1 # |
|
2 # CDDL HEADER START |
|
3 # |
|
4 # The contents of this file are subject to the terms of the |
|
5 # Common Development and Distribution License (the "License"). |
|
6 # You may not use this file except in compliance with the License. |
|
7 # |
|
8 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE |
|
9 # or http://www.opensolaris.org/os/licensing. |
|
10 # See the License for the specific language governing permissions |
|
11 # and limitations under the License. |
|
12 # |
|
13 # When distributing Covered Code, include this CDDL HEADER in each |
|
14 # file and include the License file at usr/src/OPENSOLARIS.LICENSE. |
|
15 # If applicable, add the following below this CDDL HEADER, with the |
|
16 # fields enclosed by brackets "[]" replaced with your own identifying |
|
17 # information: Portions Copyright [yyyy] [name of copyright owner] |
|
18 # |
|
19 # CDDL HEADER END |
|
20 # |
|
21 |
|
22 # |
|
23 # Copyright (c) 2013, 2014, Oracle and/or its affiliates. All rights reserved. |
|
24 # |
|
25 |
|
26 Puppet::Type.type(:ldap).provide(:ldap) do |
|
27 desc "Provider for management of the LDAP client for Oracle Solaris" |
|
28 confine :operatingsystem => [:solaris] |
|
29 defaultfor :osfamily => :solaris, :kernelrelease => ['5.11', '5.12'] |
|
30 commands :svccfg => '/usr/sbin/svccfg', :svcprop => '/usr/bin/svcprop' |
|
31 |
|
32 Ldap_fmri = "svc:/network/ldap/client" |
|
33 |
|
34 def initialize(resource) |
|
35 super |
|
36 @refresh_needed = false |
|
37 end |
|
38 |
|
39 def self.instances |
|
40 if Process.euid != 0 |
|
41 return [] |
|
42 end |
|
43 props = {} |
|
44 validprops = Puppet::Type.type(:ldap).validproperties |
|
45 |
|
46 svcprop("-p", "config", Ldap_fmri).each_line.collect do |line| |
|
47 data = line.split() |
|
48 fullprop = data[0] |
|
49 type = data[1] |
|
50 if data.length > 2 |
|
51 value = data[2..-1].join(" ") |
|
52 else |
|
53 value = nil |
|
54 end |
|
55 |
|
56 pg, prop = fullprop.split("/") |
|
57 props[prop] = value if validprops.include? prop.to_sym |
|
58 end |
|
59 begin |
|
60 props[:bind_passwd] = svcprop("-p", "cred/bind_passwd", |
|
61 "svc:/network/ldap/client").strip |
|
62 rescue |
|
63 end |
|
64 |
|
65 props[:name] = "current" |
|
66 return Array new(props) |
|
67 end |
|
68 |
|
69 Puppet::Type.type(:ldap).validproperties.each do |field| |
|
70 # get the property group |
|
71 pg = Puppet::Type.type(:ldap).propertybyname(field).pg |
|
72 define_method(field) do |
|
73 begin |
|
74 svcprop("-p", pg + "/" + field.to_s, Ldap_fmri).strip() |
|
75 rescue |
|
76 # if the property isn't set, don't raise an error |
|
77 nil |
|
78 end |
|
79 end |
|
80 |
|
81 define_method(field.to_s + "=") do |should| |
|
82 begin |
|
83 if should.is_a? Array |
|
84 should.collect! { |value| value.to_s } |
|
85 |
|
86 # in Solaris 11, the list of values needs to be single |
|
87 # argument to svccfg. |
|
88 values = "" |
|
89 for entry in should |
|
90 values += "\"#{entry}\" " |
|
91 end |
|
92 values = "(" + values + ")" |
|
93 svccfg("-s", Ldap_fmri, "setprop", |
|
94 pg + "/" + field.to_s, "=", values) |
|
95 else |
|
96 # Puppet seems to get confused about when to pass an empty |
|
97 # string or "\"\"". Catch either condition to handle |
|
98 # passing values to SMF correctly |
|
99 if should.to_s.empty? or should.to_s == '""' |
|
100 value = should.to_s |
|
101 else |
|
102 value = "\"" + should.to_s + "\"" |
|
103 end |
|
104 svccfg("-s", Ldap_fmri, "setprop", |
|
105 pg + "/" + field.to_s, "=", value) |
|
106 end |
|
107 @refresh_needed = true |
|
108 rescue => detail |
|
109 raise Puppet::Error, |
|
110 "Unable to set #{field.to_s} to #{should.inspect}\n" |
|
111 "#{detail}\n" |
|
112 end |
|
113 end |
|
114 end |
|
115 |
|
116 def flush |
|
117 if @refresh_needed == true |
|
118 svccfg("-s", Ldap_fmri, "refresh") |
|
119 end |
|
120 end |
|
121 end |
|