ipaplatform: Change platform dependant code in freeipa to use ipaplatform tasks

https://fedorahosted.org/freeipa/ticket/4052

Reviewed-By: Petr Viktorin <pviktori@redhat.com>

install/tools/ipa-replica-install

@@ -51,6 +51,7 @@ from ipapython.ipa_log_manager import *
 from ipapython import dogtag
 from ipapython.dn import DN
 import ipaclient.ntpconf
+from ipaplatform import tasks
 
 log_file_name = "/var/log/ipareplica-install.log"
 REPLICA_INFO_TOP_DIR = None
@@ -447,7 +448,7 @@ def check_dns_resolution(host_name, dns_servers):
 
 
 def main():
-    ipaservices.check_selinux_status()
+    tasks.check_selinux_status()
     safe_options, options, filename = parse_options()
 
     if os.geteuid() != 0:

install/tools/ipa-server-install

@@ -78,6 +78,7 @@ from ipapython.ipa_log_manager import *
 from ipapython.dn import DN
 
 import ipaclient.ntpconf
+from ipaplatform import tasks
 
 uninstalling = False
 installation_cleanup = True
@@ -505,7 +506,7 @@ def uninstall():
         adtrustinstance.ADTRUSTInstance(fstore).uninstall()
     memcacheinstance.MemcacheInstance().uninstall()
     otpdinstance.OtpdInstance().uninstall()
-    ipaservices.restore_network_configuration(fstore, sstore)
+    tasks.restore_network_configuration(fstore, sstore)
     fstore.restore_all_files()
     try:
         os.remove(ANSWER_CACHE)
@@ -580,7 +581,7 @@ def main():
     if os.getegid() != 0:
         sys.exit("Must be root to set up server")
 
-    ipaservices.check_selinux_status()
+    tasks.check_selinux_status()
 
     signal.signal(signal.SIGTERM, signal_handler)
     signal.signal(signal.SIGINT, signal_handler)
@@ -1036,7 +1037,7 @@ def main():
         root_logger.debug("Chosen hostname (%s) differs from system hostname (%s) - change it" \
                       % (host_name, system_hostname))
         # configure /etc/sysconfig/network to contain the custom hostname
-        ipaservices.backup_and_replace_hostname(fstore, sstore, host_name)
+        tasks.backup_and_replace_hostname(fstore, sstore, host_name)
 
     # Create DS group if it doesn't exist yet
     dsinstance.create_ds_group()
@@ -1156,7 +1157,7 @@ def main():
         http.create_instance(
             realm_name, host_name, domain_name, dm_password,
             subject_base=options.subject, auto_redirect=options.ui_redirect)
-    ipaservices.restore_context("/var/cache/ipa/sessions")
+    tasks.restore_context("/var/cache/ipa/sessions")
 
     set_subject_in_config(realm_name, dm_password, ipautil.realm_to_suffix(realm_name), options.subject)
 

install/tools/ipa-upgradeconfig

@@ -35,7 +35,9 @@ from ipalib import api
 import SSSDConfig
 import ipalib.util
 import ipalib.errors
-from ipapython import ipautil, sysrestore, version, services
+from ipaplatform import services
+from ipaplatform import tasks
+from ipapython import ipautil, sysrestore, version
 from ipapython.config import IPAOptionParser
 from ipapython.ipa_log_manager import *
 from ipapython import certmonger
@@ -718,7 +720,7 @@ def copy_crl_file(old_path, new_path=None):
         pent = pwd.getpwnam(cainstance.PKI_USER)
         os.chown(new_path, pent.pw_uid, pent.pw_gid)
 
-    services.restore_context(new_path)
+    tasks.restore_context(new_path)
 
 def migrate_crl_publish_dir(ca):
     """

install/tools/ipactl

@@ -32,6 +32,7 @@ from ipapython.ipaldap import IPAdmin
 from ipapython.ipautil import wait_for_open_ports, wait_for_open_socket
 from ipapython import services as ipaservices
 from ipapython import config, dogtag
+from ipaplatform import tasks
 from ipapython.dn import DN
 
 class IpactlError(ScriptError):
@@ -171,7 +172,7 @@ def get_config_from_file():
     svc_list = []
 
     try:
-        f = open(ipaservices.get_svc_list_file(), 'r')
+        f = open(tasks.get_svc_list_file(), 'r')
         svc_list = json.load(f)
     except Exception, e:
         raise IpactlError("Unknown error when retrieving list of services from file: " + str(e))
@@ -211,7 +212,7 @@ def stop_dirsrv(dirsrv):
 
 def ipa_start(options):
 
-    if os.path.isfile(ipaservices.get_svc_list_file()):
+    if os.path.isfile(tasks.get_svc_list_file()):
         emit_err("Existing service file detected!")
         emit_err("Assuming stale, cleaning and proceeding")
         # remove file with list of started services
@@ -429,7 +430,7 @@ def ipa_status(options):
         else:
             svc_list = get_config_from_file()
     except IpactlError, e:
-        if os.path.exists(ipaservices.get_svc_list_file()):
+        if os.path.exists(tasks.get_svc_list_file()):
             raise e
         else:
             svc_list = []

ipa-client/ipa-install/ipa-client-automount

@@ -38,6 +38,7 @@ from ipaclient import ipachangeconf
 from ipapython.ipa_log_manager import *
 from ipapython.dn import DN
 from ipapython import services as ipaservices
+from ipaplatform import tasks
 
 AUTOFS_CONF = '/etc/sysconfig/autofs'
 NSSWITCH_CONF = '/etc/nsswitch.conf'
@@ -220,7 +221,7 @@ def configure_autofs(fstore, statestore, autodiscover, server, options):
 
     ipautil.backup_config_and_replace_variables(fstore,
         AUTOFS_CONF, replacevars=replacevars)
-    ipaservices.restore_context(AUTOFS_CONF)
+    tasks.restore_context(AUTOFS_CONF)
     statestore.backup_state('autofs', 'sssd', False)
 
     print "Configured %s" % AUTOFS_CONF
@@ -313,7 +314,7 @@ def configure_nfs(fstore, statestore):
     }
     ipautil.backup_config_and_replace_variables(fstore,
         NFS_CONF, replacevars=replacevars)
-    ipaservices.restore_context(NFS_CONF)
+    tasks.restore_context(NFS_CONF)
 
     print "Configured %s" % NFS_CONF
 
@@ -322,7 +323,7 @@ def configure_nfs(fstore, statestore):
     }
     ipautil.backup_config_and_replace_variables(fstore,
         IDMAPD_CONF, replacevars=replacevars)
-    ipaservices.restore_context(IDMAPD_CONF)
+    tasks.restore_context(IDMAPD_CONF)
 
     print "Configured %s" % IDMAPD_CONF
 

ipa-client/ipa-install/ipa-client-install

@@ -41,6 +41,7 @@ try:
     from ipapython.ipautil import (
         run, user_input, CalledProcessError, file_exists, dir_exists,
         realm_to_suffix)
+    from ipaplatform.tasks import tasks
     from ipapython import ipautil, sysrestore, version, certmonger, ipaldap
     from ipapython import kernel_keyring
     from ipapython.config import IPAOptionParser
@@ -50,7 +51,6 @@ try:
     from ipapython.dn import DN
     from ipapython.ssh import SSHPublicKey
     from ipalib.rpc import delete_persistent_client_session_data
-    from ipaplatform.tasks import tasks
 
 except ImportError:
     print >> sys.stderr, """\
@@ -648,7 +648,7 @@ def uninstall(options, env):
 
     if fstore.has_files():
         root_logger.info("Restoring client configuration files")
-        ipaservices.restore_network_configuration(fstore, statestore)
+        tasks.restore_network_configuration(fstore, statestore)
         fstore.restore_all_files()
 
     ipautil.restore_hostname(statestore)
@@ -740,7 +740,7 @@ def uninstall(options, env):
                             'as it can cause subsequent installation to fail.')
 
     # Remove the CA cert from the systemwide certificate store
-    ipaservices.remove_ca_cert_from_systemwide_ca_store(CACERT)
+    tasks.remove_ca_cert_from_systemwide_ca_store(CACERT)
 
     # Remove the CA cert
     try:
@@ -2319,7 +2319,7 @@ def install(options, env, fstore, statestore):
         # configure /etc/sysconfig/network to contain the hostname we set.
         # skip this step when run by ipa-server-install as it always configures
         # hostname if different from system hostname
-        ipaservices.backup_and_replace_hostname(fstore, statestore, options.hostname)
+        tasks.backup_and_replace_hostname(fstore, statestore, options.hostname)
 
     if not options.on_master:
         # Attempt to sync time with IPA server.
@@ -2540,7 +2540,7 @@ def install(options, env, fstore, statestore):
         root_logger.info("Configured /etc/sssd/sssd.conf")
 
     # Add the CA to the platform-dependant systemwide CA store
-    ipaservices.insert_ca_cert_into_systemwide_ca_store(CACERT)
+    tasks.insert_ca_cert_into_systemwide_ca_store(CACERT)
 
     # Add the CA to the default NSS database and trust it
     try:
@@ -2803,7 +2803,7 @@ def main():
 
     if not os.getegid() == 0:
         sys.exit("\nYou must be root to run ipa-client-install.\n")
-    ipaservices.check_selinux_status()
+    tasks.check_selinux_status()
     logging_setup(options)
     root_logger.debug(
         '%s was invoked with options: %s', sys.argv[0], safe_options)

ipa-client/ipaclient/ntpconf.py

@@ -21,6 +21,7 @@ from ipapython import ipautil
 from ipapython import services as ipaservices
 import shutil
 import os
+from ipaplatform import tasks
 
 ntp_conf = """# Permit time synchronization with our time source, but do not
 # permit the source to query or modify the service on this system.
@@ -110,7 +111,7 @@ def config_ntp(server_fqdn, fstore = None, sysstore = None):
         ns = ipautil.template_str(ntp_step_tickers, sub_dict)
         __backup_config(path_step_tickers, fstore)
         __write_config(path_step_tickers, ns)
-        ipaservices.restore_context(path_step_tickers)
+        tasks.restore_context(path_step_tickers)
 
     if sysstore:
         module = 'ntp'
@@ -120,11 +121,11 @@ def config_ntp(server_fqdn, fstore = None, sysstore = None):
 
     __backup_config(path_ntp_conf, fstore)
     __write_config(path_ntp_conf, nc)
-    ipaservices.restore_context(path_ntp_conf)
+    tasks.restore_context(path_ntp_conf)
 
     __backup_config(path_ntp_sysconfig, fstore)
     __write_config(path_ntp_sysconfig, ntp_sysconfig)
-    ipaservices.restore_context(path_ntp_sysconfig)
+    tasks.restore_context(path_ntp_sysconfig)
 
     # Set the ntpd to start on boot
     ipaservices.knownservices.ntpd.enable()

ipapython/sysrestore.py

@@ -33,6 +33,7 @@ import string
 
 from ipapython import ipautil
 from ipapython import services as ipaservices
+from ipaplatform import tasks
 
 SYSRESTORE_PATH = "/tmp"
 SYSRESTORE_INDEXFILE = "sysrestore.index"
@@ -190,7 +191,7 @@ class FileStore:
         os.chown(path, int(uid), int(gid))
         os.chmod(path, int(mode))
 
-        ipaservices.restore_context(path)
+        tasks.restore_context(path)
 
         del self.files[filename]
         self.save()
@@ -221,7 +222,7 @@ class FileStore:
             os.chown(path, int(uid), int(gid))
             os.chmod(path, int(mode))
 
-            ipaservices.restore_context(path)
+            tasks.restore_context(path)
 
 	#force file to be deleted
         self.files = {}

ipaserver/install/cainstance.py

@@ -51,6 +51,7 @@ import traceback
 from ipapython import ipautil
 from ipapython import services as ipaservices
 from ipapython import ipaldap
+from ipaplatform import tasks
 from ipaserver.install import service
 from ipaserver.install import installutils
 from ipaserver.install import dsinstance
@@ -1115,7 +1116,7 @@ class CAInstance(service.Service):
         pent = pwd.getpwnam(PKI_USER)
         os.chown(publishdir, 0, pent.pw_gid)
 
-        ipaservices.restore_context(publishdir)
+        tasks.restore_context(publishdir)
 
         return publishdir
 

ipaserver/install/dsinstance.py

@@ -40,6 +40,7 @@ from ipaserver.install import ldapupdate
 from ipaserver.install import replication
 from ipaserver.install import sysupgrade
 from ipalib import errors
+from ipaplatform import tasks
 from ipalib.constants import CACERT
 from ipapython.dn import DN
 
@@ -602,7 +603,7 @@ class DsInstance(service.Service):
         replacevars = {'KRB5CCNAME': ccache}
         old_values = ipautil.backup_config_and_replace_variables(
             self.fstore, filepath, replacevars=replacevars)
-        ipaservices.restore_context(filepath)
+        tasks.restore_context(filepath)
 
     def __managed_entries(self):
         self._ldap_mod("managed-entries.ldif", self.sub_dict)

ipaserver/install/httpinstance.py

@@ -35,6 +35,7 @@ from ipapython import dogtag
 from ipapython.ipa_log_manager import *
 from ipaserver.install import sysupgrade
 from ipalib import api
+from ipaplatform import tasks
 from ipalib.constants import CACERT
 
 HTTPD_DIR = "/etc/httpd"
@@ -317,8 +318,8 @@ class HTTPInstance(service.Service):
         os.chown(certs.NSS_DIR + "/pwdfile.txt", 0, pent.pw_gid )
 
         # Fix SELinux permissions on the database
-        ipaservices.restore_context(certs.NSS_DIR + "/cert8.db")
+        tasks.restore_context(certs.NSS_DIR + "/cert8.db")
-        ipaservices.restore_context(certs.NSS_DIR + "/key3.db")
+        tasks.restore_context(certs.NSS_DIR + "/key3.db")
 
     def __setup_autoconfig(self):
         target_fname = '/usr/share/ipa/html/preferences.html'

ipaserver/install/ipa_restore.py

@@ -38,6 +38,7 @@ from ipaserver.install.replication import (wait_for_task, ReplicationManager,
 from ipaserver.install import installutils
 from ipapython import services as ipaservices
 from ipapython import ipaldap
+from ipaplatform import tasks
 from ipaserver.install.ipa_backup import BACKUP_DIR
 
 
@@ -630,7 +631,7 @@ class Restore(admintool.AdminTool):
                 self.log.debug('Creating %s' % dir)
                 os.mkdir(dir, 0770)
                 os.chown(dir, pent.pw_uid, pent.pw_gid)
-                ipaservices.restore_context(dir)
+                tasks.restore_context(dir)
             except Exception, e:
                 # This isn't so fatal as to side-track the restore
                 self.log.error('Problem with %s: %s' % (dir, e))

ipaserver/install/krbinstance.py

@@ -45,6 +45,7 @@ import struct
 
 import certs
 from distutils import version
+from ipaplatform import tasks
 
 def update_key_val_in_file(filename, key, val):
     if os.path.exists(filename):
@@ -370,7 +371,7 @@ class KrbInstance(service.Service):
         ipautil.backup_config_and_replace_variables(self.fstore, "/etc/sysconfig/krb5kdc",
                                                     replacevars=replacevars,
                                                     appendvars=appendvars)
-        ipaservices.restore_context("/etc/sysconfig/krb5kdc")
+        tasks.restore_context("/etc/sysconfig/krb5kdc")
 
     def __write_stash_from_ds(self):
         try: