Commit 0a0336cd authored by Chris Hines's avatar Chris Hines
Browse files

Merge pull request #165 from l1ll1/master

fix up ansible_ciab
parents 519e1a6e 2e585d67
---
- name: make dir
file: path="{{ provision_homedir | dirname }}" state=directory mode=755 owner=root
sudo: true
run_once: true
- name: install python packages
yum: name=python-ldap, state=installed
sudo: true
when: ansible_os_family == 'RedHat'
- name: install python packages
apt: name=python-ldap, state=installed
sudo: true
when: ansible_os_family == 'Debian'
- name: copy provision_homedir template
template: src=provision_homedir.py.j2 dest={{ provision_homedir }} mode=700 owner=root
sudo: true
run_once: true
# the lockfile for makeing home directories should be located on the shared directory where the home directories will be created. Otherwise it will be racey
- name: provision_homedir cron job
cron: name=provision_homedir job="/usr/bin/flock -x -n /home/provision.lck -c {{ provision_homedir }}" user=root minute=*/30 state=present
sudo: true
#!/usr/bin/python
import ldap
import traceback
import os
import stat
class ldapSearchConfig:
def __init__(self):
self.ldapserver=""
self.binddn=""
self.bindpw=""
self.baseDN=""
self.searchFilter=""
self.cacertfile=''
class genericUser:
def __init__(self):
self.dn=""
self.cn=""
self.entry=""
self.uid=""
def get_users(server):
# ldap.set_option(ldap.OPT_X_TLS_CACERTFILE,server.cacertfile)
ldap.set_option( ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER )
l=ldap.initialize(server.ldapserver)
l.simple_bind_s(server.binddn,server.bindpw)
retrieveAttributes = ["*"]
searchScope=ldap.SCOPE_SUBTREE
try:
ldap_result_id = l.search(server.baseDN,searchScope,server.searchFilter,retrieveAttributes)
except ldap.LDAPError, e:
pass
rtype,rdata = l.result(ldap_result_id,1)
allusers={}
for user in rdata:
dn=user[0]
attrs=user[1]
allusers[dn]=genericUser()
allusers[dn].dn=dn
allusers[dn].entry=attrs
return allusers
def mk_homedir(path,uidNumber,gidNumber):
try:
statinfo = os.stat(path)
except OSError as e:
if 'No such file or directory' in e:
os.mkdir(path,0700)
statinfo = os.stat(path)
if stat.S_ISDIR(statinfo.st_mode):
if statinfo.st_gid != gidNumber or statinfo.st_uid!=uidNumber:
os.chown(path,uidNumber,gidNumber)
else:
raise Exception("users homedirectory is not a directory %s"%path)
s=ldapSearchConfig()
s.ldapserver="{{ ldapURI }}"
s.binddn="{{ ldapBindDN }}"
s.bindpw="{{ ldapBindDNPassword }}"
s.baseDN="{{ ldapBase }}"
s.searchFilter = "{{ search_filter }}"
homeDirEntry= "{{ homeDirEntry }}"
users=get_users(s)
for user in users:
try:
mk_homedir(users[user].entry['homeDirectory'][0],int(users[user].entry['uidNumber'][0]),int(users[user].entry['gidNumber'][0]))
except:
print traceback.format_exc()
pass
---
use_active_directory: False
provision_homedir: /usr/local/sbin/provision_homedir.py
homeDirEntry: "{% if use_active_directory %} unixHomeDirectory {% else %}homeDirectory {% endif %}"
search_filter: "{% if use_active_directory %} (unixHomeDirectory=*) {% else %} (objectClass=posixAccount) {% endif %}"
---
- name: make dir
file: path="{{ provision_homedir | dirname }}" state=directory mode=755 owner=root
sudo: true
run_once: true
- name: install python packages
yum: name=python-ldap state=installed
sudo: true
when: ansible_os_family == 'RedHat'
- name: install python packages
apt: name=python-ldap state=installed
sudo: true
when: ansible_os_family == 'Debian'
- name: copy provision_homedir template
template: src=provision_homedir.py.j2 dest={{ provision_homedir }} mode=700 owner=root
sudo: true
run_once: true
# the lockfile for makeing home directories should be located on the shared directory where the home directories will be created. Otherwise it will be racey
- name: provision_homedir cron job
cron: name=provision_homedir job="/usr/bin/flock -x -n /home/provision.lck -c {{ provision_homedir }}" user=root minute=*/30 state=present
sudo: true
#!/usr/bin/python
import ldap
import traceback
import os
import stat
class ldapSearchConfig:
def __init__(self):
self.ldapserver=""
self.binddn=""
self.bindpw=""
self.baseDN=""
self.searchFilter=""
self.cacertfile=''
class genericUser:
def __init__(self):
self.dn=""
self.cn=""
self.entry=""
self.uid=""
def get_users(server):
# ldap.set_option(ldap.OPT_X_TLS_CACERTFILE,server.cacertfile)
ldap.set_option( ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER )
l=ldap.initialize(server.ldapserver)
l.simple_bind_s(server.binddn,server.bindpw)
retrieveAttributes = ["*"]
searchScope=ldap.SCOPE_SUBTREE
try:
ldap_result_id = l.search(server.baseDN,searchScope,server.searchFilter,retrieveAttributes)
except ldap.LDAPError, e:
pass
rtype,rdata = l.result(ldap_result_id,1)
allusers={}
for user in rdata:
dn=user[0]
attrs=user[1]
allusers[dn]=genericUser()
allusers[dn].dn=dn
allusers[dn].entry=attrs
return allusers
def mk_homedir(path,uidNumber,gidNumber):
try:
statinfo = os.stat(path)
except OSError as e:
if 'No such file or directory' in e:
os.mkdir(path,0700)
statinfo = os.stat(path)
if stat.S_ISDIR(statinfo.st_mode):
if statinfo.st_gid != gidNumber or statinfo.st_uid!=uidNumber:
os.chown(path,uidNumber,gidNumber)
else:
raise Exception("users homedirectory is not a directory %s"%path)
s=ldapSearchConfig()
s.ldapserver="{{ ldapURI }}"
s.binddn="{{ ldapBindDN }}"
s.bindpw="{{ ldapBindDNPassword }}"
s.baseDN="{{ ldapBase }}"
s.searchFilter = "{{ search_filter }}"
homeDirEntry= "{{ homeDirEntry }}"
users=get_users(s)
for user in users:
try:
mk_homedir(users[user].entry['homeDirectory'][0],int(users[user].entry['uidNumber'][0]),int(users[user].entry['gidNumber'][0]))
except:
print traceback.format_exc()
pass
#!/usr/bin/python
import ldap
import traceback
import os
import stat
import subprocess
class ldapSearchConfig:
def __init__(self):
self.ldapserver=""
self.binddn=""
self.bindpw=""
self.baseDN=""
self.searchFilter=""
self.cacertfile=''
class genericUser:
def __init__(self):
self.dn=""
self.cn=""
self.entry=""
self.uid=""
def get_users(server):
# ldap.set_option(ldap.OPT_X_TLS_CACERTFILE,server.cacertfile)
ldap.set_option( ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER )
l=ldap.initialize(server.ldapserver)
l.simple_bind_s(server.binddn,server.bindpw)
retrieveAttributes = ["*"]
searchScope=ldap.SCOPE_SUBTREE
try:
ldap_result_id = l.search(server.baseDN,searchScope,server.searchFilter,retrieveAttributes)
except ldap.LDAPError, e:
pass
rtype,rdata = l.result(ldap_result_id,1)
allusers={}
for user in rdata:
dn=user[0]
attrs=user[1]
allusers[dn]=genericUser()
allusers[dn].dn=dn
allusers[dn].entry=attrs
return allusers
def mk_slurmaccount(acct):
output=subprocess.check_output(["{{ slurm_dir }}/bin/sacctmgr","--noheader","list","account",acct])
if acct in output:
return
else:
subprocess.call(["{{ slurm_dir }}/bin/sacctmgr","-i","create","account",acct])
def mk_slurmuser(user,acct):
output=subprocess.check_output(["{{ slurm_dir }}/bin/sacctmgr","--noheader","list","Association","user=%s"%user,"format=account"])
if acct in output.splitlines():
return
else:
subprocess.call(["{{ slurm_dir }}/bin/sacctmgr","-i","create","user",user,"account=%s"%acct])
s=ldapSearchConfig()
s.ldapserver="{{ ldapURI }}"
s.binddn="{{ ldapBindDN }}"
s.bindpw="{{ ldapBindDNPassword }}"
s.baseDN="{{ ldapBase }}"
s.searchFilter = "{{ search_filter }}"
users=get_users(s)
mk_slurmaccount("default")
for user in users:
try:
mk_slurmuser(users[user].entry['uid'][0],"default")
except:
print traceback.format_exc()
pass
---
use_active_directory: False
provision_homedir: /usr/local/sbin/provision_homedir.py
homeDirEntry: "{% if use_active_directory %}unixHomeDirectory{% else %}homeDirectory {% endif %}"
search_filter: "{% if use_active_directory %}(unixHomeDirectory=*){% else %} (objectClass=posixAccount) {% endif %}"
......@@ -23,18 +23,22 @@
chdir: /tmp/munge-{{ munge_version }}
creates: "{{ munge_dir }}/bin/munge"
- name: set use_systemd
set_fact:
use_systemd: True
when: (ansible_distribution == "CentOS" or ansible_distribution == "RedHat") and ( ansible_distribution_major_version == "7")
- name: copy init script
template: dest=/etc/init.d/munge src=munge.initd.j2 mode=755
sudo: true
when: use_systemd is not defined
- name: copy slurm init script if OS contains systemd
template: dest=/etc/systemd/system/munge.service src=munge.service.j2 mode=755
sudo: true
when: (ansible_distribution == "CentOS" or ansible_distribution == "RedHat") and
( ansible_distribution_major_version == "7")
when: use_systemd is defined
- name: reload systemd
shell: systemctl daemon-reload
sudo: true
when: (ansible_distribution == "CentOS" or ansible_distribution == "RedHat") and
( ansible_distribution_major_version == "7")
when: use_systemd is defined
......@@ -19,6 +19,7 @@
shell: tar jxf /tmp/slurm-{{ slurm_version }}.tar.bz2
args:
chdir: /tmp
creates: /tmp/slumr-{{ slurm_version }}
- name: build slurm
shell: ./configure --prefix={{ slurm_dir }} --with-munge={{ munge_dir }} && make
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment