mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-24 16:10:02 -06:00
Remove DL0 specific code from ipa_kra_install in ipaserver/install
Replica files are DL0 specific therefore all the code that is related to replica files have been removed An additional check for the new minimal domain level has been added. The use of extra args results in an error as this was only needed for the replica file. See: https://pagure.io/freeipa/issue/7689 Signed-off-by: Thomas Woerner <twoerner@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
This commit is contained in:
parent
9af0b0949e
commit
db5bff1482
@ -20,14 +20,13 @@
|
||||
from __future__ import print_function, absolute_import
|
||||
|
||||
import logging
|
||||
import os
|
||||
import sys
|
||||
import tempfile
|
||||
from optparse import SUPPRESS_HELP # pylint: disable=deprecated-module
|
||||
|
||||
from textwrap import dedent
|
||||
from ipalib import api
|
||||
from ipalib.constants import DOMAIN_LEVEL_0
|
||||
from ipalib.constants import DOMAIN_LEVEL_1
|
||||
from ipaplatform.paths import paths
|
||||
from ipapython import admintool
|
||||
from ipaserver.install import service
|
||||
@ -36,7 +35,6 @@ from ipaserver.install import custodiainstance
|
||||
from ipaserver.install import krainstance
|
||||
from ipaserver.install import dsinstance
|
||||
from ipaserver.install import installutils
|
||||
from ipaserver.install.installutils import create_replica_config
|
||||
from ipaserver.install import dogtaginstance
|
||||
from ipaserver.install import kra
|
||||
from ipaserver.install.installutils import ReplicaConfig
|
||||
@ -118,15 +116,8 @@ class KRAInstaller(KRAInstall):
|
||||
" in unattended mode"
|
||||
)
|
||||
|
||||
if len(self.args) > 1:
|
||||
if len(self.args) > 0:
|
||||
self.option_parser.error("Too many arguments provided")
|
||||
elif len(self.args) == 1:
|
||||
# Domain level 0 is not supported anymore
|
||||
self.option_parser.error("Domain level 0 is not supported anymore")
|
||||
self.replica_file = self.args[0]
|
||||
if not os.path.isfile(self.replica_file):
|
||||
self.option_parser.error(
|
||||
"Replica file %s does not exist" % self.replica_file)
|
||||
|
||||
def ask_for_options(self):
|
||||
super(KRAInstaller, self).ask_for_options()
|
||||
@ -162,18 +153,15 @@ class KRAInstaller(KRAInstall):
|
||||
|
||||
# this check can be done only when CA is installed
|
||||
self.installing_replica = dogtaginstance.is_installing_replica("KRA")
|
||||
self.options.promote = False
|
||||
|
||||
if self.installing_replica:
|
||||
domain_level = dsinstance.get_domain_level(api)
|
||||
if domain_level > DOMAIN_LEVEL_0:
|
||||
self.options.promote = True
|
||||
elif not self.args:
|
||||
raise RuntimeError("A replica file is required.")
|
||||
if domain_level < DOMAIN_LEVEL_1:
|
||||
raise RuntimeError(
|
||||
"Unsupported domain level %d." % domain_level)
|
||||
|
||||
if self.args and (not self.installing_replica or self.options.promote):
|
||||
raise RuntimeError("Too many parameters provided. "
|
||||
"No replica file is required.")
|
||||
if self.args:
|
||||
raise RuntimeError("Too many parameters provided.")
|
||||
|
||||
self.options.dm_password = self.options.password
|
||||
self.options.setup_ca = False
|
||||
@ -182,30 +170,17 @@ class KRAInstaller(KRAInstall):
|
||||
api.Backend.ldap2.connect()
|
||||
|
||||
if self.installing_replica:
|
||||
if not self.options.promote:
|
||||
# Domain level 0 is not supported anymore
|
||||
raise admintool.ScriptError(
|
||||
"Domain level 0 is not supported anymore")
|
||||
|
||||
if self.options.promote:
|
||||
config = ReplicaConfig()
|
||||
config.kra_host_name = None
|
||||
config.realm_name = api.env.realm
|
||||
config.host_name = api.env.host
|
||||
config.domain_name = api.env.domain
|
||||
config.dirman_password = self.options.password
|
||||
config.ca_ds_port = 389
|
||||
config.top_dir = tempfile.mkdtemp("ipa")
|
||||
config.dir = config.top_dir
|
||||
else:
|
||||
config = create_replica_config(
|
||||
self.options.password,
|
||||
self.replica_file,
|
||||
self.options)
|
||||
config.kra_host_name = config.master_host_name
|
||||
config = ReplicaConfig()
|
||||
config.kra_host_name = None
|
||||
config.realm_name = api.env.realm
|
||||
config.host_name = api.env.host
|
||||
config.domain_name = api.env.domain
|
||||
config.dirman_password = self.options.password
|
||||
config.ca_ds_port = 389
|
||||
config.top_dir = tempfile.mkdtemp("ipa")
|
||||
config.dir = config.top_dir
|
||||
|
||||
config.setup_kra = True
|
||||
config.promote = self.options.promote
|
||||
|
||||
if config.subject_base is None:
|
||||
attrs = api.Backend.ldap2.get_ipa_config()
|
||||
|
Loading…
Reference in New Issue
Block a user