mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-26 08:51:50 -06:00
Add ipa-server-install --uninstall
Add a --uninstall option to ipa-server-install which tries to restore the system to the way it was before ipa-server-install was run using the state backed up through sysrestore.py. Signed-off-by: Mark McLoughlin <markmc@redhat.com>
This commit is contained in:
Mark McLoughlin
parent
c7f3c746cc
commit
4a162f6fc8
@ -74,15 +74,21 @@ def parse_options():
|
||||
default=False, help="configure bind with our zone file")
|
||||
parser.add_option("-U", "--unattended", dest="unattended", action="store_true",
|
||||
default=False, help="unattended installation never prompts the user")
|
||||
parser.add_option("", "--uninstall", dest="uninstall", action="store_true",
|
||||
default=False, help="uninstall an existing installation")
|
||||
|
||||
options, args = parser.parse_args()
|
||||
|
||||
if options.unattended and (not options.ds_user or
|
||||
not options.realm_name or
|
||||
not options.dm_password or
|
||||
not options.admin_password or
|
||||
not options.master_password):
|
||||
parser.error("error: In unattended mode you need to provide at least -u, -r, -p and -P options")
|
||||
if options.uninstall:
|
||||
if (options.ds_user or options.realm_name or
|
||||
options.dm_password or options.admin_password or
|
||||
options.master_password):
|
||||
parser.error("error: In uninstall mode, -u, r, -p and -P options are not allowed")
|
||||
elif options.unattended:
|
||||
if (not options.ds_user or not options.realm_name or
|
||||
not options.dm_password or not options.admin_password or
|
||||
not options.master_password):
|
||||
parser.error("error: In unattended mode you need to provide at least -u, -r, -p and -P options")
|
||||
|
||||
return options
|
||||
|
||||
@ -241,6 +247,17 @@ def read_admin_password():
|
||||
admin_password = read_password("IPA admin")
|
||||
return admin_password
|
||||
|
||||
def uninstall():
|
||||
ipaserver.ntpinstance.NTPInstance().uninstall()
|
||||
ipaserver.bindinstance.BindInstance().uninstall()
|
||||
ipaserver.webguiinstance.WebGuiInstance().uninstall()
|
||||
ipaserver.httpinstance.HTTPInstance().uninstall()
|
||||
ipaserver.krbinstance.KrbInstance().uninstall()
|
||||
ipaserver.dsinstance.DsInstance().uninstall()
|
||||
sysrestore.restore_file("/etc/hosts")
|
||||
sysrestore.restore_file("/etc/ipa/ipa.conf")
|
||||
return 0
|
||||
|
||||
def main():
|
||||
global ds
|
||||
ds = None
|
||||
@ -256,6 +273,9 @@ def main():
|
||||
|
||||
standard_logging_setup("ipaserver-install.log", options.debug)
|
||||
|
||||
if options.uninstall:
|
||||
return uninstall()
|
||||
|
||||
print "=============================================================================="
|
||||
print "This program will setup the FreeIPA Server."
|
||||
print ""
|
||||
|
||||
@ -110,3 +110,18 @@ class BindInstance(service.Service):
|
||||
resolve_fd.write(resolve_txt)
|
||||
resolve_fd.close()
|
||||
|
||||
def uninstall(self):
|
||||
running = self.restore_state("running")
|
||||
domain = self.restore_state("domain")
|
||||
|
||||
if not running is None:
|
||||
self.stop()
|
||||
|
||||
if not domain is None:
|
||||
sysrestore.restore_file(os.path.join ("/var/named/", self.domain + ".zone.db"))
|
||||
|
||||
sysrestore.restore_file('/etc/named.conf')
|
||||
sysrestore.restore_file('/etc/resolve.conf')
|
||||
|
||||
if not running is None and running:
|
||||
self.start()
|
||||
|
||||
@ -333,3 +333,28 @@ class DsInstance(service.Service):
|
||||
print "Unable to set admin password", e
|
||||
logging.debug("Unable to set admin password %s" % e)
|
||||
|
||||
def uninstall(self):
|
||||
running = self.restore_state("running")
|
||||
enabled = self.restore_state("enabled")
|
||||
|
||||
if not running is None:
|
||||
self.stop()
|
||||
|
||||
if not enabled is None and not enabled:
|
||||
self.chkconfig_off()
|
||||
|
||||
serverid = self.restore_state("serverid")
|
||||
if not serverid is None:
|
||||
erase_ds_instance_data(serverid)
|
||||
|
||||
ds_user = self.restore_state("user")
|
||||
user_exists = self.restore_state("user_exists")
|
||||
|
||||
if not ds_user is None and not user_exists is None and not user_exists:
|
||||
try:
|
||||
ipautil.run(["/usr/sbin/userdel", ds_user])
|
||||
except ipautil.CalledProcessError, e:
|
||||
logging.critical("failed to delete user %s" % e)
|
||||
|
||||
if self.restore_state("running"):
|
||||
self.start()
|
||||
|
||||
@ -158,3 +158,26 @@ class HTTPInstance(service.Service):
|
||||
"-e", ".html",
|
||||
tmpdir])
|
||||
shutil.rmtree(tmpdir)
|
||||
|
||||
def uninstall(self):
|
||||
running = self.restore_state("running")
|
||||
enabled = self.restore_state("enabled")
|
||||
|
||||
if not running is None:
|
||||
self.stop()
|
||||
|
||||
if not enabled is None and not enabled:
|
||||
self.chkconfig_off()
|
||||
|
||||
for f in ["/etc/httpd/conf.d/ipa.conf", SSL_CONF, NSS_CONF]:
|
||||
sysrestore.restore_file(f)
|
||||
|
||||
sebool_state = self.restore_state("httpd_can_network_connect")
|
||||
if not sebool_state is None:
|
||||
try:
|
||||
ipautil.run(["/usr/sbin/setsebool", "-P", "httpd_can_network_connect", sebool_state])
|
||||
except:
|
||||
self.print_msg(selinux_warning)
|
||||
|
||||
if not running is None and running:
|
||||
self.start()
|
||||
|
||||
@ -379,4 +379,37 @@ class KrbInstance(service.Service):
|
||||
pent = pwd.getpwnam(self.ds_user)
|
||||
os.chown("/var/kerberos/krb5kdc/kpasswd.keytab", pent.pw_uid, pent.pw_gid)
|
||||
|
||||
def uninstall(self):
|
||||
running = self.restore_state("running")
|
||||
enabled = self.restore_state("enabled")
|
||||
|
||||
kpasswd_running = sysrestore.restore_state("ipa-kpasswd", "running")
|
||||
kpasswd_enabled = sysrestore.restore_state("ipa-kpasswd", "enabled")
|
||||
|
||||
if not running is None:
|
||||
self.stop()
|
||||
if not kpasswd_running is None:
|
||||
service.stop("ipa-kpasswd")
|
||||
|
||||
if not enabled is None and not enabled:
|
||||
self.chkconfig_off()
|
||||
if not kpasswd_enabled is None and not kpasswd_enabled:
|
||||
service.chkconfig_off("ipa-kpasswd")
|
||||
|
||||
for f in ["/var/kerberos/krb5kdc/ldappwd",
|
||||
"/var/kerberos/krb5kdc/kdc.conf",
|
||||
"/etc/krb5.conf",
|
||||
"/usr/share/ipa/html/krb5.ini",
|
||||
"/usr/share/ipa/html/krb.con",
|
||||
"/usr/share/ipa/html/krbrealm.con",
|
||||
"/etc/dirsrv/ds.keytab",
|
||||
"/etc/sysconfig/dirsrv",
|
||||
"/etc/krb5.keytab",
|
||||
"/var/kerberos/krb5kdc/kpasswd.keytab",
|
||||
"/etc/sysconfig/ipa-kpasswd"]:
|
||||
sysrestore.restore_file(f)
|
||||
|
||||
if not running is None and running:
|
||||
self.start()
|
||||
if not kpasswd_running is None and kpasswd_running:
|
||||
service.start("ipa-kpasswd")
|
||||
|
||||
@ -70,3 +70,17 @@ class NTPInstance(service.Service):
|
||||
self.step("configuring ntpd to start on boot", self.__enable)
|
||||
|
||||
self.start_creation("Configuring ntpd")
|
||||
|
||||
def uninstall(self):
|
||||
running = self.restore_state("running")
|
||||
enabled = self.restore_state("enabled")
|
||||
|
||||
if not running is None:
|
||||
self.stop()
|
||||
if not enabled is None and not enabled:
|
||||
self.chkconfig_off()
|
||||
|
||||
sysrestore.restore_file("/etc/ntp.conf")
|
||||
|
||||
if not running is None and running:
|
||||
self.start()
|
||||
|
||||
@ -104,6 +104,9 @@ class Service:
|
||||
def backup_state(self, key, value):
|
||||
sysrestore.backup_state(self.service_name, key, value)
|
||||
|
||||
def restore_state(self, key):
|
||||
return sysrestore.restore_state(self.service_name, key)
|
||||
|
||||
def print_msg(self, message):
|
||||
print_msg(message, self.output_fd)
|
||||
|
||||
|
||||
@ -35,3 +35,12 @@ class WebGuiInstance(service.Service):
|
||||
def __enable(self):
|
||||
self.backup_state("enabled", self.is_enabled())
|
||||
self.chkconfig_on()
|
||||
|
||||
def uninstall(self):
|
||||
running = self.restore_state("running")
|
||||
enabled = not self.restore_state("enabled")
|
||||
|
||||
if not running is None and not running:
|
||||
self.stop()
|
||||
if not enabled is None and not enabled:
|
||||
self.chkconfig_off()
|
||||
|
||||
Loading…
Reference in New Issue
Block a user