IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-11 00:31:56 -06:00
Code Issues Packages Projects Releases Wiki Activity

ipaplatform: Move hardcoded paths from Fedora platform files to path namespace

Browse Source 
Part of: https://fedorahosted.org/freeipa/ticket/4052

Reviewed-By: Petr Viktorin <pviktori@redhat.com>
This commit is contained in:
Tomas Babej 2014-06-09 13:45:48 +02:00 committed by Petr Viktorin
parent 8a5e2a8166
commit 3b4ab8b4f2
4 changed files with 36 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
ipaplatform/base/paths.py
View File

@ -86,15 +86,19 @@ class BasePathNamespace(object):
SSSD_CONF = "/etc/sssd/sssd.conf"
ETC_SYSCONFIG_AUTHCONFIG = "/etc/sysconfig/authconfig"
SYSCONFIG_DIRSRV = "/etc/sysconfig/dirsrv"
SYSCONFIG_DIRSRV_SYSTEMD = "/etc/sysconfig/dirsrv.systemd"
SYSCONFIG_DIRSRV_INSTANCE = "/etc/sysconfig/dirsrv-%s"
SYSCONFIG_DIRSRV_PKI_IPA_DIR = "/etc/sysconfig/dirsrv-PKI-IPA"
SYSCONFIG_KRB5KDC_DIR = "/etc/sysconfig/krb5kdc"
SYSCONFIG_NETWORK = "/etc/sysconfig/network"
SYSCONFIG_NETWORK_IPABKP = "/etc/sysconfig/network.ipabkp"
SYSCONFIG_NTPD = "/etc/sysconfig/ntpd"
SYSCONFIG_PKI = "/etc/sysconfig/pki"
SYSCONFIG_PKI_CA_DIR = "/etc/sysconfig/pki-ca"
SYSCONFIG_PKI_TOMCAT = "/etc/sysconfig/pki-tomcat"
SYSCONFIG_PKI_CA_PKI_CA_DIR = "/etc/sysconfig/pki/ca/pki-ca"
SYSCONFIG_PKI_TOMCAT_PKI_TOMCAT_DIR = "/etc/sysconfig/pki/tomcat/pki-tomcat"
ETC_SYSTEMD_SYSTEM_DIR = "/etc/systemd/system/"
SYSTEMD_CERTMONGER_SERVICE = "/etc/systemd/system/multi-user.target.wants/certmonger.service"
SYSTEMD_IPA_SERVICE = "/etc/systemd/system/multi-user.target.wants/ipa.service"
SYSTEMD_SSSD_SERVICE = "/etc/systemd/system/multi-user.target.wants/sssd.service"
@ -106,6 +110,7 @@ class BasePathNamespace(object):
ROOT_TMP_CA_P12 = "/root/tmp-ca.p12"
IP = "/sbin/ip"
NOLOGIN = "/sbin/nologin"
SBIN_RESTORECON = "/sbin/restorecon"
SBIN_SERVICE = "/sbin/service"
TMP = "/tmp"
TMP_CA_P12 = "/tmp/ca.p12"
@ -135,6 +140,7 @@ class BasePathNamespace(object):
SETPASSWD = "/usr/bin/setpasswd"
SIGNTOOL = "/usr/bin/signtool"
SSLGET = "/usr/bin/sslget"
UPDATE_CA_TRUST = "/usr/bin/update-ca-trust"
ZIP = "/usr/bin/zip"
BIND_LDAP_SO = "/usr/lib/bind/ldap.so"
USR_LIB_DIRSRV = "/usr/lib/dirsrv"
@ -144,6 +150,7 @@ class BasePathNamespace(object):
BIND_LDAP_SO_64 = "/usr/lib64/bind/ldap.so"
USR_LIB_DIRSRV_64 = "/usr/lib64/dirsrv"
USR_LIB_DIRSRV_SLAPD_INSTANCE_DIR_TEMPLATE = "/usr/lib64/dirsrv/slapd-%s"
LIB_SYSTEMD_SYSTEMD_DIR = "/usr/lib/systemd/system/"
SLAPD_PKI_IPA = "/usr/lib64/dirsrv/slapd-PKI-IPA"
LIB64_FIREFOX = "/usr/lib64/firefox"
DOGTAG_IPA_CA_RENEW_AGENT_SUBMIT = "/usr/libexec/certmonger/dogtag-ipa-ca-renew-agent-submit"

30
ipaplatform/base/services.py
View File

@ -151,14 +151,12 @@ class PlatformService(object):
class SystemdService(PlatformService):
SYSTEMD_ETC_PATH = "/etc/systemd/system/"
SYSTEMD_LIB_PATH = "/lib/systemd/system/"
SYSTEMD_SRV_TARGET = "%s.target.wants"
def __init__(self, service_name, systemd_name, **kwargs):
super(SystemdService, self).__init__(service_name, **kwargs)
self.systemd_name = systemd_name
self.lib_path = os.path.join(self.SYSTEMD_LIB_PATH, self.systemd_name)
self.lib_path = os.path.join(paths.LIB_SYSTEMD_SYSTEMD_DIR, self.systemd_name)
self.lib_path_exists = None
def service_instance(self, instance_name, operation=None):
@ -192,7 +190,7 @@ class SystemdService(PlatformService):
else:
# No instance name, try with target
tgt_name = "%s.target" % (elements[0])
srv_lib = os.path.join(self.SYSTEMD_LIB_PATH, tgt_name)
srv_lib = os.path.join(paths.LIB_SYSTEMD_SYSTEMD_DIR, tgt_name)
if os.path.exists(srv_lib):
return tgt_name
@ -231,7 +229,7 @@ class SystemdService(PlatformService):
def stop(self, instance_name="", capture_output=True):
instance = self.service_instance(instance_name)
args = ["/bin/systemctl", "stop", instance]
args = [paths.SYSTEMCTL, "stop", instance]
# The --ignore-dependencies switch is used to avoid possible
# deadlock during the shutdown transaction. For more details, see
@ -251,7 +249,7 @@ class SystemdService(PlatformService):
update_service_list=update_service_list)
def start(self, instance_name="", capture_output=True, wait=True):
ipautil.run(["/bin/systemctl", "start",
ipautil.run([paths.SYSTEMCTL, "start",
self.service_instance(instance_name)],
capture_output=capture_output)
@ -267,7 +265,7 @@ class SystemdService(PlatformService):
update_service_list=update_service_list)
def restart(self, instance_name="", capture_output=True, wait=True):
ipautil.run(["/bin/systemctl", "restart",
ipautil.run([paths.SYSTEMCTL, "restart",
self.service_instance(instance_name)],
capture_output=capture_output)
@ -280,7 +278,7 @@ class SystemdService(PlatformService):
while True:
try:
(sout, serr, rcode) = ipautil.run(
["/bin/systemctl", "is-active", instance],
[paths.SYSTEMCTL, "is-active", instance],
capture_output=True
)
except ipautil.CalledProcessError as e:
@ -299,7 +297,7 @@ class SystemdService(PlatformService):
def is_installed(self):
try:
(sout, serr, rcode) = ipautil.run(["/bin/systemctl",
(sout, serr, rcode) = ipautil.run([paths.SYSTEMCTL,
"list-unit-files",
"--full"])
if rcode != 0:
@ -318,7 +316,7 @@ class SystemdService(PlatformService):
enabled = True
try:
(sout, serr, rcode) = ipautil.run(
["/bin/systemctl",
[paths.SYSTEMCTL,
"is-enabled",
self.service_instance(instance_name)])
@ -355,7 +353,7 @@ class SystemdService(PlatformService):
# <service>@<instance_name>.service to
# /lib/systemd/system/<service>@.service
srv_tgt = os.path.join(self.SYSTEMD_ETC_PATH,
srv_tgt = os.path.join(paths.ETC_SYSTEMD_SYSTEM_DIR,
self.SYSTEMD_SRV_TARGET % (elements[0]))
srv_lnk = os.path.join(srv_tgt,
self.service_instance(instance_name))
@ -375,7 +373,7 @@ class SystemdService(PlatformService):
# Link exists and it is broken, make new one
os.unlink(srv_lnk)
os.symlink(self.lib_path, srv_lnk)
ipautil.run(["/bin/systemctl", "--system", "daemon-reload"])
ipautil.run([paths.SYSTEMCTL, "--system", "daemon-reload"])
except:
pass
else:
@ -389,7 +387,7 @@ class SystemdService(PlatformService):
# <service>@<instance_name>.service
# to /lib/systemd/system/<service>@.service
srv_tgt = os.path.join(self.SYSTEMD_ETC_PATH,
srv_tgt = os.path.join(paths.ETC_SYSTEMD_SYSTEM_DIR,
self.SYSTEMD_SRV_TARGET % (elements[0]))
srv_lnk = os.path.join(srv_tgt,
self.service_instance(instance_name))
@ -398,7 +396,7 @@ class SystemdService(PlatformService):
if ipautil.dir_exists(srv_tgt):
if os.path.islink(srv_lnk):
os.unlink(srv_lnk)
ipautil.run(["/bin/systemctl", "--system", "daemon-reload"])
ipautil.run([paths.SYSTEMCTL, "--system", "daemon-reload"])
except:
pass
else:
@ -406,14 +404,14 @@ class SystemdService(PlatformService):
def __enable(self, instance_name=""):
try:
ipautil.run(["/bin/systemctl", "enable",
ipautil.run([paths.SYSTEMCTL, "enable",
self.service_instance(instance_name)])
except ipautil.CalledProcessError:
pass
def __disable(self, instance_name=""):
try:
ipautil.run(["/bin/systemctl", "disable",
ipautil.run([paths.SYSTEMCTL, "disable",
self.service_instance(instance_name)])
except ipautil.CalledProcessError:
pass

15
ipaplatform/fedora/services.py
View File

@ -31,6 +31,7 @@ from ipaplatform.base import services as base_services
from ipapython import ipautil, dogtag
from ipapython.ipa_log_manager import root_logger
from ipalib import api
from ipaplatform.paths import paths
# Mappings from service names as FreeIPA code references to these services
# to their actual systemd service names
@ -97,9 +98,7 @@ class FedoraDirectoryService(FedoraService):
Returns False if the setting of the nofile limit needs to be skipped.
"""
dirsrv_systemd = "/etc/sysconfig/dirsrv.systemd"
if os.path.exists(dirsrv_systemd):
if os.path.exists(paths.SYSCONFIG_DIRSRV_SYSTEMD):
# We need to enable LimitNOFILE=8192 in the dirsrv@.service
# Since 389-ds-base-1.2.10-0.8.a7 the configuration of the
# service parameters is performed via
@ -107,10 +106,10 @@ class FedoraDirectoryService(FedoraService):
# into dirsrv@.service unit
replacevars = {'LimitNOFILE': str(num)}
ipautil.inifile_replace_variables(dirsrv_systemd,
ipautil.inifile_replace_variables(paths.SYSCONFIG_DIRSRV_SYSTEMD,
'service',
replacevars=replacevars)
tasks.restore_context(dirsrv_systemd)
tasks.restore_context(paths.SYSCONFIG_DIRSRV_SYSTEMD)
ipautil.run(["/bin/systemctl", "--system", "daemon-reload"],
raiseonerr=False)
@ -129,9 +128,9 @@ class FedoraDirectoryService(FedoraService):
if instance_name:
elements = self.systemd_name.split("@")
srv_etc = os.path.join(self.SYSTEMD_ETC_PATH,
srv_etc = os.path.join(paths.ETC_SYSTEMD_SYSTEM_DIR,
self.systemd_name)
srv_tgt = os.path.join(self.SYSTEMD_ETC_PATH,
srv_tgt = os.path.join(paths.ETC_SYSTEMD_SYSTEM_DIR,
self.SYSTEMD_SRV_TARGET % (elements[0]))
srv_lnk = os.path.join(srv_tgt,
self.service_instance(instance_name))
@ -169,7 +168,7 @@ class FedoraCAService(FedoraService):
# TODO: Use a cleaner solution
use_proxy = True
if not (os.path.exists('/etc/httpd/conf.d/ipa.conf') and
os.path.exists('/etc/httpd/conf.d/ipa-pki-proxy.conf')):
os.path.exists(paths.HTTPD_IPA_PKI_PROXY_CONF)):
root_logger.debug(
'The httpd proxy is not installed, wait on local port')
use_proxy = False

16
ipaplatform/fedora/tasks.py
View File

@ -41,7 +41,7 @@ from ipaplatform.base.tasks import *
class FedoraTaskNamespace(BaseTaskNamespace):
def restore_context(self, filepath, restorecon='/sbin/restorecon'):
def restore_context(self, filepath, restorecon=paths.SBIN_RESTORECON):
"""
restore security context on the file path
SELinux equivalent is /path/to/restorecon <filepath>
@ -157,7 +157,7 @@ class FedoraTaskNamespace(BaseTaskNamespace):
# Add the CA to the systemwide CA trust database
try:
shutil.copy(cacert_path, new_cacert_path)
ipautil.run(['/usr/bin/update-ca-trust'])
ipautil.run([paths.UPDATE_CA_TRUST])
except OSError, e:
root_logger.info("Failed to copy %s to %s" % (cacert_path,
new_cacert_path))
@ -181,7 +181,7 @@ class FedoraTaskNamespace(BaseTaskNamespace):
if os.path.exists(new_cacert_path):
try:
os.remove(new_cacert_path)
ipautil.run(['/usr/bin/update-ca-trust'])
ipautil.run([paths.UPDATE_CA_TRUST])
except OSError, e:
root_logger.error('Could not remove: %s, %s'
% (new_cacert_path, str(e)))
@ -198,12 +198,12 @@ class FedoraTaskNamespace(BaseTaskNamespace):
def backup_and_replace_hostname(self, fstore, statestore, hostname):
old_hostname = socket.gethostname()
try:
ipautil.run(['/bin/hostname', hostname])
ipautil.run([paths.BIN_HOSTNAME, hostname])
except ipautil.CalledProcessError, e:
print >>sys.stderr, ("Failed to set this machine hostname to "
"%s (%s)." % (hostname, str(e)))
filepath = '/etc/hostname'
filepath = paths.ETC_HOSTNAME
if os.path.exists(filepath):
# read old hostname
with open(filepath, 'r') as f:
@ -227,7 +227,7 @@ class FedoraTaskNamespace(BaseTaskNamespace):
statestore.backup_state('network', 'hostname', old_hostname)
def restore_network_configuration(self, fstore, statestore):
old_filepath = '/etc/sysconfig/network'
old_filepath = paths.SYSCONFIG_NETWORK
old_hostname = statestore.get_state('network', 'hostname')
hostname_was_configured = False
@ -235,13 +235,13 @@ class FedoraTaskNamespace(BaseTaskNamespace):
# This is Fedora >=18 instance that was upgraded from previous
# Fedora version which held network configuration
# in /etc/sysconfig/network
old_filepath_restore = '/etc/sysconfig/network.ipabkp'
old_filepath_restore = paths.SYSCONFIG_NETWORK_IPABKP
fstore.restore_file(old_filepath, old_filepath_restore)
print "Deprecated configuration file '%s' was restored to '%s'" \
% (old_filepath, old_filepath_restore)
hostname_was_configured = True
filepath = '/etc/hostname'
filepath = paths.ETC_HOSTNAME
if fstore.has_file(filepath):
fstore.restore_file(filepath)
hostname_was_configured = True