IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Refactor krbinstance and dsinstance creation steps

Browse Source 
Creation steps are currently done with:

  self.start_creation(2, "Create foo")
  self.step("do foo")
  self.foo()
  self.step("do bar")
  self.bar()
  self.done_creation()

This patch refactors that into the much more
straightforward:

  self.step("do foo", self.foo)
  self.step("do bar", self.bar)
  self.start_creation("Create foo")

Signed-off-by: Mark McLoughlin <markmc@redhat.com>
This commit is contained in:
Mark McLoughlin
2007-12-13 09:31:28 +00:00
parent c049d2d821
commit 6976f92862
7 changed files with 118 additions and 167 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
ipa-radius-server/plugins/radiusinstance.py
View File

@@ -79,7 +79,6 @@ class RadiusInstance(service.Service):
self.basedn = self.suffix self.basedn = self.suffix
self.user_basedn = "%s,%s" % (DefaultUserContainer, self.basedn) # FIXME, should be utility to get this self.user_basedn = "%s,%s" % (DefaultUserContainer, self.basedn) # FIXME, should be utility to get this
self.radius_version = get_radius_version() self.radius_version = get_radius_version()
self.start_creation(4, "Configuring radiusd")
try: try:
self.stop() self.stop()
@@ -87,22 +86,23 @@ class RadiusInstance(service.Service):
# It could have been not running # It could have been not running
pass pass
self.__create_radius_keytab() self.step("create radiusd keytab", self.__create_radius_keytab)
self.__radiusd_conf() self.step("configuring radiusd.conf for radius instance", self.__radiusd_conf)
self.step("starting radiusd", self.__start_instance)
self.step("configuring radiusd to start on boot", self.chkconfig_on)
# FIXME:
# self.step("setting ldap encrypted attributes", self.__set_ldap_encrypted_attributes)
self.start_creation("Configuring radiusd")
def __start_instance(self):
try: try:
self.step("starting radiusd")
self.start() self.start()
except: except:
logging.error("radiusd service failed to start") logging.error("radiusd service failed to start")
self.step("configuring radiusd to start on boot")
self.chkconfig_on()
def __radiusd_conf(self): def __radiusd_conf(self):
self.step('configuring radiusd.conf for radius instance')
version = 'IPA_RADIUS_VERSION=%s FREE_RADIUS_VERSION=%s' % (IPA_RADIUS_VERSION, self.radius_version) version = 'IPA_RADIUS_VERSION=%s FREE_RADIUS_VERSION=%s' % (IPA_RADIUS_VERSION, self.radius_version)
sub_dict = {'CONFIG_FILE_VERSION_INFO' : version, sub_dict = {'CONFIG_FILE_VERSION_INFO' : version,
'LDAP_SERVER' : self.ldap_server, 'LDAP_SERVER' : self.ldap_server,
@@ -123,7 +123,6 @@ class RadiusInstance(service.Service):
logging.error("could not create %s: %s", radius_util.RADIUSD_CONF_FILEPATH, e) logging.error("could not create %s: %s", radius_util.RADIUSD_CONF_FILEPATH, e)
def __create_radius_keytab(self): def __create_radius_keytab(self):
self.step("creating a keytab for radiusd")
try: try:
if ipautil.file_exists(radius_util.RADIUS_IPA_KEYTAB_FILEPATH): if ipautil.file_exists(radius_util.RADIUS_IPA_KEYTAB_FILEPATH):
os.remove(radius_util.RADIUS_IPA_KEYTAB_FILEPATH) os.remove(radius_util.RADIUS_IPA_KEYTAB_FILEPATH)
@@ -153,9 +152,7 @@ class RadiusInstance(service.Service):
except Exception, e: except Exception, e:
logging.error("could not chown on %s to %s: %s", radius_util.RADIUS_IPA_KEYTAB_FILEPATH, radius_util.RADIUS_USER, e) logging.error("could not chown on %s to %s: %s", radius_util.RADIUS_IPA_KEYTAB_FILEPATH, radius_util.RADIUS_USER, e)
def __ldap_mod(self, step, ldif): def __ldap_mod(self, ldif):
self.step(step)
txt = iputil.template_file(ipautil.SHARE_DIR + ldif, self.sub_dict) txt = iputil.template_file(ipautil.SHARE_DIR + ldif, self.sub_dict)
fd = ipautil.write_tmp_file(txt) fd = ipautil.write_tmp_file(txt)
@@ -171,8 +168,7 @@ class RadiusInstance(service.Service):
#FIXME, should use IPAdmin method #FIXME, should use IPAdmin method
def __set_ldap_encrypted_attributes(self): def __set_ldap_encrypted_attributes(self):
self.__ldap_mod("setting ldap encrypted attributes", self.__ldap_mod("encrypted_attribute.ldif", {"ENCRYPTED_ATTRIBUTE" : "radiusClientSecret"})
"encrypted_attribute.ldif", {"ENCRYPTED_ATTRIBUTE" : "radiusClientSecret"})
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------

83
ipa-server/ipaserver/dsinstance.py
View File

@@ -135,38 +135,29 @@ class DsInstance(service.Service):
self.domain = host_name[host_name.find(".")+1:] self.domain = host_name[host_name.find(".")+1:]
self.__setup_sub_dict() self.__setup_sub_dict()
if ro_replica: self.step("creating directory server user", self.__create_ds_user)
self.start_creation(15, "Configuring directory server:") self.step("creating directory server instance", self.__create_instance)
else: self.step("adding default schema", self.__add_default_schemas)
self.start_creation(15, "Configuring directory server:")
self.__create_ds_user()
self.__create_instance()
self.__add_default_schemas()
if not ro_replica: if not ro_replica:
self.__add_memberof_module() self.step("enabling memberof plugin", self.__add_memberof_module)
self.__add_referint_module() self.step("enabling referential integrity plugin", self.__add_referint_module)
self.__add_dna_module() self.step("enabling distributed numeric assignment plugin", self.__add_dna_module)
self.__create_indeces() self.step("creating indeces", self.__create_indeces)
self.__enable_ssl() self.step("configuring ssl for ds instance", self.__enable_ssl)
self.__certmap_conf() self.step("configuring certmap.conf", self.__certmap_conf)
try: self.step("restarting directory server", self.__restart_instance)
self.step("restarting directory server") self.step("adding default layout", self.__add_default_layout)
self.restart()
except:
# TODO: roll back here?
logging.critical("Failed to restart the ds instance")
self.__add_default_layout()
if not ro_replica: if not ro_replica:
self.__config_uidgid_gen_first_master() self.step("configuring Posix uid/gid generation as first master",
self.__add_master_entry_first_master() self.__config_uidgid_gen_first_master)
self.__init_memberof() self.step("adding master entry as first master",
self.__add_master_entry_first_master)
self.step("initializing group membership",
self.__init_memberof)
self.step("configuring directory to start on boot", self.chkconfig_on)
self.step("configuring directoy to start on boot") self.start_creation("Configuring directory server:")
self.chkconfig_on()
self.done_creation()
def __setup_sub_dict(self): def __setup_sub_dict(self):
server_root = find_server_root() server_root = find_server_root()
@@ -176,7 +167,6 @@ class DsInstance(service.Service):
SERVER_ROOT=server_root, DOMAIN=self.domain) SERVER_ROOT=server_root, DOMAIN=self.domain)
def __create_ds_user(self): def __create_ds_user(self):
self.step("creating directory server user")
try: try:
pwd.getpwnam(self.ds_user) pwd.getpwnam(self.ds_user)
logging.debug("ds user %s exists" % self.ds_user) logging.debug("ds user %s exists" % self.ds_user)
@@ -190,7 +180,6 @@ class DsInstance(service.Service):
logging.critical("failed to add user %s" % e) logging.critical("failed to add user %s" % e)
def __create_instance(self): def __create_instance(self):
self.step("creating directory server instance")
inf_txt = ipautil.template_str(INF_TEMPLATE, self.sub_dict) inf_txt = ipautil.template_str(INF_TEMPLATE, self.sub_dict)
logging.debug(inf_txt) logging.debug(inf_txt)
inf_fd = ipautil.write_tmp_file(inf_txt) inf_fd = ipautil.write_tmp_file(inf_txt)
@@ -215,7 +204,6 @@ class DsInstance(service.Service):
logging.debug("failed to restart ds instance %s" % e) logging.debug("failed to restart ds instance %s" % e)
def __add_default_schemas(self): def __add_default_schemas(self):
self.step("adding default schema")
shutil.copyfile(ipautil.SHARE_DIR + "60kerberos.ldif", shutil.copyfile(ipautil.SHARE_DIR + "60kerberos.ldif",
schema_dirname(self.realm_name) + "60kerberos.ldif") schema_dirname(self.realm_name) + "60kerberos.ldif")
shutil.copyfile(ipautil.SHARE_DIR + "60samba.ldif", shutil.copyfile(ipautil.SHARE_DIR + "60samba.ldif",
@@ -225,9 +213,14 @@ class DsInstance(service.Service):
shutil.copyfile(ipautil.SHARE_DIR + "60ipaconfig.ldif", shutil.copyfile(ipautil.SHARE_DIR + "60ipaconfig.ldif",
schema_dirname(self.realm_name) + "60ipaconfig.ldif") schema_dirname(self.realm_name) + "60ipaconfig.ldif")
def __ldap_mod(self, step, ldif, sub_dict = None): def __restart_instance(self):
self.step(step) try:
self.restart()
except:
# TODO: roll back here?
logging.critical("Failed to restart the ds instance")
def __ldap_mod(self, ldif, sub_dict = None):
fd = None fd = None
path = ipautil.SHARE_DIR + ldif path = ipautil.SHARE_DIR + ldif
@@ -248,30 +241,24 @@ class DsInstance(service.Service):
fd.close() fd.close()
def __add_memberof_module(self): def __add_memberof_module(self):
self.__ldap_mod("enabling memberof plugin", "memberof-conf.ldif") self.__ldap_mod("memberof-conf.ldif")
def __init_memberof(self): def __init_memberof(self):
self.__ldap_mod("initializing group membership", self.__ldap_mod("memberof-task.ldif", self.sub_dict)
"memberof-task.ldif", self.sub_dict)
def __add_referint_module(self): def __add_referint_module(self):
self.__ldap_mod("enabling referential integrity plugin", self.__ldap_mod("referint-conf.ldif")
"referint-conf.ldif")
def __add_dna_module(self): def __add_dna_module(self):
self.__ldap_mod("enabling distributed numeric assignment plugin", self.__ldap_mod("dna-conf.ldif")
"dna-conf.ldif")
def __config_uidgid_gen_first_master(self): def __config_uidgid_gen_first_master(self):
self.__ldap_mod("configuring Posix uid/gid generation as first master", self.__ldap_mod("dna-posix.ldif", self.sub_dict)
"dna-posix.ldif", self.sub_dict)
def __add_master_entry_first_master(self): def __add_master_entry_first_master(self):
self.__ldap_mod("adding master entry as first master", self.__ldap_mod("master-entry.ldif", self.sub_dict)
"master-entry.ldif", self.sub_dict)
def __enable_ssl(self): def __enable_ssl(self):
self.step("configuring ssl for ds instance")
dirname = config_dirname(self.realm_name) dirname = config_dirname(self.realm_name)
ca = certs.CertDB(dirname) ca = certs.CertDB(dirname)
ca.create_self_signed() ca.create_self_signed()
@@ -305,14 +292,12 @@ class DsInstance(service.Service):
conn.unbind() conn.unbind()
def __add_default_layout(self): def __add_default_layout(self):
self.__ldap_mod("adding default layout", self.__ldap_mod("bootstrap-template.ldif", self.sub_dict)
"bootstrap-template.ldif", self.sub_dict)
def __create_indeces(self): def __create_indeces(self):
self.__ldap_mod("creating indeces", "indeces.ldif") self.__ldap_mod("indeces.ldif")
def __certmap_conf(self): def __certmap_conf(self):
self.step("configuring certmap.conf")
shutil.copyfile(ipautil.SHARE_DIR + "certmap.conf.template", shutil.copyfile(ipautil.SHARE_DIR + "certmap.conf.template",
config_dirname(self.realm_name) + "certmap.conf") config_dirname(self.realm_name) + "certmap.conf")

31
ipa-server/ipaserver/httpinstance.py
View File

@@ -57,25 +57,19 @@ class HTTPInstance(service.Service):
self.domain = fqdn[fqdn.find(".")+1:] self.domain = fqdn[fqdn.find(".")+1:]
self.sub_dict = { "REALM" : realm, "FQDN": fqdn, "DOMAIN" : self.domain } self.sub_dict = { "REALM" : realm, "FQDN": fqdn, "DOMAIN" : self.domain }
self.start_creation(7, "Configuring the web interface") self.step("disabling mod_ssl in httpd", self.__disable_mod_ssl)
self.step("Setting mod_nss port to 443", self.__set_mod_nss_port)
self.__disable_mod_ssl() self.step("configuring httpd", self.__configure_http)
self.__set_mod_nss_port() self.step("creating a keytab for httpd", self.__create_http_keytab)
self.__configure_http() self.step("Setting up ssl", self.__setup_ssl)
self.__create_http_keytab() self.step("Setting up browser autoconfig", self.__setup_autoconfig)
self.__setup_ssl() self.step("configuring SELinux for httpd", self.__selinux_config)
self.__setup_autoconfig() self.step("restarting httpd", self.restart)
self.step("configuring httpd to start on boot", self.chkconfig_on)
self.step("restarting httpd") self.start_creation("Configuring the web interface")
self.restart()
self.step("configuring httpd to start on boot")
self.chkconfig_on()
self.done_creation()
def __selinux_config(self): def __selinux_config(self):
self.step("configuring SELinux for httpd")
selinux=0 selinux=0
try: try:
if (os.path.exists('/usr/sbin/selinuxenabled')): if (os.path.exists('/usr/sbin/selinuxenabled')):
@@ -94,7 +88,6 @@ class HTTPInstance(service.Service):
self.print_msg(selinux_warning) self.print_msg(selinux_warning)
def __create_http_keytab(self): def __create_http_keytab(self):
self.step("creating a keytab for httpd")
try: try:
if ipautil.file_exists("/etc/httpd/conf/ipa.keytab"): if ipautil.file_exists("/etc/httpd/conf/ipa.keytab"):
os.remove("/etc/httpd/conf/ipa.keytab") os.remove("/etc/httpd/conf/ipa.keytab")
@@ -122,7 +115,6 @@ class HTTPInstance(service.Service):
os.chown("/etc/httpd/conf/ipa.keytab", pent.pw_uid, pent.pw_gid) os.chown("/etc/httpd/conf/ipa.keytab", pent.pw_uid, pent.pw_gid)
def __configure_http(self): def __configure_http(self):
self.step("configuring httpd")
http_txt = ipautil.template_file(ipautil.SHARE_DIR + "ipa.conf", self.sub_dict) http_txt = ipautil.template_file(ipautil.SHARE_DIR + "ipa.conf", self.sub_dict)
http_fd = open("/etc/httpd/conf.d/ipa.conf", "w") http_fd = open("/etc/httpd/conf.d/ipa.conf", "w")
http_fd.write(http_txt) http_fd.write(http_txt)
@@ -130,17 +122,14 @@ class HTTPInstance(service.Service):
def __disable_mod_ssl(self): def __disable_mod_ssl(self):
self.step("disabling mod_ssl in httpd")
if os.path.exists(SSL_CONF): if os.path.exists(SSL_CONF):
os.rename(SSL_CONF, "%s.moved_by_ipa" % SSL_CONF) os.rename(SSL_CONF, "%s.moved_by_ipa" % SSL_CONF)
def __set_mod_nss_port(self): def __set_mod_nss_port(self):
self.step("Setting mod_nss port to 443")
if installutils.update_file(NSS_CONF, '8443', '443') != 0: if installutils.update_file(NSS_CONF, '8443', '443') != 0:
print "Updating %s failed." % NSS_CONF print "Updating %s failed." % NSS_CONF
def __setup_ssl(self): def __setup_ssl(self):
self.step("Setting up ssl")
ds_ca = certs.CertDB(dsinstance.config_dirname(self.realm)) ds_ca = certs.CertDB(dsinstance.config_dirname(self.realm))
ca = certs.CertDB(NSS_DIR) ca = certs.CertDB(NSS_DIR)
ds_ca.cur_serial = 2000 ds_ca.cur_serial = 2000

86
ipa-server/ipaserver/krbinstance.py
View File

@@ -114,58 +114,42 @@ class KrbInstance(service.Service):
pass pass
def __common_post_setup(self): def __common_post_setup(self):
try: self.step("starting the KDC", self.__start_instance)
self.step("starting the KDC") self.step("configuring KDC to start on boot", self.chkconfig_on)
self.start() self.step("enabling and starting ipa-kpasswd", self.__enable_kpasswd)
except:
logging.critical("krb5kdc service failed to start")
self.step("configuring KDC to start on boot")
self.chkconfig_on()
self.step("configuring ipa-kpasswd to start on boot")
service.chkconfig_on("ipa-kpasswd")
self.step("starting ipa-kpasswd")
service.start("ipa-kpasswd")
def create_instance(self, ds_user, realm_name, host_name, admin_password, master_password): def create_instance(self, ds_user, realm_name, host_name, admin_password, master_password):
self.master_password = master_password self.master_password = master_password
self.__common_setup(ds_user, realm_name, host_name, admin_password) self.__common_setup(ds_user, realm_name, host_name, admin_password)
self.start_creation(12, "Configuring Kerberos KDC") self.step("setting KDC account password", self.__configure_kdc_account_password)
self.step("adding sasl mappings to the directory", self.__configure_sasl_mappings)
self.__configure_kdc_account_password() self.step("adding kerberos entries to the DS", self.__add_krb_entries)
self.__configure_sasl_mappings() self.step("adding defalt ACIs", self.__add_default_acis)
self.__add_krb_entries() self.step("configuring KDC", self.__create_instance)
self.__create_instance() self.step("creating a keytab for the directory", self.__create_ds_keytab)
self.__create_ds_keytab() self.step("exporting the kadmin keytab", self.__export_kadmin_changepw_keytab)
self.__export_kadmin_changepw_keytab() self.step("adding the password extenstion to the directory", self.__add_pwd_extop_module)
self.__add_pwd_extop_module()
self.__common_post_setup() self.__common_post_setup()
self.done_creation() self.start_creation("Configuring Kerberos KDC")
def create_replica(self, ds_user, realm_name, host_name, admin_password, ldap_passwd_filename): def create_replica(self, ds_user, realm_name, host_name, admin_password, ldap_passwd_filename):
self.__copy_ldap_passwd(ldap_passwd_filename)
self.__common_setup(ds_user, realm_name, host_name, admin_password) self.__common_setup(ds_user, realm_name, host_name, admin_password)
self.start_creation(9, "Configuring Kerberos KDC") self.step("adding sasl mappings to the directory", self.__configure_sasl_mappings)
self.__copy_ldap_passwd(ldap_passwd_filename) self.step("writing stash file from DS", self.__write_stash_from_ds)
self.__configure_sasl_mappings() self.step("configuring KDC", self.__create_replica_instance)
self.__write_stash_from_ds() self.step("creating a keytab for the directory", self.__create_ds_keytab)
self.__create_instance(replica=True) self.step("exporting the kadmin keytab", self.__export_kadmin_changepw_keytab)
self.__create_ds_keytab()
self.__export_kadmin_changepw_keytab()
self.__common_post_setup() self.__common_post_setup()
self.done_creation() self.start_creation("Configuring Kerberos KDC")
def __copy_ldap_passwd(self, filename): def __copy_ldap_passwd(self, filename):
shutil.copy(filename, "/var/kerberos/krb5kdc/ldappwd") shutil.copy(filename, "/var/kerberos/krb5kdc/ldappwd")
@@ -173,7 +157,6 @@ class KrbInstance(service.Service):
def __configure_kdc_account_password(self): def __configure_kdc_account_password(self):
self.step("setting KDC account password")
hexpwd = '' hexpwd = ''
for x in self.kdc_password: for x in self.kdc_password:
hexpwd += (hex(ord(x))[2:]) hexpwd += (hex(ord(x))[2:])
@@ -182,6 +165,16 @@ class KrbInstance(service.Service):
pwd_fd.close() pwd_fd.close()
os.chmod("/var/kerberos/krb5kdc/ldappwd", 0600) os.chmod("/var/kerberos/krb5kdc/ldappwd", 0600)
def __start_instance(self):
try:
self.start()
except:
logging.critical("krb5kdc service failed to start")
def __enable_kpasswd(self):
service.chkconfig_on("ipa-kpasswd")
service.start("ipa-kpasswd")
def __setup_sub_dict(self): def __setup_sub_dict(self):
self.sub_dict = dict(FQDN=self.fqdn, self.sub_dict = dict(FQDN=self.fqdn,
IP=self.ip, IP=self.ip,
@@ -191,9 +184,7 @@ class KrbInstance(service.Service):
HOST=self.host, HOST=self.host,
REALM=self.realm) REALM=self.realm)
def __ldap_mod(self, step, ldif): def __ldap_mod(self, ldif):
self.step(step)
txt = ipautil.template_file(ipautil.SHARE_DIR + ldif, self.sub_dict) txt = ipautil.template_file(ipautil.SHARE_DIR + ldif, self.sub_dict)
fd = ipautil.write_tmp_file(txt) fd = ipautil.write_tmp_file(txt)
@@ -208,7 +199,6 @@ class KrbInstance(service.Service):
fd.close() fd.close()
def __configure_sasl_mappings(self): def __configure_sasl_mappings(self):
self.step("adding sasl mappings to the directory")
# we need to remove any existing SASL mappings in the directory as otherwise they # we need to remove any existing SASL mappings in the directory as otherwise they
# they may conflict. There is no way to define the order they are used in atm. # they may conflict. There is no way to define the order they are used in atm.
@@ -258,13 +248,16 @@ class KrbInstance(service.Service):
raise e raise e
def __add_krb_entries(self): def __add_krb_entries(self):
self.__ldap_mod("adding kerberos entries to the DS", "kerberos.ldif") self.__ldap_mod("kerberos.ldif")
def __add_default_acis(self):
#Change the default ACL to avoid anonimous access to kerberos keys and othe hashes #Change the default ACL to avoid anonimous access to kerberos keys and othe hashes
self.__ldap_mod("adding defalt ACIs", "default-aci.ldif") self.__ldap_mod("default-aci.ldif")
def __create_replica_instance(self):
self.__create_instance(replace=True)
def __create_instance(self, replica=False): def __create_instance(self, replica=False):
self.step("configuring KDC")
kdc_conf = ipautil.template_file(ipautil.SHARE_DIR+"kdc.conf.template", self.sub_dict) kdc_conf = ipautil.template_file(ipautil.SHARE_DIR+"kdc.conf.template", self.sub_dict)
kdc_fd = open("/var/kerberos/krb5kdc/kdc.conf", "w+") kdc_fd = open("/var/kerberos/krb5kdc/kdc.conf", "w+")
kdc_fd.write(kdc_conf) kdc_fd.write(kdc_conf)
@@ -300,7 +293,6 @@ class KrbInstance(service.Service):
print "Failed to populate the realm structure in kerberos", e print "Failed to populate the realm structure in kerberos", e
def __write_stash_from_ds(self): def __write_stash_from_ds(self):
self.step("writing stash file from DS")
try: try:
entry = self.conn.getEntry("cn=%s, cn=kerberos, %s" % (self.realm, self.suffix), ldap.SCOPE_SUBTREE) entry = self.conn.getEntry("cn=%s, cn=kerberos, %s" % (self.realm, self.suffix), ldap.SCOPE_SUBTREE)
except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND), e: except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND), e:
@@ -322,7 +314,7 @@ class KrbInstance(service.Service):
#add the password extop module #add the password extop module
def __add_pwd_extop_module(self): def __add_pwd_extop_module(self):
self.__ldap_mod("adding the password extenstion to the directory", "pwd-extop-conf.ldif") self.__ldap_mod("pwd-extop-conf.ldif")
#get the Master Key from the stash file #get the Master Key from the stash file
try: try:
@@ -351,7 +343,6 @@ class KrbInstance(service.Service):
raise e raise e
def __create_ds_keytab(self): def __create_ds_keytab(self):
self.step("creating a keytab for the directory")
try: try:
if ipautil.file_exists("/etc/dirsrv/ds.keytab"): if ipautil.file_exists("/etc/dirsrv/ds.keytab"):
os.remove("/etc/dirsrv/ds.keytab") os.remove("/etc/dirsrv/ds.keytab")
@@ -380,7 +371,6 @@ class KrbInstance(service.Service):
os.chown("/etc/dirsrv/ds.keytab", pent.pw_uid, pent.pw_gid) os.chown("/etc/dirsrv/ds.keytab", pent.pw_uid, pent.pw_gid)
def __export_kadmin_changepw_keytab(self): def __export_kadmin_changepw_keytab(self):
self.step("exporting the kadmin keytab")
try: try:
if ipautil.file_exists("/var/kerberos/krb5kdc/kpasswd.keytab"): if ipautil.file_exists("/var/kerberos/krb5kdc/kpasswd.keytab"):
os.remove("/var/kerberos/krb5kdc/kpasswd.keytab") os.remove("/var/kerberos/krb5kdc/kpasswd.keytab")

17
ipa-server/ipaserver/ntpinstance.py
View File

@@ -25,11 +25,8 @@ from ipa import ipautil
class NTPInstance(service.Service): class NTPInstance(service.Service):
def __init__(self): def __init__(self):
service.Service.__init__(self, "ntpd") service.Service.__init__(self, "ntpd")
def create_instance(self):
self.start_creation(3, "Configuring ntpd")
self.step("writing configuration") def __write_config(self):
# The template sets the config to point towards ntp.pool.org, but # The template sets the config to point towards ntp.pool.org, but
# they request that software not point towards the default pool. # they request that software not point towards the default pool.
# We use the OS variable to point it towards either the rhel # We use the OS variable to point it towards either the rhel
@@ -54,11 +51,13 @@ class NTPInstance(service.Service):
fd.write(ntp_conf) fd.write(ntp_conf)
fd.close() fd.close()
def create_instance(self):
self.step("writing configuration", self.__write_config)
# we might consider setting the date manually using ntpd -qg in case # we might consider setting the date manually using ntpd -qg in case
# the current time is very far off. # the current time is very far off.
self.step("starting ntpd") self.step("starting ntpd", self.start)
self.start() self.step("configuring ntpd to start on boot", self.chkconfig_on)
self.step("configuring ntpd to start on boot") self.start_creation("Configuring ntpd")
self.chkconfig_on()

26
ipa-server/ipaserver/service.py
View File

@@ -45,8 +45,7 @@ def print_msg(message, output_fd=sys.stdout):
class Service: class Service:
def __init__(self, service_name): def __init__(self, service_name):
self.service_name = service_name self.service_name = service_name
self.num_steps = -1 self.steps = []
self.current_step = -1
self.output_fd = sys.stdout self.output_fd = sys.stdout
def set_output(self, fd): def set_output(self, fd):
@@ -69,18 +68,19 @@ class Service:
def print_msg(self, message): def print_msg(self, message):
print_msg(message, self.output_fd) print_msg(message, self.output_fd)
def start_creation(self, num_steps, message): def step(self, message, method):
self.num_steps = num_steps self.steps.append((message, method))
self.cur_step = 0
def start_creation(self, message):
self.print_msg(message) self.print_msg(message)
def step(self, message): step = 0
self.cur_step += 1 for (message, method) in self.steps:
self.print_msg(" [%d/%d]: %s" % (self.cur_step, self.num_steps, message)) self.print_msg(" [%d/%d]: %s" % (step, len(self.steps), message))
method()
def done_creation(self): step += 1
self.cur_step = -1
self.num_steps = -1
self.print_msg("done configuring %s." % self.service_name) self.print_msg("done configuring %s." % self.service_name)
self.steps = []

14
ipa-server/ipaserver/webguiinstance.py
View File

@@ -24,14 +24,6 @@ class WebGuiInstance(service.Service):
service.Service.__init__(self, "ipa-webgui") service.Service.__init__(self, "ipa-webgui")
def create_instance(self): def create_instance(self):
self.start_creation(2, "Configuring ipa-webgui") self.step("starting ipa-webgui", self.start)
self.step("configuring ipa-webgui to start on boot", self.chkconfig_on)
self.step("starting ipa-webgui") self.start_creation("Configuring ipa-webgui")
service.start("ipa-webgui")
self.step("configuring ipa-webgui to start on boot")
service.chkconfig_on("ipa-webgui")
self.done_creation()