Re-work template substitution code In several places, we currently set up a dictionary of variables to substitute into template files and then use that same dictionary for multiple files. In terms of code reduction, this is convenient, but it terms out to be a nightmare to verify what files need what variables. For example, if you wanted to be able to re-write configuration files when the hostname changes, then you can't tell from looking at the code which files need the hostname. This patch re-works the substitution code so that only the variables that are actually needed for a given file are substituted in e.g. self.__ldap_mod("memberof-task.ldif", SUFFIX = self.suffix) Signed-off-by: Mark McLoughlin diff -r 32943922b23b ipa-client/ipaclient/ntpconf.py --- a/ipa-client/ipaclient/ntpconf.py Tue Jan 22 16:42:45 2008 +0000 +++ b/ipa-client/ipaclient/ntpconf.py Wed Jan 23 15:34:55 2008 +0000 @@ -71,10 +71,7 @@ keys /etc/ntp/keys """ def config_ntp(server_fqdn): - sub_dict = { } - sub_dict["SERVER"] = server_fqdn - - nc = template_str(ntp_conf, sub_dict) + nc = template_str(ntp_conf, SERVER = server_fqdn) shutil.copy("/etc/ntp.conf", "/etc/ntp.conf.ipasave") diff -r 32943922b23b ipa-python/ipautil.py --- a/ipa-python/ipautil.py Tue Jan 22 16:42:45 2008 +0000 +++ b/ipa-python/ipautil.py Wed Jan 23 15:34:55 2008 +0000 @@ -56,12 +56,12 @@ def realm_to_suffix(realm_name): terms = ["dc=" + x.lower() for x in s] return ",".join(terms) -def template_str(txt, vars): +def template_str(txt, **vars): return string.Template(txt).substitute(vars) -def template_file(infilename, vars): +def template_file(infilename, **vars): txt = open(infilename).read() - return template_str(txt, vars) + return template_str(txt, **vars) def write_tmp_file(txt): fd = tempfile.NamedTemporaryFile() diff -r 32943922b23b ipa-server/ipaserver/bindinstance.py --- a/ipa-server/ipaserver/bindinstance.py Tue Jan 22 16:42:45 2008 +0000 +++ b/ipa-server/ipaserver/bindinstance.py Wed Jan 23 15:34:55 2008 +0000 @@ -35,7 +35,6 @@ class BindInstance(service.Service): self.host = None self.ip_address = None self.realm = None - self.sub_dict = None def setup(self, fqdn, ip_address, realm_name): self.fqdn = fqdn @@ -43,8 +42,6 @@ class BindInstance(service.Service): self.realm = realm_name self.domain = fqdn[fqdn.find(".")+1:] self.host = fqdn[:fqdn.find(".")] - - self.__setup_sub_dict() def check_inst(self): # So far this file is always present in both RHEL5 and Fedora if all the necessary @@ -55,7 +52,11 @@ class BindInstance(service.Service): return True def create_sample_bind_zone(self): - bind_txt = ipautil.template_file(ipautil.SHARE_DIR + "bind.zone.db.template", self.sub_dict) + bind_txt = ipautil.template_file(ipautil.SHARE_DIR + "bind.zone.db.template", + REALM = self.realm, + HOST = self.host, + IP = self.ip_address, + DOMAIN = self.domain) [bind_fd, bind_name] = tempfile.mkstemp(".db","sample.zone.") os.write(bind_fd, bind_txt) os.close(bind_fd) @@ -77,16 +78,13 @@ class BindInstance(service.Service): except: print "named service failed to start" - def __setup_sub_dict(self): - self.sub_dict = dict(FQDN=self.fqdn, - IP=self.ip_address, - DOMAIN=self.domain, - HOST=self.host, - REALM=self.realm) - def __setup_zone(self): self.backup_state("domain", self.domain) - zone_txt = ipautil.template_file(ipautil.SHARE_DIR + "bind.zone.db.template", self.sub_dict) + zone_txt = ipautil.template_file(ipautil.SHARE_DIR + "bind.zone.db.template", + REALM = self.realm, + HOST = self.host, + IP = self.ip_address, + DOMAIN = self.domain) sysrestore.backup_file('/var/named/'+self.domain+'.zone.db') zone_fd = open('/var/named/'+self.domain+'.zone.db', 'w') zone_fd.write(zone_txt) @@ -94,7 +92,10 @@ class BindInstance(service.Service): def __setup_named_conf(self): sysrestore.backup_file('/etc/named.conf') - named_txt = ipautil.template_file(ipautil.SHARE_DIR + "bind.named.conf.template", self.sub_dict) + named_txt = ipautil.template_file(ipautil.SHARE_DIR + "bind.named.conf.template", + FQDN = self.fqdn, + DOMAIN = self.domain, + REALM = self.realm) named_fd = open('/etc/named.conf', 'w') named_fd.seek(0) named_fd.truncate(0) diff -r 32943922b23b ipa-server/ipaserver/dsinstance.py --- a/ipa-server/ipaserver/dsinstance.py Tue Jan 22 16:42:45 2008 +0000 +++ b/ipa-server/ipaserver/dsinstance.py Wed Jan 23 15:34:55 2008 +0000 @@ -105,7 +105,6 @@ class DsInstance(service.Service): self.suffix = None self.host_name = None self.dm_password = None - self.sub_dict = None self.domain = None self.pkcs12_info = None @@ -118,7 +117,6 @@ class DsInstance(service.Service): self.dm_password = dm_password self.domain = host_name[host_name.find(".")+1:] self.pkcs12_info = pkcs12_info - self.__setup_sub_dict() self.step("creating directory server user", self.__create_ds_user) self.step("creating directory server instance", self.__create_instance) @@ -146,13 +144,6 @@ class DsInstance(service.Service): self.backup_state("enabled", self.is_enabled()) self.chkconfig_on() - def __setup_sub_dict(self): - server_root = find_server_root() - self.sub_dict = dict(FQHN=self.host_name, SERVERID=self.serverid, - PASSWORD=self.dm_password, SUFFIX=self.suffix.lower(), - REALM=self.realm_name, USER=self.ds_user, - SERVER_ROOT=server_root, DOMAIN=self.domain) - def __create_ds_user(self): user_exists = True try: @@ -174,7 +165,13 @@ class DsInstance(service.Service): def __create_instance(self): self.backup_state("running", self.is_running()) self.backup_state("serverid", self.serverid) - inf_txt = ipautil.template_str(INF_TEMPLATE, self.sub_dict) + inf_txt = ipautil.template_str(INF_TEMPLATE, + FQHN = self.host_name, + USER = self.ds_user, + SERVER_ROOT = find_server_root(), + SERVERID = self.serverid, + SUFFIX = self.suffix, + PASSWORD = self.dm_password) logging.debug(inf_txt) inf_fd = ipautil.write_tmp_file(inf_txt) logging.debug("writing inf template") @@ -214,12 +211,12 @@ class DsInstance(service.Service): # TODO: roll back here? logging.critical("Failed to restart the ds instance") - def __ldap_mod(self, ldif, sub_dict = None): + def __ldap_mod(self, ldif, **kw): fd = None path = ipautil.SHARE_DIR + ldif - if not sub_dict is None: - txt = ipautil.template_file(path, sub_dict) + if kw: + txt = ipautil.template_file(path, **kw) fd = ipautil.write_tmp_file(txt) path = fd.name @@ -238,7 +235,7 @@ class DsInstance(service.Service): self.__ldap_mod("memberof-conf.ldif") def __init_memberof(self): - self.__ldap_mod("memberof-task.ldif", self.sub_dict) + self.__ldap_mod("memberof-task.ldif", SUFFIX = self.suffix) def __add_referint_module(self): self.__ldap_mod("referint-conf.ldif") @@ -247,10 +244,12 @@ class DsInstance(service.Service): self.__ldap_mod("dna-conf.ldif") def __config_uidgid_gen_first_master(self): - self.__ldap_mod("dna-posix.ldif", self.sub_dict) + self.__ldap_mod("dna-posix.ldif", SUFFIX = self.suffix) def __add_master_entry_first_master(self): - self.__ldap_mod("master-entry.ldif", self.sub_dict) + self.__ldap_mod("master-entry.ldif", + SUFFIX = self.suffix, + FQHN = self.host_name) def __enable_ssl(self): dirname = config_dirname(self.serverid) @@ -290,7 +289,10 @@ class DsInstance(service.Service): conn.unbind() def __add_default_layout(self): - self.__ldap_mod("bootstrap-template.ldif", self.sub_dict) + self.__ldap_mod("bootstrap-template.ldif", + SUFFIX = self.suffix, + REALM = self.realm_name, + DOMAIN = self.domain) def __create_indeces(self): self.__ldap_mod("indeces.ldif") diff -r 32943922b23b ipa-server/ipaserver/httpinstance.py --- a/ipa-server/ipaserver/httpinstance.py Tue Jan 22 16:42:45 2008 +0000 +++ b/ipa-server/ipaserver/httpinstance.py Wed Jan 23 15:34:55 2008 +0000 @@ -59,7 +59,6 @@ class HTTPInstance(service.Service): self.fqdn = fqdn self.realm = realm self.domain = fqdn[fqdn.find(".")+1:] - self.sub_dict = { "REALM" : realm, "FQDN": fqdn, "DOMAIN" : self.domain } self.step("disabling mod_ssl in httpd", self.__disable_mod_ssl) self.step("Setting mod_nss port to 443", self.__set_mod_nss_port) @@ -116,7 +115,9 @@ class HTTPInstance(service.Service): os.chown("/etc/httpd/conf/ipa.keytab", pent.pw_uid, pent.pw_gid) def __configure_http(self): - http_txt = ipautil.template_file(ipautil.SHARE_DIR + "ipa.conf", self.sub_dict) + http_txt = ipautil.template_file(ipautil.SHARE_DIR + "ipa.conf", + FQDN = self.fqdn, + REALM = self.realm) sysrestore.backup_file("/etc/httpd/conf.d/ipa.conf") http_fd = open("/etc/httpd/conf.d/ipa.conf", "w") http_fd.write(http_txt) @@ -142,7 +143,8 @@ class HTTPInstance(service.Service): ca.create_signing_cert("Signing-Cert", "cn=%s,ou=Signing Certificate,o=Identity Policy Audit" % self.fqdn, ds_ca) def __setup_autoconfig(self): - prefs_txt = ipautil.template_file(ipautil.SHARE_DIR + "preferences.html.template", self.sub_dict) + prefs_txt = ipautil.template_file(ipautil.SHARE_DIR + "preferences.html.template", + DOMAIN = self.domain) prefs_fd = open("/usr/share/ipa/html/preferences.html", "w") prefs_fd.write(prefs_txt) prefs_fd.close() diff -r 32943922b23b ipa-server/ipaserver/krbinstance.py --- a/ipa-server/ipaserver/krbinstance.py Tue Jan 22 16:42:45 2008 +0000 +++ b/ipa-server/ipaserver/krbinstance.py Wed Jan 23 15:34:55 2008 +0000 @@ -88,7 +88,6 @@ class KrbInstance(service.Service): self.master_password = None self.suffix = None self.kdc_password = None - self.sub_dict = None self.kpasswd = KpasswdInstance() @@ -103,8 +102,6 @@ class KrbInstance(service.Service): self.kdc_password = ipautil.ipa_generate_password() self.admin_password = admin_password - self.__setup_sub_dict() - # get a connection to the DS try: self.conn = ipaldap.IPAdmin(self.fqdn) @@ -190,17 +187,8 @@ class KrbInstance(service.Service): except: logging.critical("krb5kdc service failed to start") - def __setup_sub_dict(self): - self.sub_dict = dict(FQDN=self.fqdn, - IP=self.ip, - PASSWORD=self.kdc_password, - SUFFIX=self.suffix, - DOMAIN=self.domain, - HOST=self.host, - REALM=self.realm) - - def __ldap_mod(self, ldif): - txt = ipautil.template_file(ipautil.SHARE_DIR + ldif, self.sub_dict) + def __ldap_mod(self, ldif, **kw): + txt = ipautil.template_file(ipautil.SHARE_DIR + ldif, **kw) fd = ipautil.write_tmp_file(txt) args = ["/usr/bin/ldapmodify", "-h", "127.0.0.1", "-xv", @@ -263,31 +251,49 @@ class KrbInstance(service.Service): raise e def __add_krb_entries(self): - self.__ldap_mod("kerberos.ldif") + self.__ldap_mod("kerberos.ldif", + SUFFIX = self.suffix, + PASSWORD = self.kdc_password) def __add_default_acis(self): - self.__ldap_mod("default-aci.ldif") + self.__ldap_mod("default-aci.ldif", + SUFFIX = self.suffix, + REALM = self.realm, + FQDN = self.fqdn) def __add_default_keytypes(self): - self.__ldap_mod("default-keytypes.ldif") + self.__ldap_mod("default-keytypes.ldif", + REALM = self.realm, + SUFFIX = self.suffix) def __create_replica_instance(self): self.__create_instance(replica=True) - def __template_file(self, path): + def __template_file(self, path, **kw): template = os.path.join(ipautil.SHARE_DIR, os.path.basename(path) + ".template") - conf = ipautil.template_file(template, self.sub_dict) + conf = ipautil.template_file(template, **kw) sysrestore.backup_file(path) fd = open(path, "w+") fd.write(conf) fd.close() def __create_instance(self, replica=False): - self.__template_file("/var/kerberos/krb5kdc/kdc.conf") - self.__template_file("/etc/krb5.conf") - self.__template_file("/usr/share/ipa/html/krb5.ini") - self.__template_file("/usr/share/ipa/html/krb.con") - self.__template_file("/usr/share/ipa/html/krbrealm.con") + self.__template_file("/var/kerberos/krb5kdc/kdc.conf", + REALM = self.realm) + self.__template_file("/etc/krb5.conf", + REALM = self.realm, + DOMAIN = self.domain, + FQDN = self.fqdn, + SUFFIX = self.suffix) + self.__template_file("/usr/share/ipa/html/krb5.ini", + REALM = self.realm, + DOMAIN = self.domain, + FQDN = self.fqdn) + self.__template_file("/usr/share/ipa/html/krb.con", + REALM = self.realm, + DOMAIN = self.domain) + self.__template_file("/usr/share/ipa/html/krbrealm.con", + REALM = self.realm) if not replica: #populate the directory with the realm structure @@ -319,7 +325,7 @@ class KrbInstance(service.Service): #add the password extop module def __add_pwd_extop_module(self): - self.__ldap_mod("pwd-extop-conf.ldif") + self.__ldap_mod("pwd-extop-conf.ldif", SUFFIX = self.suffix) #get the Master Key from the stash file try: diff -r 32943922b23b ipa-server/ipaserver/ntpinstance.py --- a/ipa-server/ipaserver/ntpinstance.py Tue Jan 22 16:42:45 2008 +0000 +++ b/ipa-server/ipaserver/ntpinstance.py Wed Jan 23 15:34:55 2008 +0000 @@ -39,12 +39,10 @@ class NTPInstance(service.Service): elif ipautil.file_exists("/etc/redhat-release"): os = "rhel." - sub_dict = { } - sub_dict["SERVERA"] = "0.%spool.ntp.org" % os - sub_dict["SERVERB"] = "1.%spool.ntp.org" % os - sub_dict["SERVERC"] = "2.%spool.ntp.org" % os - - ntp_conf = ipautil.template_file(ipautil.SHARE_DIR + "ntp.conf.server.template", sub_dict) + ntp_conf = ipautil.template_file(ipautil.SHARE_DIR + "ntp.conf.server.template", + SERVERA = "0.%spool.ntp.org" % os, + SERVERB = "1.%spool.ntp.org" % os, + SERVERC = "2.%spool.ntp.org" % os) sysrestore.backup_file("/etc/ntp.conf")