source/setup/provision

   1 #!/bin/sh
   2 exec smbscript "$0" ${1+"$@"}
   3 /*
   4         provision a Samba4 server
   5         Copyright Andrew Tridgell 2005
   6         Released under the GNU GPL v2 or later
   7 */
   8
   9 options = GetOptions(ARGV,
  10                 "POPT_AUTOHELP",
  11                 "POPT_COMMON_SAMBA",
  12                 "POPT_COMMON_VERSION",
  13                 "POPT_COMMON_CREDENTIALS",
  14                 'realm=s',
  15                 'domain=s',
  16                 'domain-guid=s',
  17                 'domain-sid=s',
  18                 'host-name=s',
  19                 'host-ip=s',
  20                 'host-guid=s',
  21                 'invocationid=s',
  22                 'adminpass=s',
  23                 'krbtgtpass=s',
  24                 'machinepass=s',
  25                 'root=s',
  26                 'nobody=s',
  27                 'nogroup=s',
  28                 'wheel=s',
  29                 'users=s',
  30                 'quiet',
  31                 'blank',
  32                 'ldap-base',
  33                 'ldap-backend=s',
  34                 'ldap-module=s',
  35                 'aci=s');
  36
  37 if (options == undefined) {
  38    println("Failed to parse options");
  39    return -1;
  40 }
  41
  42 libinclude("base.js");
  43 libinclude("provision.js");
  44
  45 /*
  46   print a message if quiet is not set
  47 */
  48 function message()
  49 {
  50         if (options["quiet"] == undefined) {
  51                 print(vsprintf(arguments));
  52         }
  53 }
  54
  55 /*
  56  show some help
  57 */
  58 function ShowHelp()
  59 {
  60         print("
  61 Samba4 provisioning
  62
  63 provision [options]
  64  --realm        REALM           set realm
  65  --domain       DOMAIN          set domain
  66  --domain-guid  GUID            set domainguid (otherwise random)
  67  --domain-sid   SID             set domainsid (otherwise random)
  68  --host-name    HOSTNAME        set hostname
  69  --host-ip      IPADDRESS       set ipaddress
  70  --host-guid    GUID            set hostguid (otherwise random)
  71  --invocationid GUID            set invocationid (otherwise random)
  72  --adminpass    PASSWORD        choose admin password (otherwise random)
  73  --krbtgtpass   PASSWORD        choose krbtgt password (otherwise random)
  74  --machinepass  PASSWORD        choose machine password (otherwise random)
  75  --root         USERNAME        choose 'root' unix username
  76  --nobody       USERNAME        choose 'nobody' user
  77  --nogroup      GROUPNAME       choose 'nogroup' group
  78  --wheel        GROUPNAME       choose 'wheel' privileged group
  79  --users        GROUPNAME       choose 'users' group
  80  --quiet                        Be quiet
  81  --blank                        do not add users or groups, just the structure
  82  --ldap-base                    output only an LDIF file, suitable for creating an LDAP baseDN
  83  --ldap-backend LDAPSERVER      LDAP server to use for this provision
  84  --ldap-module= MODULE          LDB mapping module to use for the LDAP backend
  85  --aci=         ACI             An arbitary LDIF fragment, particularly useful to loading a backend ACI value into a target LDAP server
  86 You must provide at least a realm and domain
  87
  88 ");
  89         exit(1);
  90 }
  91
  92 if (options['host-name'] == undefined) {
  93         options['host-name'] = hostname();
  94 }
  95
  96 /*
  97    main program
  98 */
  99 if (options["realm"] == undefined ||
 100     options["domain"] == undefined ||
 101     options["host-name"] == undefined) {
 102         ShowHelp();
 103 }
 104
 105 /* cope with an initially blank smb.conf */
 106 var lp = loadparm_init();
 107 lp.set("realm", options.realm);
 108 lp.set("workgroup", options.domain);
 109 lp.reload();
 110
 111 var subobj = provision_guess();
 112 for (r in options) {
 113         var key = strupper(join("", split("-", r)));
 114         subobj[key] = options[r];
 115 }
 116 if (options["aci"] != undefined) {
 117         println("set ACI: " + subobj["ACI"]);
 118 }
 119
 120 if (options["ldap-backend"] != undefined) {
 121         subobj["LDAPMODULES"] = subobj["LDAPMODULE"] + ",paged_searches";
 122 }
 123
 124 var blank = (options["blank"] != undefined);
 125 var ldapbase = (options["ldap-base"] != undefined);
 126 var ldapbackend = (options["ldap-backend"] != undefined);
 127
 128 if (!provision_validate(subobj, message)) {
 129         return -1;
 130 }
 131
 132 var system_session = system_session();
 133 var creds = options.get_credentials();
 134 var paths = provision_default_paths(subobj);
 135 message("Provisioning for %s in realm %s\n", subobj.DOMAIN, subobj.REALM);
 136 message("Using administrator password: %s\n", subobj.ADMINPASS);
 137 if (ldapbase) {
 138         provision_ldapbase(subobj, message, paths);
 139 } else {
 140         provision(subobj, message, blank, paths, system_session, creds, ldapbackend);
 141         provision_dns(subobj, message, paths, system_session, creds);
 142 }
 143 message("All OK\n");
 144 return 0;