diff --git a/ldif/dns_base.ldif b/ldif/dns_base.ldif new file mode 100644 index 0000000..c1be993 --- /dev/null +++ b/ldif/dns_base.ldif @@ -0,0 +1,19 @@ +# DNS server + +dn: #-ld_dns_dn-# +objectClass: top +objectClass: organizationalUnit +ou: #-ld_dns_login-# +userPassword: #-ld_dns_hash-# + +# Forward +dn: ou=Forward,#-ld_dns_dn-# +objectClass: top +objectClass: organizationalUnit +ou: Forward + +# Reverse +dn: ou=Reverse,#-ld_dns_dn-# +objectClass: top +objectClass: organizationalUnit +ou: Reverse \ No newline at end of file diff --git a/profile/ftp/etc/openldap/slapd.conf b/profile/ftp/etc/openldap/slapd.conf index a712226..012048a 100644 --- a/profile/ftp/etc/openldap/slapd.conf +++ b/profile/ftp/etc/openldap/slapd.conf @@ -13,6 +13,9 @@ include /etc/openldap/schema/samba.schema #?sr_mail_set==on||cl_pass_service==mail# include /etc/openldap/schema/mail.schema #sr_mail_set# +#?sr_dns_set==on||cl_pass_service==dns# +include /etc/openldap/schema/dnszone.schema +#sr_dns_set# #?pkg(openldap)<2.4#schemacheck on#pkg# pidfile /var/run/openldap/slapd.pid @@ -44,6 +47,9 @@ access to attrs=userPassword #?sr_proxy_set==on||cl_pass_service==proxy# by dn="#-ld_proxy_dn-#" read #sr_proxy_set# +#?sr_dns_set==on||cl_pass_service==dns# + by dn="#-ld_dns_dn-#" read +#sr_dns_set# #Доступ к аттрибуту password репликатора #?pkg(openldap)>2.4&ld_repl_set==on&ld_repl_id!=# by dn="#-ld_repl_dn-#" write @@ -149,6 +155,14 @@ access to dn.regex=".*#-ld_proxy_dn-#$" by * none #sr_proxy_set# +# Доступ к ветке DNS +#?sr_dns_set==on||cl_pass_service==dns# +access to dn.regex=".*#-ld_dns_dn-#$" + by dn="#-ld_admin_dn-#" write + by dn="#-ld_dns_dn-#" read + by * none +#sr_dns_set# + # Доступ к ветке Replication #?pkg(openldap)>2.4&ld_repl_set==on&ld_repl_id!=# access to dn.regex=".*#-ld_repl_dn-#$" diff --git a/profile/jabber/etc/openldap/slapd.conf b/profile/jabber/etc/openldap/slapd.conf index a712226..012048a 100644 --- a/profile/jabber/etc/openldap/slapd.conf +++ b/profile/jabber/etc/openldap/slapd.conf @@ -13,6 +13,9 @@ include /etc/openldap/schema/samba.schema #?sr_mail_set==on||cl_pass_service==mail# include /etc/openldap/schema/mail.schema #sr_mail_set# +#?sr_dns_set==on||cl_pass_service==dns# +include /etc/openldap/schema/dnszone.schema +#sr_dns_set# #?pkg(openldap)<2.4#schemacheck on#pkg# pidfile /var/run/openldap/slapd.pid @@ -44,6 +47,9 @@ access to attrs=userPassword #?sr_proxy_set==on||cl_pass_service==proxy# by dn="#-ld_proxy_dn-#" read #sr_proxy_set# +#?sr_dns_set==on||cl_pass_service==dns# + by dn="#-ld_dns_dn-#" read +#sr_dns_set# #Доступ к аттрибуту password репликатора #?pkg(openldap)>2.4&ld_repl_set==on&ld_repl_id!=# by dn="#-ld_repl_dn-#" write @@ -149,6 +155,14 @@ access to dn.regex=".*#-ld_proxy_dn-#$" by * none #sr_proxy_set# +# Доступ к ветке DNS +#?sr_dns_set==on||cl_pass_service==dns# +access to dn.regex=".*#-ld_dns_dn-#$" + by dn="#-ld_admin_dn-#" write + by dn="#-ld_dns_dn-#" read + by * none +#sr_dns_set# + # Доступ к ветке Replication #?pkg(openldap)>2.4&ld_repl_set==on&ld_repl_id!=# access to dn.regex=".*#-ld_repl_dn-#$" diff --git a/profile/mail/etc/openldap/slapd.conf b/profile/mail/etc/openldap/slapd.conf index a712226..012048a 100644 --- a/profile/mail/etc/openldap/slapd.conf +++ b/profile/mail/etc/openldap/slapd.conf @@ -13,6 +13,9 @@ include /etc/openldap/schema/samba.schema #?sr_mail_set==on||cl_pass_service==mail# include /etc/openldap/schema/mail.schema #sr_mail_set# +#?sr_dns_set==on||cl_pass_service==dns# +include /etc/openldap/schema/dnszone.schema +#sr_dns_set# #?pkg(openldap)<2.4#schemacheck on#pkg# pidfile /var/run/openldap/slapd.pid @@ -44,6 +47,9 @@ access to attrs=userPassword #?sr_proxy_set==on||cl_pass_service==proxy# by dn="#-ld_proxy_dn-#" read #sr_proxy_set# +#?sr_dns_set==on||cl_pass_service==dns# + by dn="#-ld_dns_dn-#" read +#sr_dns_set# #Доступ к аттрибуту password репликатора #?pkg(openldap)>2.4&ld_repl_set==on&ld_repl_id!=# by dn="#-ld_repl_dn-#" write @@ -149,6 +155,14 @@ access to dn.regex=".*#-ld_proxy_dn-#$" by * none #sr_proxy_set# +# Доступ к ветке DNS +#?sr_dns_set==on||cl_pass_service==dns# +access to dn.regex=".*#-ld_dns_dn-#$" + by dn="#-ld_admin_dn-#" write + by dn="#-ld_dns_dn-#" read + by * none +#sr_dns_set# + # Доступ к ветке Replication #?pkg(openldap)>2.4&ld_repl_set==on&ld_repl_id!=# access to dn.regex=".*#-ld_repl_dn-#$" diff --git a/profile/proxy/etc/openldap/slapd.conf b/profile/proxy/etc/openldap/slapd.conf index a712226..012048a 100644 --- a/profile/proxy/etc/openldap/slapd.conf +++ b/profile/proxy/etc/openldap/slapd.conf @@ -13,6 +13,9 @@ include /etc/openldap/schema/samba.schema #?sr_mail_set==on||cl_pass_service==mail# include /etc/openldap/schema/mail.schema #sr_mail_set# +#?sr_dns_set==on||cl_pass_service==dns# +include /etc/openldap/schema/dnszone.schema +#sr_dns_set# #?pkg(openldap)<2.4#schemacheck on#pkg# pidfile /var/run/openldap/slapd.pid @@ -44,6 +47,9 @@ access to attrs=userPassword #?sr_proxy_set==on||cl_pass_service==proxy# by dn="#-ld_proxy_dn-#" read #sr_proxy_set# +#?sr_dns_set==on||cl_pass_service==dns# + by dn="#-ld_dns_dn-#" read +#sr_dns_set# #Доступ к аттрибуту password репликатора #?pkg(openldap)>2.4&ld_repl_set==on&ld_repl_id!=# by dn="#-ld_repl_dn-#" write @@ -149,6 +155,14 @@ access to dn.regex=".*#-ld_proxy_dn-#$" by * none #sr_proxy_set# +# Доступ к ветке DNS +#?sr_dns_set==on||cl_pass_service==dns# +access to dn.regex=".*#-ld_dns_dn-#$" + by dn="#-ld_admin_dn-#" write + by dn="#-ld_dns_dn-#" read + by * none +#sr_dns_set# + # Доступ к ветке Replication #?pkg(openldap)>2.4&ld_repl_set==on&ld_repl_id!=# access to dn.regex=".*#-ld_repl_dn-#$" diff --git a/profile/samba/etc/openldap/slapd.conf b/profile/samba/etc/openldap/slapd.conf index a712226..012048a 100644 --- a/profile/samba/etc/openldap/slapd.conf +++ b/profile/samba/etc/openldap/slapd.conf @@ -13,6 +13,9 @@ include /etc/openldap/schema/samba.schema #?sr_mail_set==on||cl_pass_service==mail# include /etc/openldap/schema/mail.schema #sr_mail_set# +#?sr_dns_set==on||cl_pass_service==dns# +include /etc/openldap/schema/dnszone.schema +#sr_dns_set# #?pkg(openldap)<2.4#schemacheck on#pkg# pidfile /var/run/openldap/slapd.pid @@ -44,6 +47,9 @@ access to attrs=userPassword #?sr_proxy_set==on||cl_pass_service==proxy# by dn="#-ld_proxy_dn-#" read #sr_proxy_set# +#?sr_dns_set==on||cl_pass_service==dns# + by dn="#-ld_dns_dn-#" read +#sr_dns_set# #Доступ к аттрибуту password репликатора #?pkg(openldap)>2.4&ld_repl_set==on&ld_repl_id!=# by dn="#-ld_repl_dn-#" write @@ -149,6 +155,14 @@ access to dn.regex=".*#-ld_proxy_dn-#$" by * none #sr_proxy_set# +# Доступ к ветке DNS +#?sr_dns_set==on||cl_pass_service==dns# +access to dn.regex=".*#-ld_dns_dn-#$" + by dn="#-ld_admin_dn-#" write + by dn="#-ld_dns_dn-#" read + by * none +#sr_dns_set# + # Доступ к ветке Replication #?pkg(openldap)>2.4&ld_repl_set==on&ld_repl_id!=# access to dn.regex=".*#-ld_repl_dn-#$" diff --git a/profile/unix/etc/openldap/slapd.conf b/profile/unix/etc/openldap/slapd.conf index a712226..012048a 100644 --- a/profile/unix/etc/openldap/slapd.conf +++ b/profile/unix/etc/openldap/slapd.conf @@ -13,6 +13,9 @@ include /etc/openldap/schema/samba.schema #?sr_mail_set==on||cl_pass_service==mail# include /etc/openldap/schema/mail.schema #sr_mail_set# +#?sr_dns_set==on||cl_pass_service==dns# +include /etc/openldap/schema/dnszone.schema +#sr_dns_set# #?pkg(openldap)<2.4#schemacheck on#pkg# pidfile /var/run/openldap/slapd.pid @@ -44,6 +47,9 @@ access to attrs=userPassword #?sr_proxy_set==on||cl_pass_service==proxy# by dn="#-ld_proxy_dn-#" read #sr_proxy_set# +#?sr_dns_set==on||cl_pass_service==dns# + by dn="#-ld_dns_dn-#" read +#sr_dns_set# #Доступ к аттрибуту password репликатора #?pkg(openldap)>2.4&ld_repl_set==on&ld_repl_id!=# by dn="#-ld_repl_dn-#" write @@ -149,6 +155,14 @@ access to dn.regex=".*#-ld_proxy_dn-#$" by * none #sr_proxy_set# +# Доступ к ветке DNS +#?sr_dns_set==on||cl_pass_service==dns# +access to dn.regex=".*#-ld_dns_dn-#$" + by dn="#-ld_admin_dn-#" write + by dn="#-ld_dns_dn-#" read + by * none +#sr_dns_set# + # Доступ к ветке Replication #?pkg(openldap)>2.4&ld_repl_set==on&ld_repl_id!=# access to dn.regex=".*#-ld_repl_dn-#$" diff --git a/pym/cl_fill_server.py b/pym/cl_fill_server.py index f6b7ddf..2e6b488 100644 --- a/pym/cl_fill_server.py +++ b/pym/cl_fill_server.py @@ -552,3 +552,45 @@ class fillVars(object, cl_base.glob_attr): if userJid: return userJid.partition('@')[0] return "" + + def get_ld_dns_dn(self): + """DN сервиса DNS""" + return "ou=%s,%s" %(self.Get('ld_dns_login'), + self.Get('ld_services_dn')) + + def get_ld_dns_pw(self): + """пароль администратора сервиса DNS""" + return cl_utils.genpassword().strip() + + def get_ld_dns_hash(self): + """hash пароля администратора сервиса DNS""" + return self.getHash(self.Get('ld_dns_pw'), self.Get('ld_encrypt')) + + def get_sr_dns_net_allow(self): + """Доступные сети для сервиса DNS""" + netAllow = self.Get("os_net_allow") + if netAllow: + return netAllow + return "" + + def get_sr_dns_net_allow_pass(self): + """Текст в named.conf - доступные сети""" + def getNetAllow(): + netAllow = netAllow.split(",") + foundLoc = False + for net in netAllow: + if net[:4] == '127.': + foundLoc = True + break + if not foundLoc: + netAllow.append("127.0.0.1") + netAllow = map(lambda x: "\t\t%s;"%x,netAllow) + netAllow = "\n".join(netAllow) + return "\tlisten-on {\n%s\n\t};"%netAllow + netAllow = self.Get("sr_dns_net_allow") + if netAllow: + return getNetAllow() + netAllow = self.Get("os_net_allow") + if netAllow: + return getNetAllow() + return "\tlisten-on { 127.0.0.1; };" \ No newline at end of file diff --git a/pym/cl_ldap.py b/pym/cl_ldap.py index d91b486..4ae2c82 100644 --- a/pym/cl_ldap.py +++ b/pym/cl_ldap.py @@ -42,7 +42,7 @@ import tempfile # Вывод в строку ввода import readline -Version = "calculate-server 2.1.3" +Version = "calculate-server 2.1.4" tr = cl_base.lang() tr.setLanguage(sys.modules[__name__]) @@ -399,7 +399,8 @@ in a sambaDomainName', # инсталированнные сервисы servInstalled = [] # доступные сервисы - services = ('ldap', 'unix', 'samba', 'mail', 'jabber', 'ftp', 'proxy') + services = ('ldap', 'unix', 'samba', 'mail', + 'jabber', 'ftp', 'proxy', 'dns') for serv in services: if self.clVars.Get("sr_%s_set"%serv) == "on": servInstalled.append(serv) @@ -894,6 +895,17 @@ in a sambaDomainName', _("service is not stopped")) flagError = True break + elif service == "dns": + if self.getRunDaemons(["named"]): + textLines = self.execProg("/etc/init.d/named stop",False, + False) + if not (textLines and type(textLines) == types.ListType and\ + "ok" in textLines[-1] or textLines and\ + "ok" in textLines): + self.printERROR( "DNS" + " " + + _("service is not stopped")) + flagError = True + break elif self.getRunService(service): stopService = service textLines = self.execProg("/etc/init.d/%s stop" %(stopService), @@ -972,7 +984,8 @@ in a sambaDomainName', if os.path.exists(baselayoutDir): addDirDict["ejabberd"] = (baselayoutDir,"ejabberd") addDirDict["samba"] = (baselayoutDir,"samba") - elif daemon in ["ejabberd", "samba"]: + addDirDict["named"] = (baselayoutDir,"named") + elif daemon in ["ejabberd", "samba", "named"]: if not os.system("/lib/rc/bin/service_started %s" %daemon): runDaemons[daemon] = True else: @@ -8417,6 +8430,7 @@ class cl_ldap(shareLdap): (_("Jabber service options"),True,1,1,"options"), (_("FTP service options"),True,1,1,"options"), (_("Proxy service options"),True,1,1,"options"), + (_("DNS service options"),True,1,1,"options"), (_("Services"),True,1,0,"") ] @@ -8454,6 +8468,8 @@ class cl_ldap(shareLdap): _("FTP service options")], "proxy":[_("Common options"), _("Proxy service options")], + "dns":[_("Common options"), + _("DNS service options")], } # Cвязь длинных опций помощи и выводимых разделов помощи с опциями self.relOptions = {"h":[_("Common options")], @@ -8467,10 +8483,12 @@ class cl_ldap(shareLdap): _("Mail service options")], "help-jabber":[_("Common options"), _("Jabber service options")], - "help-ftp":[_("Common options"), + "help-ftp":[_("Common opProxytions"), _("FTP service options")], "help-proxy":[_("Common options"), _("Proxy service options")], + "help-dns":[_("Common options"), + _("DNS service options")], "help-all":[_("Common options"), _("Samba service options"), _("LDAP service options"), @@ -8479,6 +8497,7 @@ class cl_ldap(shareLdap): _("Jabber service options"), _("FTP service options"), _("Proxy service options"), + _("DNS service options"), ] } @@ -8533,6 +8552,10 @@ class cl_ldap(shareLdap): 'helpChapter':_("Common options"), 'help':_("display help for Proxy service options") }, + {'longOption':"help-dns", + 'helpChapter':_("Common options"), + 'help':_("display help for DNS service options") + }, {'progAccess':(0,), 'shortOption':"f", 'longOption':"force", @@ -9263,6 +9286,12 @@ the password will be changed only for Samba account") 'helpChapter':_("Proxy service options"), 'help':_("enter the allowed ip addresses and network") }, + {'progAccess':(6,), + 'shortOption':"a", + 'longOption':"allow", + 'helpChapter':_("DNS service options"), + 'help':_("enter the allowed ip addresses and network") + }, {'progAccess':(6,), 'shortOption':"p", 'longOption':"port", @@ -9276,6 +9305,12 @@ the password will be changed only for Samba account") 'helpChapter':_("LDAP service options"), 'help':_("forced setup service") }, + {'progAccess':(6,), + 'shortOption':"f", + 'longOption':"force", + 'helpChapter':_("DNS service options"), + 'help':_("forced setup service") + }, {'progAccess':(6,), 'shortOption':"n", 'longOption':"netbios", @@ -9664,13 +9699,13 @@ file") #'helpChapter':_("Common options"), #'help':_("show enviroment values (filter for type, all - no filter)") #}, + # Services {'progAccess':(6,), 'helpChapter':_("Services"), 'help':pcs(" ldap", self.column_width, "ldap " + servName, self.consolewidth-self.column_width) }, - {'progAccess':(0,1,2,3,4,5,6,7,9,12,14), 'helpChapter':_("Services"), 'help':pcs(" unix", self.column_width, @@ -9701,6 +9736,11 @@ file") 'help':pcs(" proxy", self.column_width, "proxy " + servName, self.consolewidth-self.column_width) }, + {'progAccess':(6,), + 'helpChapter':_("Services"), + 'help':pcs(" dns", self.column_width, + "dns " + servName, self.consolewidth-self.column_width) + }, ##{'helpChapter':_("Services"), ##'help':" mail \t\t\tmail " + servName + "\n" ##}, @@ -12861,7 +12901,6 @@ class servProxy(shareLdap): self.relUsersDN = self.addDN(self.relUsDN, self.relDN) # DN групп пользователей, относительно базового DN self.relGroupsDN = self.addDN(self.relGrDN, self.relDN) - # Директория хранения писем if unixObj: # получаем объект сервиса Unix self.servUnixObj = unixObj @@ -12870,7 +12909,8 @@ class servProxy(shareLdap): self.servUnixObj = servUnix() def connectToLDAP(self, adminDn, adminPw): - """Подключаемся к LDAP""" + """Подключаемся к LDAP - для внешних программ запускающихся не от root + """ ldapObj = ldapFunction(adminDn, adminPw) # Генератор задержек wait = self.genSleep() @@ -13658,6 +13698,179 @@ group'), self.printOK(_("Proxy service configured") + " ...") return True +class servDNS(shareLdap): + """Методы сервиса DNS""" + # Прямые зоны + relFwdDN = 'ou=Forward' + # Обратные зоны + relRevDN = 'ou=Reverse' + relServDN = 'ou=DNS' + ldifFileBase = "/usr/lib/calculate/calculate-server/ldif/dns_base.ldif" + + def __init__(self): + shareLdap.__init__(self) + # DN сервиса + self.relDN = self.addDN(self.relServDN,self.ServicesDN) + # DN прямых зон, относительно базового DN + self.relForwardDN = self.addDN(self.relFwdDN, self.relDN) + # DN обратных зон, относительно базового DN + self.relReverseDN = self.addDN(self.relRevDN, self.relDN) + + + def getAllowNet(self): + """Получаем от пользователя доверительные сети + + и устанавливаем переменную профилей sr_dns_net_allow + + self.clVars должен быть определен + """ + print _("Enter the allowed ip addresses and network for %s service")\ + %"DNS" + " (" + _("comma or space delimited") + ")" + strPrompt = _("allow networks: ") + netAllow = self.clVars.Get("sr_dns_net_allow") + strNetAllow = "" + if netAllow: + strNetAllow = netAllow.replace(","," ") + allowNet = self.getUserAllowNetwork(strPrompt, strNetAllow) + if not allowNet: + return False + # Установка переменной доступные сети + allowNet = ",".join(allowNet) + self.clVars.Set("sr_dns_net_allow", allowNet ,True) + return allowNet + + + def setupDnsServer(self, options): + """Начальная настройка DNS сервиса""" + # Принудительная установка + forceOptions = False + if options.has_key("f"): + forceOptions = True + # Создаем объект переменных + self.createClVars() + if self.clVars.Get("sr_ldap_set") != "on": + self.printERROR(_("LDAP service is not setuped")) + self.printWARNING(_("Setup LDAP service")) + self.printWARNING(" cl-setup ldap") + return False + # В случае если сервер установлен + if self.clVars.Get("sr_dns_set") == "on" and\ + not forceOptions: + self.printWARNING (_("WARNING") + ": " +\ + _("DNS server is configured")+ ".") + return True + # Доверительные сети по умолчанию + allowNet = self.clVars.Get("os_net_allow") + if not forceOptions: + # предупреждение при выполнении этой программы будут изменены + # конфигурационные файлы сервиса Proxy (программa squid) + self.printWARNING (_("WARNING") + ": " + + _("Executing of the program will change") + " " + + _("the configuration files of DNS service") +" ("+ + _("program bind") + ")." ) + # если вы готовы продолжить работу программы нажмите Y если нет n + messDialog = \ + _("If you are ready to continue executing the program") + ", "+\ + _("input 'yes'") +", "+ _("if not 'no'") + if not self.dialogYesNo(messDialog): + return True + if options.has_key("a"): + # Получаем от пользователя доверительные сети + allowNet = self.getAllowNet() + if not allowNet: + return False + else: + if options.has_key("a"): + # Получаем от пользователя доверительные сети + allowNet = self.getAllowNet() + if not allowNet: + return False + # делаем backup + # Проверим запущен ли ldap + if not self.getRunService("ldap"): + # Запускаем LDAP сервер + if not self.runLdapServer(): + return False + bakupObj = servLdap() + bakupObj.backupServer() + # Удаляем переменные сервиса в ini файлах + self.deleteServiceVarsInFile("dns") + # Cоздаем объект переменные + self.createClVars() + # Устанавливаем доступные сети + self.clVars.Set("sr_dns_net_allow", allowNet, True) + # Удаляем из автозапуска демона + if not self.delDaemonAutostart("named"): + return False + # останавливаем сервис DNS + if not self.stopServices(["dns"]): + return False + # Имя устанавливаемого сервиса + self.clVars.Set("cl_pass_service","dns") + self.clVars.Write("sr_dns_set","off") + # Cоздаем объект профиль устанавливая директорию proxy для + # файлов профилей + if not self.applyProfilesFromService('dns'): + return False + # Проверим запущен ли ldap + if not self.getRunService("ldap"): + # Запускаем LDAP сервер + if not self.runLdapServer(): + return False + else: + if not self.restartLdapServer(): + return False + # Подключаемся к LDAP cерверу + if not shareLdap.getLdapObjInFile(self): + return False + # Находим в LDAP DNS сервис + resSearch = self.searchService() + ret = True + if resSearch: + delDN = self.relDN + ret = self.deleteDN(delDN) + if ret: + self.printOK(_("Remove DNS DN from LDAP Database") + " ...") + else: + self.printERROR(\ + _("Can not remove DNS DN from LDAP Database")) + if not ret: + return False + ldifFile = self.ldifFileBase + baseLdif = self.createLdif(ldifFile) + if not self.ldapObj.getError(): + self.ldapObj.ldapAdd(baseLdif) + if self.ldapObj.getError(): + print _("LDAP Error") + ": " + self.ldapObj.getError().strip() + return False + # Записываем данные администратора сервиса Proxy + ldapParser = iniLdapParser() + ldapParser.setVar("dns", + {"DN":self.clVars.Get("ld_dns_dn"), + "PASS":self.clVars.Get("ld_dns_pw")}) + self.printOK(_("Added ldif file") + " ...") + textLines = self.execProg("/etc/init.d/named start", False, False) + if textLines and type(textLines) == types.ListType and\ + "ok" in textLines[-1] or textLines and "ok" in textLines: + self.printOK(_("Starting") + " " + "Named" + " ...") + else: + self.printNotOK(_("Starting") + " " + "Named" + " ...") + return False + # Устанавливаем автозапуск демона + if not self.setDaemonAutostart("named"): + return False + # запишем переменные для сервера + allow = self.clVars.Get("sr_dns_net_allow") + self.clVars.Write("sr_dns_net_allow",allow,True,"local") + # запишем переменные для клиента + # + # Запишем, что сервис установлен + self.clVars.Write("sr_dns_set","on") + self.printOK(_("DNS service configured") + " ...") + return True + + + class tsOpt(cl_base.opt): """Класс для обработки параметров и вывода help diff --git a/pym/cl_vars_server.py b/pym/cl_vars_server.py index 40946c5..11d1ac3 100644 --- a/pym/cl_vars_server.py +++ b/pym/cl_vars_server.py @@ -364,7 +364,7 @@ class Data: cl_name = {'value':'calculate-server'} # версия программы - cl_ver = {'value':'2.1.3'} + cl_ver = {'value':'2.1.4'} #DN LDAP ветки, в котором будут находится служебные ветки ld_ldap_dn = {} @@ -420,6 +420,10 @@ class Data: sr_proxy_net_allow = {} # Текст в squid.conf - доступные сети sr_proxy_net_allow_pass = {} + # Доступные сети для сервиса DNS + sr_dns_net_allow = {} + # Текст в named.conf - доступные сети + sr_dns_net_allow_pass = {} #DN ветки хранения реплицируемых алиасов ld_repl_mail_dn = {} @@ -433,3 +437,26 @@ class Data: #Настроен или нет сервис Mail как почтовый релей sr_mail_relay_set = {'mode':"w", 'value':'off'} + + #----------------------------------------------------- + #Сервис DNS + #----------------------------------------------------- + # имя компьютера с настроенным сервисом DNS + sr_dns_host = {} + + #DN администратора сервиса DNS (он, же DN сервиса) + ld_dns_dn = {} + + #имя администратора сервиса DNS + ld_dns_login = {'value':'DNS'} + + #пароль администратора сервиса DNS + ld_dns_pw = {} + + #hash пароля администратора сервиса DNS + ld_dns_hash = {} + + #Настроен или нет сервис DNS + sr_dns_set = {'mode':"w", + 'value':'off'} + \ No newline at end of file diff --git a/scripts/cl-setup b/scripts/cl-setup index 411092b..2880706 100644 --- a/scripts/cl-setup +++ b/scripts/cl-setup @@ -65,6 +65,11 @@ if __name__ == "__main__": obj = cl_ldap.servProxy() if obj.setupProxyServer(optObj.opt): flagError = False + # Настройка сервера dns + elif optObj.params['service'] == "dns": + obj = cl_ldap.servDNS() + if obj.setupDnsServer(optObj.opt): + flagError = False if flagError: sys.exit(1) else: diff --git a/setup.py b/setup.py index 3223e80..e7ac6d9 100755 --- a/setup.py +++ b/setup.py @@ -169,7 +169,7 @@ exec_file = Extension('calculate-server.bin.repbin', sources = ['./bin/repbin.c']) setup( name = 'calculate-server', - version = "2.1.3", + version = "2.1.4", description = "The program for configuring server-data linux", author = "Calculate Pack", author_email = "support@calculate.ru",