IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

abort-clean/list/clean-ruv now work for both suffixes

Browse Source 
The rid passed to abort-clean-ruv and clean-ruv is now searched
for in both ipaca and domain trees as well as list-ruv now
displays both RUVs and CS-RUVs

https://fedorahosted.org/freeipa/ticket/4987

Reviewed-By: Martin Basti <mbasti@redhat.com>
This commit is contained in:
Stanislav Laznicka
2016-03-11 10:15:02 +01:00
committed by Martin Basti
parent d2bb8b7bb1
commit ee05442e5d
2 changed files with 100 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

121
install/tools/ipa-replica-manage
View File

@@ -68,7 +68,7 @@ commands = {
"dnanextrange-set":(2, 2, "<master fqdn> <range>", "must provide a master and ID range"), "dnanextrange-set":(2, 2, "<master fqdn> <range>", "must provide a master and ID range"),
} }
# tuple of commands that need proper Directory Manager password # tuple of commands that work with ca tree and need Directory Manager password
dirman_passwd_req_commands = ("list-ruv", "clean-ruv", "abort-clean-ruv") dirman_passwd_req_commands = ("list-ruv", "clean-ruv", "abort-clean-ruv")
@@ -396,18 +396,67 @@ def get_ruv(realm, host, dirman_passwd, nolookup=False, ca=False):
return servers return servers
def get_ruv_both_suffixes(realm, host, dirman_passwd, verbose, nolookup=False):
"""
Get RUVs for both domain and ipaca suffixes
"""
ruvs = {}
fail_gracefully = True
try:
ruvs['ca'] = get_ruv(realm, host, dirman_passwd, nolookup, True)
except (NoRUVsFound, RuntimeError) as e:
err = "Failed to get CS-RUVs from {host}: {err}".format(host=host,
err=e)
if isinstance(e, RuntimeError):
fail_gracefully = False
if verbose:
print(err)
root_logger.debug(err)
try:
ruvs['domain'] = get_ruv(realm, host, dirman_passwd, nolookup)
except (NoRUVsFound, RuntimeError) as e:
err = "Failed to get RUVs from {host}: {err}".format(host=host, err=e)
if isinstance(e, RuntimeError):
if not fail_gracefully:
raise
if verbose:
print(err)
root_logger.debug(err)
if not ruvs.keys():
raise NoRUVsFound("No RUV records found.")
return ruvs
def list_ruv(realm, host, dirman_passwd, verbose, nolookup=False): def list_ruv(realm, host, dirman_passwd, verbose, nolookup=False):
""" """
List the Replica Update Vectors on this host to get the available List the Replica Update Vectors on this host to get the available
replica IDs. replica IDs.
""" """
try: try:
servers = get_ruv(realm, host, dirman_passwd, nolookup) servers = get_ruv_both_suffixes(realm, host, dirman_passwd,
verbose, nolookup)
except (NoRUVsFound, RuntimeError) as e: except (NoRUVsFound, RuntimeError) as e:
print(e) print(e)
sys.exit(0 if isinstance(e, NoRUVsFound) else 1) sys.exit(0 if isinstance(e, NoRUVsFound) else 1)
for (netloc, rid) in servers:
print("%s: %s" % (netloc, rid)) print('Replica Update Vectors:')
if servers.get('domain'):
for netloc, rid in servers['domain']:
print("\t{name}: {id}".format(name=netloc, id=rid))
else:
print('\tNo RUVs found.')
print('Certificate Server Replica Update Vectors:')
if servers.get('ca'):
for netloc, rid in servers['ca']:
print("\t{name}: {id}".format(name=netloc, id=rid))
else:
print('\tNo CS-RUVs found.')
def get_rid_by_host(realm, sourcehost, host, dirman_passwd, nolookup=False): def get_rid_by_host(realm, sourcehost, host, dirman_passwd, nolookup=False):
""" """
@@ -422,7 +471,8 @@ def get_rid_by_host(realm, sourcehost, host, dirman_passwd, nolookup=False):
if '%s:389' % host == netloc: if '%s:389' % host == netloc:
return int(rid) return int(rid)
def clean_ruv(realm, ruv, options, ca=False):
def clean_ruv(realm, ruv, options):
""" """
Given an RID create a CLEANALLRUV task to clean it up. Given an RID create a CLEANALLRUV task to clean it up.
""" """
@@ -432,23 +482,28 @@ def clean_ruv(realm, ruv, options, ca=False):
sys.exit("Replica ID must be an integer: %s" % ruv) sys.exit("Replica ID must be an integer: %s" % ruv)
try: try:
servers = get_ruv(realm, options.host, options.dirman_passwd, servers = get_ruv_both_suffixes(realm, options.host,
options.nolookup, ca=ca) options.dirman_passwd,
options.verbose,
options.nolookup)
except (NoRUVsFound, RuntimeError) as e: except (NoRUVsFound, RuntimeError) as e:
print(e) print(e)
sys.exit(0 if isinstance(e, NoRUVsFound) else 1) sys.exit(0 if isinstance(e, NoRUVsFound) else 1)
found = False tree_found = None
for (netloc, rid) in servers: for tree, ruvs in servers.items():
if ruv == int(rid): for netloc, rid in ruvs:
found = True if ruv == int(rid):
hostname = netloc tree_found = tree
hostname = netloc
break
if tree_found:
break break
if not found: if not tree_found:
sys.exit("Replica ID %s not found" % ruv) sys.exit("Replica ID %s not found" % ruv)
if ca: if tree_found == 'ca':
print("Clean the Certificate Server Replication Update Vector for %s" print("Clean the Certificate Server Replication Update Vector for %s"
% hostname) % hostname)
else: else:
@@ -463,7 +518,7 @@ def clean_ruv(realm, ruv, options, ca=False):
if not ipautil.user_input("Continue to clean?", False): if not ipautil.user_input("Continue to clean?", False):
sys.exit("Aborted") sys.exit("Aborted")
if ca: if tree_found == 'ca':
thisrepl = replication.get_cs_replication_manager(realm, options.host, thisrepl = replication.get_cs_replication_manager(realm, options.host,
options.dirman_passwd) options.dirman_passwd)
else: else:
@@ -472,6 +527,7 @@ def clean_ruv(realm, ruv, options, ca=False):
thisrepl.cleanallruv(ruv) thisrepl.cleanallruv(ruv)
print("Cleanup task created") print("Cleanup task created")
def abort_clean_ruv(realm, ruv, options): def abort_clean_ruv(realm, ruv, options):
""" """
Given an RID abort a CLEANALLRUV task. Given an RID abort a CLEANALLRUV task.
@@ -482,30 +538,40 @@ def abort_clean_ruv(realm, ruv, options):
sys.exit("Replica ID must be an integer: %s" % ruv) sys.exit("Replica ID must be an integer: %s" % ruv)
try: try:
servers = get_ruv(realm, options.host, options.dirman_passwd, servers = get_ruv_both_suffixes(realm, options.host,
options.nolookup) options.dirman_passwd,
options.verbose,
options.nolookup)
except (NoRUVsFound, RuntimeError) as e: except (NoRUVsFound, RuntimeError) as e:
print(e) print(e)
sys.exit(0 if isinstance(e, NoRUVsFound) else 1) sys.exit(0 if isinstance(e, NoRUVsFound) else 1)
found = False tree_found = None
for (netloc, rid) in servers: for tree, ruvs in servers.items():
if ruv == int(rid): for netloc, rid in ruvs:
found = True if ruv == int(rid):
hostname = netloc tree_found = tree
hostname = netloc
break
if tree_found:
break break
if not found: if not tree_found:
sys.exit("Replica ID %s not found" % ruv) sys.exit("Replica ID %s not found" % ruv)
print("Aborting the clean Replication Update Vector task for %s" % hostname) print("Aborting the clean Replication Update Vector task for %s" % hostname)
print() print()
thisrepl = replication.ReplicationManager(realm, options.host, if tree_found == 'ca':
options.dirman_passwd) thisrepl = replication.get_cs_replication_manager(realm, options.host,
options.dirman_passwd)
else:
thisrepl = replication.ReplicationManager(realm, options.host,
options.dirman_passwd)
thisrepl.abortcleanallruv(ruv, options.force) thisrepl.abortcleanallruv(ruv, options.force)
print("Cleanup task stopped") print("Cleanup task stopped")
def list_clean_ruv(realm, host, dirman_passwd, verbose, nolookup=False): def list_clean_ruv(realm, host, dirman_passwd, verbose, nolookup=False):
""" """
List all clean RUV tasks. List all clean RUV tasks.
@@ -701,7 +767,7 @@ def clean_dangling_ruvs(realm, host, options):
for csruv in master_info['clean_csruv']: for csruv in master_info['clean_csruv']:
if csruv[1] not in cleaned: if csruv[1] not in cleaned:
cleaned.add(csruv[1]) cleaned.add(csruv[1])
clean_ruv(realm, csruv[1], options, ca=True) clean_ruv(realm, csruv[1], options)
def check_last_link(delrepl, realm, dirman_passwd, force): def check_last_link(delrepl, realm, dirman_passwd, force):
@@ -1574,7 +1640,8 @@ def main(options, args):
if options.dirman_passwd: if options.dirman_passwd:
dirman_passwd = options.dirman_passwd dirman_passwd = options.dirman_passwd
else: else:
if not test_connection(realm, host, options.nolookup): if (not test_connection(realm, host, options.nolookup) or
args[0] in dirman_passwd_req_commands):
dirman_passwd = installutils.read_password("Directory Manager", dirman_passwd = installutils.read_password("Directory Manager",
confirm=False, validate=False, retry=False) confirm=False, validate=False, retry=False)
if dirman_passwd is None or ( if dirman_passwd is None or (

8
install/tools/man/ipa-replica-manage.1
View File

@@ -135,6 +135,7 @@ Password for the IPA system user used by the Windows PassSync plugin to synchron
.TP .TP
\fB\-\-from\fR=\fISERVER\fR \fB\-\-from\fR=\fISERVER\fR
The server to pull the data from, used by the re\-initialize and force\-sync commands. The server to pull the data from, used by the re\-initialize and force\-sync commands.
.TP
.SH "RANGES" .SH "RANGES"
IPA uses the 389\-ds Distributed Numeric Assignment (DNA) Plugin to allocate POSIX ids for users and groups. A range is created when IPA is installed and half the range is assigned to the first IPA master for the purposes of allocation. IPA uses the 389\-ds Distributed Numeric Assignment (DNA) Plugin to allocate POSIX ids for users and groups. A range is created when IPA is installed and half the range is assigned to the first IPA master for the purposes of allocation.
.TP .TP
@@ -190,8 +191,11 @@ Using connect/disconnect you can manage the replication topology.
.TP .TP
List the replication IDs in use: List the replication IDs in use:
# ipa\-replica\-manage list\-ruv # ipa\-replica\-manage list\-ruv
srv1.example.com:389: 7 Replica Update Vectors:
srv2.example.com:389: 4 srv1.example.com:389: 7
srv2.example.com:389: 4
Certificate Server Replica Update Vectors:
srv1.example.com:389: 9
.TP .TP
Remove references to an orphaned and deleted master: Remove references to an orphaned and deleted master:
# ipa\-replica\-manage del \-\-force \-\-cleanup master.example.com # ipa\-replica\-manage del \-\-force \-\-cleanup master.example.com