From a1f91247ccf69a60d1e18942e6697f45b951fe4b Mon Sep 17 00:00:00 2001 From: Martin Babinsky Date: Mon, 20 Apr 2015 12:34:38 +0200 Subject: [PATCH] point the users to PKI-related logs when CA configuration fails This patch adds an error handler which prints out the paths to logs related to configuration and installation of Dogtag/CA in the case of failure. https://fedorahosted.org/freeipa/ticket/4900 Reviewed-By: Martin Basti Reviewed-By: Jan Cholasta --- ipapython/dogtag.py | 4 ++++ ipaserver/install/cainstance.py | 3 +-- ipaserver/install/dogtaginstance.py | 17 ++++++++++++++--- 3 files changed, 19 insertions(+), 5 deletions(-) diff --git a/ipapython/dogtag.py b/ipapython/dogtag.py index 3d70bccfc..c74b8736a 100644 --- a/ipapython/dogtag.py +++ b/ipapython/dogtag.py @@ -55,7 +55,9 @@ class Dogtag10Constants(object): DESTROY_BINARY = paths.PKIDESTROY SERVER_ROOT = paths.VAR_LIB_PKI_DIR + PKI_INSTALL_LOG = paths.PKI_CA_INSTALL_LOG PKI_INSTANCE_NAME = 'pki-tomcat' + PKI_LOG_TOP_LEVEL = os.path.join(paths.VAR_LOG_PKI_DIR, PKI_INSTANCE_NAME) PKI_ROOT = '%s/%s' % (SERVER_ROOT, PKI_INSTANCE_NAME) CRL_PUBLISH_PATH = paths.PKI_CA_PUBLISH_DIR CS_CFG_PATH = '%s/conf/ca/CS.cfg' % PKI_ROOT @@ -89,7 +91,9 @@ class Dogtag9Constants(object): DESTROY_BINARY = paths.PKISILENT SERVER_ROOT = paths.VAR_LIB + PKI_INSTALL_LOG = paths.PKI_CA_INSTALL_LOG PKI_INSTANCE_NAME = 'pki-ca' + PKI_LOG_TOP_LEVEL = paths.PKI_CA_LOG_DIR PKI_ROOT = '%s/%s' % (SERVER_ROOT, PKI_INSTANCE_NAME) CRL_PUBLISH_PATH = paths.PKI_CA_PUBLISH_DIR CS_CFG_PATH = '%s/conf/CS.cfg' % PKI_ROOT diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py index 59a6b5f21..8ccfd1a82 100644 --- a/ipaserver/install/cainstance.py +++ b/ipaserver/install/cainstance.py @@ -754,8 +754,7 @@ class CAInstance(DogtagInstance): ipautil.run(args, env={'PKI_HOSTNAME':self.fqdn}, nolog=nolog) except ipautil.CalledProcessError, e: - self.log.critical("failed to configure ca instance %s", e) - raise RuntimeError('Configuration of CA failed') + self.handle_setup_error(e) if self.external == 1: print "The next step is to get %s signed by your CA and re-run %s as:" % (self.csr_file, sys.argv[0]) diff --git a/ipaserver/install/dogtaginstance.py b/ipaserver/install/dogtaginstance.py index 83ce0ca50..98929b864 100644 --- a/ipaserver/install/dogtaginstance.py +++ b/ipaserver/install/dogtaginstance.py @@ -176,9 +176,7 @@ class DogtagInstance(service.Service): try: ipautil.run(args, nolog=nolog) except ipautil.CalledProcessError, e: - self.log.critical("failed to configure %s instance %s", - subsystem, e) - raise RuntimeError('Configuration of %s failed' % subsystem) + self.handle_setup_error(e) def enable(self): self.backup_state("enabled", self.is_enabled()) @@ -438,3 +436,16 @@ class DogtagInstance(service.Service): conn.unbind() return base64.b64encode(admin_cert) + + def handle_setup_error(self, e): + self.log.critical("Failed to configure %s instance: %s" + % (self.subsystem, e)) + self.log.critical("See the installation logs and the following " + "files/directories for more information:") + logs = [self.dogtag_constants.PKI_INSTALL_LOG, + self.dogtag_constants.PKI_LOG_TOP_LEVEL] + + for log in logs: + self.log.critical(" %s" % log) + + raise RuntimeError("%s configuration failed." % self.subsystem)