Check that port 8443 is available when installing PKI.

https://fedorahosted.org/freeipa/ticket/4564 Reviewed-By: Martin Kosek <mkosek@redhat.com>
2025-02-25 18:55:28 -06:00 · 2014-09-29 04:27:30 -04:00 · 2014-09-29 04:27:30 -04:00 · 35c7bd05af
commit 35c7bd05af
parent 92a08266af
4 changed files with 27 additions and 0 deletions
--- a/install/tools/ipa-ca-install
+++ b/install/tools/ipa-ca-install
@ -95,6 +95,11 @@ def get_dirman_password():
        "Directory Manager (existing master)", confirm=False, validate=False)


+def check_ca():
+    if not cainstance.check_port():
+        print "IPA requires port 8443 for PKI but it is currently in use."
+        sys.exit(1)
+
 def install_dns_records(config, options):

    if not bindinstance.dns_container_exists(config.master_host_name,
@ -172,6 +177,8 @@ def install_replica(safe_options, options, filename):
    else:
        cainstance.replica_ca_install_check(config)

+    check_ca()
+
    # Configure the CA if necessary
    CA = cainstance.install_replica_ca(config, postinstall=True)

@ -262,6 +269,8 @@ def install_master(safe_options, options):
    domain_name = api.env.domain
    host_name = api.env.host

+    check_ca()
+
    dirname = dsinstance.config_dirname(
        dsinstance.realm_to_serverid(realm_name))
    cadb = certs.CertDB(realm_name, subject_base=subject_base)
--- a/install/tools/ipa-replica-install
+++ b/install/tools/ipa-replica-install
@ -476,6 +476,11 @@ def main():

    check_dirsrv()

+    if options.setup_ca:
+        if not cainstance.check_port():
+            print "IPA requires port 8443 for PKI but it is currently in use."
+            sys.exit("Aborting installation")
+
    if options.conf_ntp:
        try:
            ipaclient.ntpconf.check_timedate_services()
--- a/install/tools/ipa-server-install
+++ b/install/tools/ipa-server-install
@ -847,6 +847,11 @@ def main():
        # Make sure the 389-ds ports are available
        check_dirsrv(options.unattended)

+    if setup_ca:
+        if not cainstance.check_port():
+            print "IPA requires port 8443 for PKI but it is currently in use."
+            sys.exit("Aborting installation")
+
    if options.conf_ntp:
        try:
            ipaclient.ntpconf.check_timedate_services()
--- a/ipaserver/install/cainstance.py
+++ b/ipaserver/install/cainstance.py
@ -87,6 +87,14 @@ ConfigFile = /usr/share/pki/ca/conf/database.ldif
 """


+def check_port():
+    """
+    Check that dogtag port (8443) is available.
+
+    Returns True when the port is free, False if it's taken.
+    """
+    return not ipautil.host_port_open(None, 8443)
+
 def get_preop_pin(instance_root, instance_name):
    # Only used for Dogtag 9
    preop_pin = None