18 # |
18 # |
19 # CDDL HEADER END |
19 # CDDL HEADER END |
20 # |
20 # |
21 |
21 |
22 # |
22 # |
23 # Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. |
23 # Copyright (c) 2013, 2014, Oracle and/or its affiliates. All rights reserved. |
24 # |
24 # |
25 |
25 |
26 Puppet::Type.type(:ldap).provide(:ldap) do |
26 Puppet::Type.type(:ldap).provide(:ldap) do |
27 desc "Provider for management of the LDAP client for Oracle Solaris" |
27 desc "Provider for management of the LDAP client for Oracle Solaris" |
28 confine :operatingsystem => [:solaris] |
28 confine :operatingsystem => [:solaris] |
29 defaultfor :osfamily => :solaris, :kernelrelease => ['5.11', '5.12'] |
29 defaultfor :osfamily => :solaris, :kernelrelease => ['5.11', '5.12'] |
30 commands :svccfg => '/usr/sbin/svccfg', :svcprop => '/usr/bin/svcprop' |
30 commands :svccfg => '/usr/sbin/svccfg', :svcprop => '/usr/bin/svcprop' |
31 |
31 |
32 class << self; attr_accessor :ldap_fmri end |
32 Ldap_fmri = "svc:/network/ldap/client" |
33 @@ldap_fmri = "svc:/network/ldap/client" |
33 |
|
34 def initialize(resource) |
|
35 super |
|
36 @refresh_needed = false |
|
37 end |
34 |
38 |
35 def self.instances |
39 def self.instances |
36 if Process.euid != 0 |
40 if Process.euid != 0 |
37 return [] |
41 return [] |
38 end |
42 end |
39 props = {} |
43 props = {} |
40 validprops = Puppet::Type.type(:ldap).validproperties |
44 validprops = Puppet::Type.type(:ldap).validproperties |
41 |
45 |
42 svcprop("-p", "config", @@ldap_fmri).split("\n").collect do |line| |
46 svcprop("-p", "config", Ldap_fmri).each_line.collect do |line| |
43 data = line.split() |
47 data = line.split() |
44 fullprop = data[0] |
48 fullprop = data[0] |
45 type = data[1] |
49 type = data[1] |
46 if data.length > 2 |
50 if data.length > 2 |
47 value = data[2..-1].join(" ") |
51 value = data[2..-1].join(" ") |
48 else |
52 else |
49 value = nil |
53 value = nil |
50 end |
54 end |
51 |
55 |
52 pg, prop = fullprop.split("/") |
56 pg, prop = fullprop.split("/") |
|
57 props[prop] = value if validprops.include? prop.to_sym |
|
58 end |
|
59 begin |
|
60 props[:bind_passwd] = svcprop("-p", "cred/bind_passwd", |
|
61 "svc:/network/ldap/client").strip |
|
62 rescue |
|
63 end |
53 |
64 |
54 # handle the domainname differently as it's not in validprops |
65 props[:name] = "current" |
55 if prop == "profile" |
|
56 props[:name] = value |
|
57 else |
|
58 props[prop] = value if validprops.include? prop.to_sym |
|
59 end |
|
60 end |
|
61 props[:bind_passwd] = svcprop("-p", "cred/bind_passwd", |
|
62 "svc:/network/ldap/client").strip |
|
63 return Array new(props) |
66 return Array new(props) |
64 end |
67 end |
65 |
68 |
66 Puppet::Type.type(:ldap).validproperties.each do |field| |
69 Puppet::Type.type(:ldap).validproperties.each do |field| |
67 # get the property group |
70 # get the property group |
68 pg = Puppet::Type.type(:ldap).propertybyname(field).pg |
71 pg = Puppet::Type.type(:ldap).propertybyname(field).pg |
69 define_method(field) do |
72 define_method(field) do |
70 begin |
73 begin |
71 svcprop("-p", pg + "/" + field.to_s, @@ldap_fmri).strip() |
74 svcprop("-p", pg + "/" + field.to_s, Ldap_fmri).strip() |
72 rescue |
75 rescue |
73 # if the property isn't set, don't raise an error |
76 # if the property isn't set, don't raise an error |
74 nil |
77 nil |
75 end |
78 end |
76 end |
79 end |
78 define_method(field.to_s + "=") do |should| |
81 define_method(field.to_s + "=") do |should| |
79 begin |
82 begin |
80 if should.is_a? Array |
83 if should.is_a? Array |
81 should.collect! { |value| value.to_s } |
84 should.collect! { |value| value.to_s } |
82 |
85 |
83 # the first entry needs the open paren and the last entry |
86 # in Solaris 11, the list of values needs to be single |
84 # needs the close paren |
87 # argument to svccfg. |
85 should[0] = "(" + should[0] |
88 values = "" |
86 should[-1] = should[-1] + ")" |
89 for entry in should |
87 |
90 values += "\"#{entry}\" " |
88 svccfg("-s", @@ldap_fmri, "setprop", |
91 end |
89 pg + "/" + field.to_s, "=", should) |
92 values = "(" + values + ")" |
|
93 svccfg("-s", Ldap_fmri, "setprop", |
|
94 pg + "/" + field.to_s, "=", values) |
90 else |
95 else |
91 svccfg("-s", @@ldap_fmri, "setprop", |
96 # Puppet seems to get confused about when to pass an empty |
92 pg + "/" + field.to_s, "=", should.to_s) |
97 # string or "\"\"". Catch either condition to handle |
|
98 # passing values to SMF correctly |
|
99 if should.to_s.empty? or should.to_s == '""' |
|
100 value = should.to_s |
|
101 else |
|
102 value = "\"" + should.to_s + "\"" |
|
103 end |
|
104 svccfg("-s", Ldap_fmri, "setprop", |
|
105 pg + "/" + field.to_s, "=", value) |
93 end |
106 end |
94 svccfg("-s", @@ldap_fmri, "refresh") |
107 @refresh_needed = true |
95 rescue => detail |
108 rescue => detail |
96 raise Puppet::Error, |
109 raise Puppet::Error, |
97 "Unable to set #{field.to_s} to #{should.inspect}\n" |
110 "Unable to set #{field.to_s} to #{should.inspect}\n" |
98 "#{detail}\n" |
111 "#{detail}\n" |
99 end |
112 end |
100 end |
113 end |
|
114 end |
101 |
115 |
|
116 def flush |
|
117 if @refresh_needed == true |
|
118 svccfg("-s", Ldap_fmri, "refresh") |
|
119 end |
102 end |
120 end |
103 end |
121 end |