point the users to PKI-related logs when CA configuration fails

This patch adds an error handler which prints out the paths to logs related to
configuration and installation of Dogtag/CA in the case of failure.

https://fedorahosted.org/freeipa/ticket/4900

Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
This commit is contained in:
Martin Babinsky 2015-04-20 12:34:38 +02:00 committed by Jan Cholasta
parent f19f3e5741
commit a1f91247cc
3 changed files with 19 additions and 5 deletions

View File

@ -55,7 +55,9 @@ class Dogtag10Constants(object):
DESTROY_BINARY = paths.PKIDESTROY DESTROY_BINARY = paths.PKIDESTROY
SERVER_ROOT = paths.VAR_LIB_PKI_DIR SERVER_ROOT = paths.VAR_LIB_PKI_DIR
PKI_INSTALL_LOG = paths.PKI_CA_INSTALL_LOG
PKI_INSTANCE_NAME = 'pki-tomcat' PKI_INSTANCE_NAME = 'pki-tomcat'
PKI_LOG_TOP_LEVEL = os.path.join(paths.VAR_LOG_PKI_DIR, PKI_INSTANCE_NAME)
PKI_ROOT = '%s/%s' % (SERVER_ROOT, PKI_INSTANCE_NAME) PKI_ROOT = '%s/%s' % (SERVER_ROOT, PKI_INSTANCE_NAME)
CRL_PUBLISH_PATH = paths.PKI_CA_PUBLISH_DIR CRL_PUBLISH_PATH = paths.PKI_CA_PUBLISH_DIR
CS_CFG_PATH = '%s/conf/ca/CS.cfg' % PKI_ROOT CS_CFG_PATH = '%s/conf/ca/CS.cfg' % PKI_ROOT
@ -89,7 +91,9 @@ class Dogtag9Constants(object):
DESTROY_BINARY = paths.PKISILENT DESTROY_BINARY = paths.PKISILENT
SERVER_ROOT = paths.VAR_LIB SERVER_ROOT = paths.VAR_LIB
PKI_INSTALL_LOG = paths.PKI_CA_INSTALL_LOG
PKI_INSTANCE_NAME = 'pki-ca' PKI_INSTANCE_NAME = 'pki-ca'
PKI_LOG_TOP_LEVEL = paths.PKI_CA_LOG_DIR
PKI_ROOT = '%s/%s' % (SERVER_ROOT, PKI_INSTANCE_NAME) PKI_ROOT = '%s/%s' % (SERVER_ROOT, PKI_INSTANCE_NAME)
CRL_PUBLISH_PATH = paths.PKI_CA_PUBLISH_DIR CRL_PUBLISH_PATH = paths.PKI_CA_PUBLISH_DIR
CS_CFG_PATH = '%s/conf/CS.cfg' % PKI_ROOT CS_CFG_PATH = '%s/conf/CS.cfg' % PKI_ROOT

View File

@ -754,8 +754,7 @@ class CAInstance(DogtagInstance):
ipautil.run(args, env={'PKI_HOSTNAME':self.fqdn}, nolog=nolog) ipautil.run(args, env={'PKI_HOSTNAME':self.fqdn}, nolog=nolog)
except ipautil.CalledProcessError, e: except ipautil.CalledProcessError, e:
self.log.critical("failed to configure ca instance %s", e) self.handle_setup_error(e)
raise RuntimeError('Configuration of CA failed')
if self.external == 1: if self.external == 1:
print "The next step is to get %s signed by your CA and re-run %s as:" % (self.csr_file, sys.argv[0]) print "The next step is to get %s signed by your CA and re-run %s as:" % (self.csr_file, sys.argv[0])

View File

@ -176,9 +176,7 @@ class DogtagInstance(service.Service):
try: try:
ipautil.run(args, nolog=nolog) ipautil.run(args, nolog=nolog)
except ipautil.CalledProcessError, e: except ipautil.CalledProcessError, e:
self.log.critical("failed to configure %s instance %s", self.handle_setup_error(e)
subsystem, e)
raise RuntimeError('Configuration of %s failed' % subsystem)
def enable(self): def enable(self):
self.backup_state("enabled", self.is_enabled()) self.backup_state("enabled", self.is_enabled())
@ -438,3 +436,16 @@ class DogtagInstance(service.Service):
conn.unbind() conn.unbind()
return base64.b64encode(admin_cert) return base64.b64encode(admin_cert)
def handle_setup_error(self, e):
self.log.critical("Failed to configure %s instance: %s"
% (self.subsystem, e))
self.log.critical("See the installation logs and the following "
"files/directories for more information:")
logs = [self.dogtag_constants.PKI_INSTALL_LOG,
self.dogtag_constants.PKI_LOG_TOP_LEVEL]
for log in logs:
self.log.critical(" %s" % log)
raise RuntimeError("%s configuration failed." % self.subsystem)