IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Simplify determining if an IPA server installation is complete

Browse Source 
When asking the quesiton "is my IPA server configured?" right now
we look at whether the installation backed up any files and set
any state. This isn't exactly precise.

Instead set a new state, installation, to True as soon as IPA
is restarted at the end of the installer.

On upgrades existing installations will automatically get this
state.

This relies on the fact that get_state returns None if no state
at all is set. This indicates that this "new" option isn't available
and when upgrading an existing installation we can assume the
install at least partly works.

The value is forced to False at the beginning of a fresh install
so if it fails, or is in a transient state like with an external
CA, we know that the installation is not complete.

https://pagure.io/freeipa/issue/8384

Signed-off-by: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Francois Cami <fcami@redhat.com>
This commit is contained in:
Rob Crittenden
2020-07-07 16:24:35 -04:00
committed by Florence Blanc-Renaud
parent 7e37b45e02
commit 0fa8686918
4 changed files with 18 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
ipaserver/install/server/replicainstall.py
View File

@@ -1205,6 +1205,7 @@ def install(installer):
ca_enabled = installer._ca_enabled
kra_enabled = installer._kra_enabled
fstore = installer._fstore
sstore = installer._sstore
config = installer._config
cafile = installer._ca_file
dirsrv_pkcs12_info = installer._dirsrv_pkcs12_info
@@ -1215,6 +1216,9 @@ def install(installer):
conn = remote_api.Backend.ldap2
ccache = os.environ['KRB5CCNAME']
# Be clear that the installation process is beginning but not done
sstore.backup_state('installation', 'complete', False)
if tasks.configure_pkcs11_modules(fstore):
print("Disabled p11-kit-proxy")
@@ -1371,6 +1375,8 @@ def install(installer):
api.Backend.ldap2.disconnect()
# Everything installed properly, activate ipa service.
sstore.delete_state('installation', 'complete')
sstore.backup_state('installation', 'complete', True)
services.knownservices.ipa.enable()
# Print a warning if CA role is only installed on one server