. `dirname $0`/../../../testprogs/blackbox/subunit.sh
testit "openldap-backend" $PYTHON ./setup/provision-backend --domain=FOO --realm=foo.example.com --host-name=samba --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend
+testit "openldap-mmr-backend" $PYTHON ./setup/provision-backend --domain=FOO --realm=foo.example.com --host-name=samba --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-mmr-backend --ol-mmr-urls='ldap://localdc1:9000,ldap://localdc2:9000,ldap://localdc3:9000'
testit "fedora-ds-backend" $PYTHON ./setup/provision-backend --domain=FOO --realm=foo.example.com --host-name=samba --ldap-backend-type=fedora-ds --targetdir=$PREFIX/fedora-ds-backend
reprovision() {
--
Samba Shared Repository
More information about the samba-cvs
mailing list