ipa-ca-install: print more specific errors when CA is already installed

This patch implements a more thorough checking for already installed CAs
during standalone CA installation using ipa-ca-install. The installer now
differentiates between CA that is already installed locally and CA installed
on one or more masters in topology and prints an appropriate error message.

https://fedorahosted.org/freeipa/ticket/4492

Reviewed-By: Martin Basti <mbasti@redhat.com>
This commit is contained in:
Martin Babinsky 2015-07-15 14:15:49 +02:00 committed by Petr Vobornik
parent 9083c528f7
commit 26dee66d1b

View File

@ -45,8 +45,16 @@ def install_check(standalone, replica_config, options):
return
if standalone and api.Command.ca_is_enabled()['result']:
sys.exit("CA is already installed.\n")
if standalone:
if cainstance.is_ca_installed_locally():
sys.exit("CA is already installed on this host.")
elif api.Command.ca_is_enabled()['result']:
sys.exit(
"One or more CA masters are already present in IPA realm "
"'%s'.\nIf you wish to replicate CA to this host, please "
"re-run 'ipa-ca-install'\nwith a replica file generated on "
"an existing CA master as argument." % realm_name
)
if options.external_cert_files:
if not cainstance.is_step_one_done():