mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-25 08:21:05 -06:00
point the users to PKI-related logs when CA configuration fails
This patch adds an error handler which prints out the paths to logs related to configuration and installation of Dogtag/CA in the case of failure. https://fedorahosted.org/freeipa/ticket/4900 Reviewed-By: Martin Basti <mbasti@redhat.com> Reviewed-By: Jan Cholasta <jcholast@redhat.com>
This commit is contained in:
parent
f19f3e5741
commit
a1f91247cc
@ -55,7 +55,9 @@ class Dogtag10Constants(object):
|
|||||||
DESTROY_BINARY = paths.PKIDESTROY
|
DESTROY_BINARY = paths.PKIDESTROY
|
||||||
|
|
||||||
SERVER_ROOT = paths.VAR_LIB_PKI_DIR
|
SERVER_ROOT = paths.VAR_LIB_PKI_DIR
|
||||||
|
PKI_INSTALL_LOG = paths.PKI_CA_INSTALL_LOG
|
||||||
PKI_INSTANCE_NAME = 'pki-tomcat'
|
PKI_INSTANCE_NAME = 'pki-tomcat'
|
||||||
|
PKI_LOG_TOP_LEVEL = os.path.join(paths.VAR_LOG_PKI_DIR, PKI_INSTANCE_NAME)
|
||||||
PKI_ROOT = '%s/%s' % (SERVER_ROOT, PKI_INSTANCE_NAME)
|
PKI_ROOT = '%s/%s' % (SERVER_ROOT, PKI_INSTANCE_NAME)
|
||||||
CRL_PUBLISH_PATH = paths.PKI_CA_PUBLISH_DIR
|
CRL_PUBLISH_PATH = paths.PKI_CA_PUBLISH_DIR
|
||||||
CS_CFG_PATH = '%s/conf/ca/CS.cfg' % PKI_ROOT
|
CS_CFG_PATH = '%s/conf/ca/CS.cfg' % PKI_ROOT
|
||||||
@ -89,7 +91,9 @@ class Dogtag9Constants(object):
|
|||||||
DESTROY_BINARY = paths.PKISILENT
|
DESTROY_BINARY = paths.PKISILENT
|
||||||
|
|
||||||
SERVER_ROOT = paths.VAR_LIB
|
SERVER_ROOT = paths.VAR_LIB
|
||||||
|
PKI_INSTALL_LOG = paths.PKI_CA_INSTALL_LOG
|
||||||
PKI_INSTANCE_NAME = 'pki-ca'
|
PKI_INSTANCE_NAME = 'pki-ca'
|
||||||
|
PKI_LOG_TOP_LEVEL = paths.PKI_CA_LOG_DIR
|
||||||
PKI_ROOT = '%s/%s' % (SERVER_ROOT, PKI_INSTANCE_NAME)
|
PKI_ROOT = '%s/%s' % (SERVER_ROOT, PKI_INSTANCE_NAME)
|
||||||
CRL_PUBLISH_PATH = paths.PKI_CA_PUBLISH_DIR
|
CRL_PUBLISH_PATH = paths.PKI_CA_PUBLISH_DIR
|
||||||
CS_CFG_PATH = '%s/conf/CS.cfg' % PKI_ROOT
|
CS_CFG_PATH = '%s/conf/CS.cfg' % PKI_ROOT
|
||||||
|
@ -754,8 +754,7 @@ class CAInstance(DogtagInstance):
|
|||||||
|
|
||||||
ipautil.run(args, env={'PKI_HOSTNAME':self.fqdn}, nolog=nolog)
|
ipautil.run(args, env={'PKI_HOSTNAME':self.fqdn}, nolog=nolog)
|
||||||
except ipautil.CalledProcessError, e:
|
except ipautil.CalledProcessError, e:
|
||||||
self.log.critical("failed to configure ca instance %s", e)
|
self.handle_setup_error(e)
|
||||||
raise RuntimeError('Configuration of CA failed')
|
|
||||||
|
|
||||||
if self.external == 1:
|
if self.external == 1:
|
||||||
print "The next step is to get %s signed by your CA and re-run %s as:" % (self.csr_file, sys.argv[0])
|
print "The next step is to get %s signed by your CA and re-run %s as:" % (self.csr_file, sys.argv[0])
|
||||||
|
@ -176,9 +176,7 @@ class DogtagInstance(service.Service):
|
|||||||
try:
|
try:
|
||||||
ipautil.run(args, nolog=nolog)
|
ipautil.run(args, nolog=nolog)
|
||||||
except ipautil.CalledProcessError, e:
|
except ipautil.CalledProcessError, e:
|
||||||
self.log.critical("failed to configure %s instance %s",
|
self.handle_setup_error(e)
|
||||||
subsystem, e)
|
|
||||||
raise RuntimeError('Configuration of %s failed' % subsystem)
|
|
||||||
|
|
||||||
def enable(self):
|
def enable(self):
|
||||||
self.backup_state("enabled", self.is_enabled())
|
self.backup_state("enabled", self.is_enabled())
|
||||||
@ -438,3 +436,16 @@ class DogtagInstance(service.Service):
|
|||||||
conn.unbind()
|
conn.unbind()
|
||||||
|
|
||||||
return base64.b64encode(admin_cert)
|
return base64.b64encode(admin_cert)
|
||||||
|
|
||||||
|
def handle_setup_error(self, e):
|
||||||
|
self.log.critical("Failed to configure %s instance: %s"
|
||||||
|
% (self.subsystem, e))
|
||||||
|
self.log.critical("See the installation logs and the following "
|
||||||
|
"files/directories for more information:")
|
||||||
|
logs = [self.dogtag_constants.PKI_INSTALL_LOG,
|
||||||
|
self.dogtag_constants.PKI_LOG_TOP_LEVEL]
|
||||||
|
|
||||||
|
for log in logs:
|
||||||
|
self.log.critical(" %s" % log)
|
||||||
|
|
||||||
|
raise RuntimeError("%s configuration failed." % self.subsystem)
|
||||||
|
Loading…
Reference in New Issue
Block a user