install: add restart_dirsrv for directory server restarts

* Create a utility function to restart a directory server and reconnect the api.Backend.ldap2 connection. * Use restart_dirsrv instead of knownservices.dirsrv.restart to ensure api.Backend.ldap2 is reconnected. https://fedorahosted.org/freeipa/ticket/6461 Reviewed-By: Martin Basti <mbasti@redhat.com> Reviewed-By: Jan Cholasta <jcholast@redhat.com>
2025-01-26 16:16:31 -06:00 · 2016-10-26 14:17:02 +02:00 · 2016-10-26 14:17:02 +02:00 · e05bdeb6cf
commit e05bdeb6cf
parent e8aa2627c7
7 changed files with 19 additions and 17 deletions
--- a/ipaserver/install/adtrustinstance.py
+++ b/ipaserver/install/adtrustinstance.py
@ -721,7 +721,7 @@ class ADTRUSTInstance(service.Service):

    def __restart_dirsrv(self):
        try:
-            services.knownservices.dirsrv.restart()
+            installutils.restart_dirsrv()
        except Exception:
            pass

--- a/ipaserver/install/ca.py
+++ b/ipaserver/install/ca.py
@ -215,14 +215,7 @@ def install_step_1(standalone, replica_config, options):
                                  cert, nickname, trust_flags[nickname],
                                  config_ipa=True, config_compat=True)

-
-        api.Backend.ldap2.disconnect()
-
-        # Restart DS
-        services.knownservices.dirsrv.restart(serverid)
-
-        api.Backend.ldap2.connect(bind_dn=DN(('cn', 'Directory Manager')),
-                                  bind_pw=dm_password)
+        installutils.restart_dirsrv()

        # Store DS CA cert in Dogtag NSS database
        dogtagdb = certs.CertDB(realm_name, nssdir=paths.PKI_TOMCAT_ALIAS_DIR)
--- a/ipaserver/install/cainstance.py
+++ b/ipaserver/install/cainstance.py
@ -1583,7 +1583,7 @@ def install_replica_ca(config, postinstall=False, ra_p12=None):
    service.print_msg("Restarting the directory and certificate servers")
    ca.stop('pki-tomcat')

-    services.knownservices.dirsrv.restart()
+    installutils.restart_dirsrv()

    ca.start('pki-tomcat')

--- a/ipaserver/install/installutils.py
+++ b/ipaserver/install/installutils.py
@ -51,7 +51,7 @@ from ipapython.admintool import ScriptError
 from ipapython.ipa_log_manager import root_logger
 from ipalib.util import validate_hostname
 from ipapython import config
-from ipalib import errors, x509
+from ipalib import api, errors, x509
 from ipapython.dn import DN
 from ipaserver.install import certs, service, sysupgrade
 from ipaplatform import services
@ -1399,3 +1399,14 @@ def remove_ccache(ccache_path=None, run_as=None):
    except ipautil.CalledProcessError as e:
        root_logger.warning(
            "Failed to clear Kerberos credentials cache: {}".format(e))
+
+
+def restart_dirsrv(instance_name="", capture_output=True):
+    """
+    Restart Directory server and perform ldap reconnect.
+    """
+    api.Backend.ldap2.disconnect()
+    services.knownservices.dirsrv.restart(instance_name=instance_name,
+                                          capture_output=capture_output,
+                                          wait=True, ldapi=True)
+    api.Backend.ldap2.connect()
--- a/ipaserver/install/krainstance.py
+++ b/ipaserver/install/krainstance.py
@ -445,7 +445,7 @@ def install_replica_kra(config, postinstall=False):

    service.print_msg("Restarting the directory and KRA servers")
    _kra.stop('pki-tomcat')
-    services.knownservices.dirsrv.restart()
+    installutils.restart_dirsrv()
    _kra.start('pki-tomcat')

    return _kra
--- a/ipaserver/install/ldapupdate.py
+++ b/ipaserver/install/ldapupdate.py
@ -40,7 +40,6 @@ from ipalib import errors
 from ipalib import api, create_api
 from ipalib import constants
 from ipaplatform.paths import paths
-from ipaplatform import services
 from ipapython.dn import DN
 from ipapython.ipa_log_manager import log_mgr

@ -926,6 +925,5 @@ class LDAPUpdate(object):
            self.conn = None

    def restart_ds(self):
-        dirsrv = services.knownservices.dirsrv
        self.log.debug('Restarting directory server to apply updates')
-        dirsrv.restart(ldapi=self.ldapi)
+        installutils.restart_dirsrv()
--- a/ipaserver/install/replication.py
+++ b/ipaserver/install/replication.py
@ -35,8 +35,8 @@ from ipapython.ipa_log_manager import root_logger
 from ipapython import ipautil, ipaldap
 from ipapython.admintool import ScriptError
 from ipapython.dn import DN
-from ipaplatform import services
 from ipaplatform.paths import paths
+from ipaserver.install import installutils

 if six.PY3:
    unicode = str
@ -130,7 +130,7 @@ def enable_replication_version_checking(realm, dirman_passwd):
        conn.modify_s(entry.dn, [(ldap.MOD_REPLACE, 'nsslapd-pluginenabled', 'on')])
        conn.unbind()
        serverid = "-".join(realm.split("."))
-        services.knownservices.dirsrv.restart(instance_name=serverid)
+        installutils.restart_dirsrv(serverid)
    else:
        conn.unbind()