Kool Idm Simple Script :D
In case it's helpful to anyone else, I've been using a simple script to
keep my dhcp server's static entries in-sync with ipa host info.
Since I'm using IPA 2.1 on Fedora 16, I had to hijack the 'location'
host info. key to store the MAC address for each host. IIRC, IPA 2.2
and later can add custom keys, however 'location' works fine for my
purposes.
This is most probably the slowest way to do this, however it's simple
and works well for my very small setup. First I configured dhcpd
(/etc/dhcp/dhcpd.conf) similar to:
---cut---
authoritative; #we are the definitave DHCP server on network
ping-check true; #try to ping all hosts before committing
one-lease-per-client on;
ddns-update-style none;
max-lease-time 432000; #maximum lease time is 5 days
default-lease-time 86400; #default to 24 hour leases
pid-file-name "/var/run/dhcpd.pid";
lease-file-name "/var/lib/dhcpd/dhcpd.leases";
log-facility local5;
subnet <<subnet addr>> netmask 255.255.255.0 {
option domain-name "fqdn.com";
option domain-name-servers <<ipa1 IP>>, <<ipa2 IP>>, <<ipa3 IP>>;
option subnet-mask 255.255.255.0;
option broadcast-address <<broadcast addr>>;
option routers <<gateway addr>>;
#pool of dynamically allocatable addresses 200 - 249
pool {
range <<addr>>.200 <<addr>>.249;
}
}
# static entries in separate file
include "/etc/dhcp/dhcpd.known_hosts";
---cut---
Then, I stuck a cron entry to redirect the output from the script below,
into /etc/dhcp/dhcpd.known_hosts and it's been working beautifully. Enjoy!
---cut---
#!/bin/bash
KRBPRINC='host/fqdn....@domain.com'
print_entry() {
hostinfo="$1"
hostname=`echo "$1" | awk '/Host name: /{print $3}'`
macaddr=`echo "$1" | awk '/Location: /{print $2}'`
if [ -n "$hostname" ] && [ -n "$macaddr" ]
then
shortname=`echo "$hostname" | cut -d "." -f 1`
echo "host $shortname { hardware ethernet $macaddr;
fixed-address $hostname; }"
#else
# echo -e "Error parsing entry:\n${hostinfo}" > /dev/stderr
fi
}
kinit -k $KRBPRINC
infoblock=""
ipa host-find --all |
while read line
do
if ( echo "$line" | grep -q 'dn: fqdn=' ) || \
( echo "$line" | grep -q 'Number of entries returned' )
then
# parse last complete entry
print_entry "$infoblock"
# start recording new entry
infoblock="$line"
else
# still getting lines for entry
# append to previous lines
infoblock="$infoblock
$line"
fi
done
kdestroy
---cut---
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
