Move realm_to_serverid/ldap_uri to ipaldap

The helper function realm_to_serverid() and realm_to_ldap_uri() are
useful outside the server installation framework. They are now in
ipapython.ipaldap along other helpers for LDAP handling in FreeIPA.

Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
This commit is contained in:
Christian Heimes
2018-11-29 14:49:43 +01:00
committed by Rob Crittenden
parent dc33be73f8
commit d5d9233b7c
19 changed files with 74 additions and 43 deletions

View File

@@ -30,7 +30,7 @@ from ipaserver.install import service, installutils
from ipaserver.install.dsinstance import config_dirname from ipaserver.install.dsinstance import config_dirname
from ipaserver.install.installutils import is_ipa_configured, ScriptError from ipaserver.install.installutils import is_ipa_configured, ScriptError
from ipalib import api, errors from ipalib import api, errors
from ipapython.ipaldap import LDAPClient from ipapython.ipaldap import LDAPClient, realm_to_serverid
from ipapython.ipautil import wait_for_open_ports, wait_for_open_socket from ipapython.ipautil import wait_for_open_ports, wait_for_open_socket
from ipapython.ipautil import run from ipapython.ipautil import run
from ipapython import config from ipapython import config
@@ -75,7 +75,7 @@ def is_dirsrv_debugging_enabled():
returns True or False returns True or False
""" """
debugging = False debugging = False
serverid = installutils.realm_to_serverid(api.env.realm) serverid = realm_to_serverid(api.env.realm)
dselist = [config_dirname(serverid)] dselist = [config_dirname(serverid)]
for dse in dselist: for dse in dselist:
try: try:

View File

@@ -39,12 +39,14 @@ import ldap
import ldap.sasl import ldap.sasl
import ldap.filter import ldap.filter
from ldap.controls import SimplePagedResultsControl, GetEffectiveRightsControl from ldap.controls import SimplePagedResultsControl, GetEffectiveRightsControl
import ldapurl
import six import six
# pylint: disable=ipa-forbidden-import # pylint: disable=ipa-forbidden-import
from ipalib import errors, x509, _ from ipalib import errors, x509, _
from ipalib.constants import LDAP_GENERALIZED_TIME_FORMAT from ipalib.constants import LDAP_GENERALIZED_TIME_FORMAT
# pylint: enable=ipa-forbidden-import # pylint: enable=ipa-forbidden-import
from ipaplatform.paths import paths
from ipapython.ipautil import format_netloc, CIDict from ipapython.ipautil import format_netloc, CIDict
from ipapython.dn import DN from ipapython.dn import DN
from ipapython.dnsutil import DNSName from ipapython.dnsutil import DNSName
@@ -90,6 +92,18 @@ if six.PY2 and hasattr(ldap, 'LDAPBytesWarning'):
) )
def realm_to_serverid(realm_name):
"""Convert Kerberos realm name to 389-DS server id"""
return "-".join(realm_name.split("."))
def realm_to_ldapi_uri(realm_name):
"""Get ldapi:// URI to 389-DS's Unix socket"""
serverid = realm_to_serverid(realm_name)
socketname = paths.SLAPD_INSTANCE_SOCKET_TEMPLATE % (serverid,)
return 'ldapi://' + ldapurl.ldapUrlEscape(socketname)
def ldap_initialize(uri, cacertfile=None): def ldap_initialize(uri, cacertfile=None):
"""Wrapper around ldap.initialize() """Wrapper around ldap.initialize()

View File

@@ -40,6 +40,7 @@ from ipaserver.install.replication import wait_for_task
from ipalib import errors, api from ipalib import errors, api
from ipalib.util import normalize_zone from ipalib.util import normalize_zone
from ipapython.dn import DN from ipapython.dn import DN
from ipapython import ipaldap
from ipapython import ipautil from ipapython import ipautil
import ipapython.errors import ipapython.errors
@@ -178,7 +179,7 @@ class ADTRUSTInstance(service.Service):
self.suffix = ipautil.realm_to_suffix(self.realm) self.suffix = ipautil.realm_to_suffix(self.realm)
self.ldapi_socket = "%%2fvar%%2frun%%2fslapd-%s.socket" % \ self.ldapi_socket = "%%2fvar%%2frun%%2fslapd-%s.socket" % \
installutils.realm_to_serverid(self.realm) ipaldap.realm_to_serverid(self.realm)
# DN definitions # DN definitions
self.trust_dn = DN(api.env.container_trusts, self.suffix) self.trust_dn = DN(api.env.container_trusts, self.suffix)

View File

@@ -40,6 +40,7 @@ from ipaserver.dns_data_management import (
from ipaserver.install import installutils from ipaserver.install import installutils
from ipaserver.install import service from ipaserver.install import service
from ipaserver.install import sysupgrade from ipaserver.install import sysupgrade
from ipapython import ipaldap
from ipapython import ipautil from ipapython import ipautil
from ipapython import dnsutil from ipapython import dnsutil
from ipapython.dnsutil import DNSName from ipapython.dnsutil import DNSName
@@ -803,7 +804,7 @@ class BindInstance(service.Service):
self.sub_dict = dict( self.sub_dict = dict(
FQDN=self.fqdn, FQDN=self.fqdn,
SERVER_ID=installutils.realm_to_serverid(self.realm), SERVER_ID=ipaldap.realm_to_serverid(self.realm),
SUFFIX=self.suffix, SUFFIX=self.suffix,
BINDKEYS_FILE=paths.NAMED_BINDKEYS_FILE, BINDKEYS_FILE=paths.NAMED_BINDKEYS_FILE,
MANAGED_KEYS_DIR=paths.NAMED_MANAGED_KEYS_DIR, MANAGED_KEYS_DIR=paths.NAMED_MANAGED_KEYS_DIR,

View File

@@ -22,6 +22,7 @@ from ipapython.install import typing
from ipapython.install.core import group, knob, extend_knob from ipapython.install.core import group, knob, extend_knob
from ipaserver.install import cainstance, bindinstance, dsinstance from ipaserver.install import cainstance, bindinstance, dsinstance
from ipapython import ipautil, certdb from ipapython import ipautil, certdb
from ipapython import ipaldap
from ipapython.admintool import ScriptError from ipapython.admintool import ScriptError
from ipaplatform import services from ipaplatform import services
from ipaplatform.paths import paths from ipaplatform.paths import paths
@@ -209,7 +210,7 @@ def install_check(standalone, replica_config, options):
if standalone: if standalone:
dirname = dsinstance.config_dirname( dirname = dsinstance.config_dirname(
installutils.realm_to_serverid(realm_name)) ipaldap.realm_to_serverid(realm_name))
cadb = certs.CertDB(realm_name, nssdir=paths.PKI_TOMCAT_ALIAS_DIR, cadb = certs.CertDB(realm_name, nssdir=paths.PKI_TOMCAT_ALIAS_DIR,
subject_base=options._subject_base) subject_base=options._subject_base)
dsdb = certs.CertDB( dsdb = certs.CertDB(
@@ -343,7 +344,7 @@ def install_step_1(standalone, replica_config, options, custodia):
# #
ca.setup_lightweight_ca_key_retrieval() ca.setup_lightweight_ca_key_retrieval()
serverid = installutils.realm_to_serverid(realm_name) serverid = ipaldap.realm_to_serverid(realm_name)
if standalone and replica_config is None: if standalone and replica_config is None:
dirname = dsinstance.config_dirname(serverid) dirname = dsinstance.config_dirname(serverid)

View File

@@ -12,6 +12,7 @@ from ipaplatform.paths import paths
from ipaplatform.constants import constants from ipaplatform.constants import constants
from ipaserver.install.service import SimpleServiceInstance from ipaserver.install.service import SimpleServiceInstance
from ipapython import ipautil from ipapython import ipautil
from ipapython import ipaldap
from ipapython.certdb import NSSDatabase from ipapython.certdb import NSSDatabase
from ipaserver.install import installutils from ipaserver.install import installutils
from ipaserver.install import ldapupdate from ipaserver.install import ldapupdate
@@ -104,7 +105,7 @@ class CustodiaInstance(SimpleServiceInstance):
@property @property
def ldap_uri(self): def ldap_uri(self):
if self.custodia_peer is None: if self.custodia_peer is None:
return installutils.realm_to_ldapi_uri(self.realm) return ipaldap.realm_to_ldapi_uri(self.realm)
else: else:
return "ldap://{}".format(self.custodia_peer) return "ldap://{}".format(self.custodia_peer)
@@ -117,7 +118,7 @@ class CustodiaInstance(SimpleServiceInstance):
IPA_CUSTODIA_KEYS=paths.IPA_CUSTODIA_KEYS, IPA_CUSTODIA_KEYS=paths.IPA_CUSTODIA_KEYS,
IPA_CUSTODIA_SOCKET=paths.IPA_CUSTODIA_SOCKET, IPA_CUSTODIA_SOCKET=paths.IPA_CUSTODIA_SOCKET,
IPA_CUSTODIA_AUDIT_LOG=paths.IPA_CUSTODIA_AUDIT_LOG, IPA_CUSTODIA_AUDIT_LOG=paths.IPA_CUSTODIA_AUDIT_LOG,
LDAP_URI=installutils.realm_to_ldapi_uri(self.realm), LDAP_URI=ipaldap.realm_to_ldapi_uri(self.realm),
UID=httpd_info.pw_uid, UID=httpd_info.pw_uid,
GID=httpd_info.pw_gid GID=httpd_info.pw_gid
) )

View File

@@ -268,7 +268,7 @@ class DsInstance(service.Service):
idstart, idmax, pkcs12_info, ca_file=None, idstart, idmax, pkcs12_info, ca_file=None,
setup_pkinit=False): setup_pkinit=False):
self.realm = realm_name.upper() self.realm = realm_name.upper()
self.serverid = installutils.realm_to_serverid(self.realm) self.serverid = ipaldap.realm_to_serverid(self.realm)
self.suffix = ipautil.realm_to_suffix(self.realm) self.suffix = ipautil.realm_to_suffix(self.realm)
self.fqdn = fqdn self.fqdn = fqdn
self.dm_password = dm_password self.dm_password = dm_password
@@ -1191,7 +1191,8 @@ class DsInstance(service.Service):
# shutdown the server # shutdown the server
self.stop() self.stop()
dirname = config_dirname(installutils.realm_to_serverid(self.realm)) dirname = config_dirname(
ipaldap.realm_to_serverid(self.realm))
certdb = certs.CertDB( certdb = certs.CertDB(
self.realm, self.realm,
nssdir=dirname, nssdir=dirname,
@@ -1336,7 +1337,7 @@ class DsInstance(service.Service):
def write_certmap_conf(realm, ca_subject): def write_certmap_conf(realm, ca_subject):
"""(Re)write certmap.conf with given CA subject DN.""" """(Re)write certmap.conf with given CA subject DN."""
serverid = installutils.realm_to_serverid(realm) serverid = ipaldap.realm_to_serverid(realm)
ds_dirname = config_dirname(serverid) ds_dirname = config_dirname(serverid)
certmap_filename = os.path.join(ds_dirname, "certmap.conf") certmap_filename = os.path.join(ds_dirname, "certmap.conf")
shutil.copyfile( shutil.copyfile(

View File

@@ -34,6 +34,7 @@ import tempfile
import shutil import shutil
import traceback import traceback
import textwrap import textwrap
import warnings
from contextlib import contextmanager from contextlib import contextmanager
from configparser import ConfigParser as SafeConfigParser from configparser import ConfigParser as SafeConfigParser
from configparser import NoOptionError from configparser import NoOptionError
@@ -41,16 +42,14 @@ from configparser import NoOptionError
from dns import resolver, rdatatype from dns import resolver, rdatatype
from dns.exception import DNSException from dns.exception import DNSException
import ldap import ldap
import ldapurl
import six import six
from ipalib.install import sysrestore from ipalib.install import sysrestore
from ipalib.install.kinit import kinit_password from ipalib.install.kinit import kinit_password
import ipaplatform import ipaplatform
from ipapython import ipautil, admintool, version from ipapython import ipautil, admintool, version, ipaldap
from ipapython.admintool import ScriptError, SERVER_NOT_CONFIGURED # noqa: E402 from ipapython.admintool import ScriptError, SERVER_NOT_CONFIGURED # noqa: E402
from ipapython.certdb import EXTERNAL_CA_TRUST_FLAGS from ipapython.certdb import EXTERNAL_CA_TRUST_FLAGS
from ipapython.ipaldap import DIRMAN_DN, LDAPClient
from ipalib.util import validate_hostname from ipalib.util import validate_hostname
from ipalib import api, errors, x509 from ipalib import api, errors, x509
from ipapython.dn import DN from ipapython.dn import DN
@@ -338,9 +337,9 @@ def validate_dm_password_ldap(password):
Validate DM password by attempting to connect to LDAP. api.env has to Validate DM password by attempting to connect to LDAP. api.env has to
contain valid ldap_uri. contain valid ldap_uri.
""" """
client = LDAPClient(api.env.ldap_uri, cacert=paths.IPA_CA_CRT) client = ipaldap.LDAPClient(api.env.ldap_uri, cacert=paths.IPA_CA_CRT)
try: try:
client.simple_bind(DIRMAN_DN, password) client.simple_bind(ipaldap.DIRMAN_DN, password)
except errors.ACIError: except errors.ACIError:
raise ValueError("Invalid Directory Manager password") raise ValueError("Invalid Directory Manager password")
else: else:
@@ -1106,14 +1105,23 @@ def check_version():
else: else:
raise UpgradeMissingVersionError("no data_version stored") raise UpgradeMissingVersionError("no data_version stored")
def realm_to_serverid(realm_name): def realm_to_serverid(realm_name):
return "-".join(realm_name.split(".")) warnings.warn(
"Use 'ipapython.ipaldap.realm_to_serverid'",
DeprecationWarning,
stacklevel=2
)
return ipaldap.realm_to_serverid(realm_name)
def realm_to_ldapi_uri(realm_name): def realm_to_ldapi_uri(realm_name):
serverid = realm_to_serverid(realm_name) warnings.warn(
socketname = paths.SLAPD_INSTANCE_SOCKET_TEMPLATE % (serverid,) "Use 'ipapython.ipaldap.realm_to_ldapi_uri'",
return 'ldapi://' + ldapurl.ldapUrlEscape(socketname) DeprecationWarning,
stacklevel=2
)
return ipaldap.realm_to_ldapi_uri(realm_name)
def check_creds(options, realm_name): def check_creds(options, realm_name):

View File

@@ -320,7 +320,7 @@ class Backup(admintool.AdminTool):
logger.info('Stopping IPA services') logger.info('Stopping IPA services')
run([paths.IPACTL, 'stop']) run([paths.IPACTL, 'stop'])
instance = installutils.realm_to_serverid(api.env.realm) instance = ipaldap.realm_to_serverid(api.env.realm)
if os.path.exists(paths.VAR_LIB_SLAPD_INSTANCE_DIR_TEMPLATE % if os.path.exists(paths.VAR_LIB_SLAPD_INSTANCE_DIR_TEMPLATE %
instance): instance):
if os.path.exists(paths.SLAPD_INSTANCE_DB_DIR_TEMPLATE % if os.path.exists(paths.SLAPD_INSTANCE_DB_DIR_TEMPLATE %
@@ -364,7 +364,7 @@ class Backup(admintool.AdminTool):
NOTE: this adds some things that may not get backed up. NOTE: this adds some things that may not get backed up.
''' '''
serverid = installutils.realm_to_serverid(api.env.realm) serverid = ipaldap.realm_to_serverid(api.env.realm)
for dir in [paths.ETC_DIRSRV_SLAPD_INSTANCE_TEMPLATE % serverid, for dir in [paths.ETC_DIRSRV_SLAPD_INSTANCE_TEMPLATE % serverid,
paths.VAR_LIB_DIRSRV_INSTANCE_SCRIPTS_TEMPLATE % serverid, paths.VAR_LIB_DIRSRV_INSTANCE_SCRIPTS_TEMPLATE % serverid,

View File

@@ -465,7 +465,7 @@ class Restore(admintool.AdminTool):
''' '''
Create an ldapi connection and bind to it using autobind as root. Create an ldapi connection and bind to it using autobind as root.
''' '''
instance_name = installutils.realm_to_serverid(api.env.realm) instance_name = ipaldap.realm_to_serverid(api.env.realm)
if not services.knownservices.dirsrv.is_running(instance_name): if not services.knownservices.dirsrv.is_running(instance_name):
raise admintool.ScriptError( raise admintool.ScriptError(
@@ -879,7 +879,7 @@ class Restore(admintool.AdminTool):
httpinstance.HTTPInstance().stop_tracking_certificates() httpinstance.HTTPInstance().stop_tracking_certificates()
try: try:
dsinstance.DsInstance().stop_tracking_certificates( dsinstance.DsInstance().stop_tracking_certificates(
installutils.realm_to_serverid(api.env.realm)) ipaldap.realm_to_serverid(api.env.realm))
except (OSError, IOError): except (OSError, IOError):
# When IPA is not installed, DS NSS DB does not exist # When IPA is not installed, DS NSS DB does not exist
pass pass
@@ -910,13 +910,13 @@ class Restore(admintool.AdminTool):
api.bootstrap(in_server=True, context='restore', **overrides) api.bootstrap(in_server=True, context='restore', **overrides)
api.finalize() api.finalize()
self.instances = [installutils.realm_to_serverid(api.env.realm)] self.instances = [ipaldap.realm_to_serverid(api.env.realm)]
self.backends = ['userRoot', 'ipaca'] self.backends = ['userRoot', 'ipaca']
# no IPA config means we are reinstalling from nothing so # no IPA config means we are reinstalling from nothing so
# there is nothing to test the DM password against. # there is nothing to test the DM password against.
if os.path.exists(paths.IPA_DEFAULT_CONF): if os.path.exists(paths.IPA_DEFAULT_CONF):
instance_name = installutils.realm_to_serverid(api.env.realm) instance_name = ipapython.ipaldap.realm_to_serverid(api.env.realm)
if not services.knownservices.dirsrv.is_running(instance_name): if not services.knownservices.dirsrv.is_running(instance_name):
raise admintool.ScriptError( raise admintool.ScriptError(
"directory server instance is not running" "directory server instance is not running"

View File

@@ -30,6 +30,7 @@ from ipaplatform.paths import paths
from ipapython import admintool from ipapython import admintool
from ipapython.certdb import NSSDatabase, get_ca_nickname from ipapython.certdb import NSSDatabase, get_ca_nickname
from ipapython.dn import DN from ipapython.dn import DN
from ipapython import ipaldap
from ipalib import api, errors from ipalib import api, errors
from ipaserver.install import certs, dsinstance, installutils, krbinstance from ipaserver.install import certs, dsinstance, installutils, krbinstance
@@ -125,7 +126,7 @@ class ServerCertInstall(admintool.AdminTool):
api.Backend.ldap2.disconnect() api.Backend.ldap2.disconnect()
def install_dirsrv_cert(self): def install_dirsrv_cert(self):
serverid = installutils.realm_to_serverid(api.env.realm) serverid = ipaldap.realm_to_serverid(api.env.realm)
dirname = dsinstance.config_dirname(serverid) dirname = dsinstance.config_dirname(serverid)
conn = api.Backend.ldap2 conn = api.Backend.ldap2

View File

@@ -263,7 +263,7 @@ class KrbInstance(service.Service):
SUFFIX=self.suffix, SUFFIX=self.suffix,
DOMAIN=self.domain, DOMAIN=self.domain,
HOST=self.host, HOST=self.host,
SERVER_ID=installutils.realm_to_serverid(self.realm), SERVER_ID=ipaldap.realm_to_serverid(self.realm),
REALM=self.realm, REALM=self.realm,
KRB5KDC_KADM5_ACL=paths.KRB5KDC_KADM5_ACL, KRB5KDC_KADM5_ACL=paths.KRB5KDC_KADM5_ACL,
DICT_WORDS=paths.DICT_WORDS, DICT_WORDS=paths.DICT_WORDS,

View File

@@ -279,7 +279,7 @@ class LDAPUpdate:
self.realm = api.env.realm self.realm = api.env.realm
suffix = ipautil.realm_to_suffix(self.realm) if self.realm else None suffix = ipautil.realm_to_suffix(self.realm) if self.realm else None
self.ldapuri = installutils.realm_to_ldapi_uri(self.realm) self.ldapuri = ipaldap.realm_to_ldapi_uri(self.realm)
if suffix is not None: if suffix is not None:
assert isinstance(suffix, DN) assert isinstance(suffix, DN)

View File

@@ -21,7 +21,7 @@ import logging
from ipalib.install import certstore from ipalib.install import certstore
from ipaserver.install import certs, dsinstance from ipaserver.install import certs, dsinstance
from ipaserver.install.installutils import realm_to_serverid from ipapython.ipaldap import realm_to_serverid
from ipalib import Registry, errors from ipalib import Registry, errors
from ipalib import Updater from ipalib import Updater
from ipapython import certdb from ipapython import certdb

View File

@@ -22,6 +22,7 @@ from ipalib.install import certmonger, sysrestore
from ipapython import ipautil, version from ipapython import ipautil, version
from ipapython.ipautil import ( from ipapython.ipautil import (
ipa_generate_password, run, user_input) ipa_generate_password, run, user_input)
from ipapython import ipaldap
from ipapython.admintool import ScriptError from ipapython.admintool import ScriptError
from ipaplatform import services from ipaplatform import services
from ipaplatform.paths import paths from ipaplatform.paths import paths
@@ -591,8 +592,7 @@ def install_check(installer):
xmlrpc_uri = 'https://{0}/ipa/xml'.format( xmlrpc_uri = 'https://{0}/ipa/xml'.format(
ipautil.format_netloc(host_name)) ipautil.format_netloc(host_name))
ldapi_uri = 'ldapi://%2fvar%2frun%2fslapd-{0}.socket\n'.format( ldapi_uri = ipaldap.realm_to_ldapi_uri(realm_name)
installutils.realm_to_serverid(realm_name))
# [global] section # [global] section
gopts = [ gopts = [
@@ -1166,7 +1166,7 @@ def uninstall(installer):
# Note that this name will be wrong after the first uninstall. # Note that this name will be wrong after the first uninstall.
dirname = dsinstance.config_dirname( dirname = dsinstance.config_dirname(
installutils.realm_to_serverid(api.env.realm)) ipaldap.realm_to_serverid(api.env.realm))
dirs = [dirname, paths.PKI_TOMCAT_ALIAS_DIR, paths.HTTPD_ALIAS_DIR] dirs = [dirname, paths.PKI_TOMCAT_ALIAS_DIR, paths.HTTPD_ALIAS_DIR]
ids = certmonger.check_state(dirs) ids = certmonger.check_state(dirs)
if ids: if ids:

View File

@@ -220,8 +220,7 @@ def create_ipa_conf(fstore, config, ca_enabled, master=None):
else: else:
xmlrpc_uri = 'https://{0}/ipa/xml'.format( xmlrpc_uri = 'https://{0}/ipa/xml'.format(
ipautil.format_netloc(config.host_name)) ipautil.format_netloc(config.host_name))
ldapi_uri = 'ldapi://%2fvar%2frun%2fslapd-{0}.socket\n'.format( ldapi_uri = ipaldap.realm_to_ldapi_uri(config.realm_name)
installutils.realm_to_serverid(config.realm_name))
# [global] section # [global] section
gopts = [ gopts = [
@@ -802,7 +801,7 @@ def promote_check(installer):
api.bootstrap(in_server=True, api.bootstrap(in_server=True,
context='installer', context='installer',
confdir=paths.ETC_IPA, confdir=paths.ETC_IPA,
ldap_uri=installutils.realm_to_ldapi_uri(env.realm), ldap_uri=ipaldap.realm_to_ldapi_uri(env.realm),
xmlrpc_uri=xmlrpc_uri) xmlrpc_uri=xmlrpc_uri)
# pylint: enable=no-member # pylint: enable=no-member
api.finalize() api.finalize()

View File

@@ -18,6 +18,7 @@ import tempfile
from contextlib import contextmanager from contextlib import contextmanager
from augeas import Augeas from augeas import Augeas
import dns.exception import dns.exception
from ipalib import api, x509 from ipalib import api, x509
from ipalib.install import certmonger, sysrestore from ipalib.install import certmonger, sysrestore
import SSSDConfig import SSSDConfig
@@ -28,6 +29,7 @@ from ipaclient.install.client import sssd_enable_ifp
from ipaplatform import services from ipaplatform import services
from ipaplatform.tasks import tasks from ipaplatform.tasks import tasks
from ipapython import ipautil, version from ipapython import ipautil, version
from ipapython import ipaldap
from ipapython import dnsutil, directivesetter from ipapython import dnsutil, directivesetter
from ipapython.dn import DN from ipapython.dn import DN
from ipaplatform.constants import constants from ipaplatform.constants import constants
@@ -949,7 +951,7 @@ def certificate_renewal_update(ca, ds, http):
""" """
template = paths.CERTMONGER_COMMAND_TEMPLATE template = paths.CERTMONGER_COMMAND_TEMPLATE
serverid = installutils.realm_to_serverid(api.env.realm) serverid = ipaldap.realm_to_serverid(api.env.realm)
requests = [ requests = [
{ {
@@ -1367,7 +1369,7 @@ def fix_schema_file_syntax():
logger.info('Syntax already fixed') logger.info('Syntax already fixed')
return return
serverid = installutils.realm_to_serverid(api.env.realm) serverid = ipaldap.realm_to_serverid(api.env.realm)
ds_dir = dsinstance.config_dirname(serverid) ds_dir = dsinstance.config_dirname(serverid)
# 1. 60ipadns.ldif: Add parenthesis to idnsRecord # 1. 60ipadns.ldif: Add parenthesis to idnsRecord
@@ -1444,7 +1446,7 @@ def remove_ds_ra_cert(subject_base):
return return
dbdir = dsinstance.config_dirname( dbdir = dsinstance.config_dirname(
installutils.realm_to_serverid(api.env.realm)) ipaldap.realm_to_serverid(api.env.realm))
dsdb = certs.CertDB(api.env.realm, nssdir=dbdir, subject_base=subject_base) dsdb = certs.CertDB(api.env.realm, nssdir=dbdir, subject_base=subject_base)
nickname = 'CN=IPA RA,%s' % subject_base nickname = 'CN=IPA RA,%s' % subject_base
@@ -1810,7 +1812,7 @@ def upgrade_configuration():
fqdn = api.env.host fqdn = api.env.host
# Ok, we are an IPA server, do the additional tests # Ok, we are an IPA server, do the additional tests
ds_serverid = installutils.realm_to_serverid(api.env.realm) ds_serverid = ipaldap.realm_to_serverid(api.env.realm)
ds = dsinstance.DsInstance() ds = dsinstance.DsInstance()
# start DS, CA will not start without running DS, and cause error # start DS, CA will not start without running DS, and cause error
@@ -2098,7 +2100,7 @@ def upgrade_configuration():
SUFFIX=krb.suffix, SUFFIX=krb.suffix,
DOMAIN=api.env.domain, DOMAIN=api.env.domain,
HOST=api.env.host, HOST=api.env.host,
SERVER_ID=installutils.realm_to_serverid(krb.realm), SERVER_ID=ipaldap.realm_to_serverid(krb.realm),
REALM=krb.realm, REALM=krb.realm,
KRB5KDC_KADM5_ACL=paths.KRB5KDC_KADM5_ACL, KRB5KDC_KADM5_ACL=paths.KRB5KDC_KADM5_ACL,
DICT_WORDS=paths.DICT_WORDS, DICT_WORDS=paths.DICT_WORDS,

View File

@@ -25,9 +25,11 @@ import ldif
import shutil import shutil
import random import random
import traceback import traceback
from ipalib import api from ipalib import api
from ipaplatform.paths import paths from ipaplatform.paths import paths
from ipaplatform import services from ipaplatform import services
from ipapython import ipaldap
from ipaserver.install import installutils from ipaserver.install import installutils
from ipaserver.install import schemaupdate from ipaserver.install import schemaupdate
@@ -88,7 +90,7 @@ class IPAUpgrade(service.Service):
h = "%02x" % rand.randint(0,255) h = "%02x" % rand.randint(0,255)
ext += h ext += h
super(IPAUpgrade, self).__init__("dirsrv", realm_name=realm_name) super(IPAUpgrade, self).__init__("dirsrv", realm_name=realm_name)
serverid = installutils.realm_to_serverid(realm_name) serverid = ipaldap.realm_to_serverid(realm_name)
self.filename = '%s/%s' % (paths.ETC_DIRSRV_SLAPD_INSTANCE_TEMPLATE % serverid, DSE) self.filename = '%s/%s' % (paths.ETC_DIRSRV_SLAPD_INSTANCE_TEMPLATE % serverid, DSE)
self.savefilename = '%s/%s.ipa.%s' % (paths.ETC_DIRSRV_SLAPD_INSTANCE_TEMPLATE % serverid, DSE, ext) self.savefilename = '%s/%s.ipa.%s' % (paths.ETC_DIRSRV_SLAPD_INSTANCE_TEMPLATE % serverid, DSE, ext)
self.files = files self.files = files

View File

@@ -18,7 +18,7 @@ from ipatests.test_integration.base import IntegrationTest
from ipatests.pytest_ipa.integration import tasks from ipatests.pytest_ipa.integration import tasks
from ipaplatform.paths import paths from ipaplatform.paths import paths
from ipaserver.install import dsinstance from ipaserver.install import dsinstance
from ipaserver.install.installutils import realm_to_serverid from ipapython.ipaldap import realm_to_serverid
class TestUninstallBase(IntegrationTest): class TestUninstallBase(IntegrationTest):