mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-02-25 18:55:28 -06:00
logging: remove object-specific loggers
Remove all object-specific loggers, with the exception of `Plugin.log`, which is now deprecated. Replace affected logger calls with module-level logger calls. Deprecate object-specific loggers in `ipa_log_manager.get_logger`. Reviewed-By: Martin Basti <mbasti@redhat.com>
This commit is contained in:
Jan Cholasta
committed by
Martin Basti
Martin Basti
parent
9d19654cbd
commit
ffadcb0414
@@ -17,6 +17,8 @@
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
import logging
|
||||
|
||||
from ipalib import Registry, errors
|
||||
from ipalib import Updater
|
||||
from ipapython.dn import DN
|
||||
@@ -24,6 +26,8 @@ from ipapython.ipa_log_manager import root_logger
|
||||
from ipaserver.install import sysupgrade
|
||||
from ipaserver.install.adtrustinstance import ADTRUSTInstance
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
register = Registry()
|
||||
|
||||
DEFAULT_ID_RANGE_SIZE = 200000
|
||||
@@ -146,7 +150,7 @@ class update_default_trust_view(Updater):
|
||||
|
||||
# First, see if trusts are enabled on the server
|
||||
if not self.api.Command.adtrust_is_enabled()['result']:
|
||||
self.log.debug('AD Trusts are not enabled on this server')
|
||||
logger.debug('AD Trusts are not enabled on this server')
|
||||
return False, []
|
||||
|
||||
# Second, make sure the Default Trust View does not exist yet
|
||||
@@ -155,7 +159,7 @@ class update_default_trust_view(Updater):
|
||||
except errors.NotFound:
|
||||
pass
|
||||
else:
|
||||
self.log.debug('Default Trust View already present on this server')
|
||||
logger.debug('Default Trust View already present on this server')
|
||||
return False, []
|
||||
|
||||
# We have a server with AD trust support without Default Trust View.
|
||||
@@ -200,7 +204,7 @@ class update_sigden_extdom_broken_config(Updater):
|
||||
try:
|
||||
entry = ldap.get_entry(dn, attrs_list=[basedn_attr])
|
||||
except errors.NotFound:
|
||||
self.log.debug("configuration for %s not found, skipping", dn)
|
||||
logger.debug("configuration for %s not found, skipping", dn)
|
||||
else:
|
||||
configured_suffix = entry.single_value.get(basedn_attr)
|
||||
if configured_suffix is None:
|
||||
@@ -212,19 +216,19 @@ class update_sigden_extdom_broken_config(Updater):
|
||||
elif configured_suffix == "$SUFFIX":
|
||||
# configured value is wrong, fix it
|
||||
entry.single_value[basedn_attr] = str(self.api.env.basedn)
|
||||
self.log.debug("updating attribute %s of %s to correct "
|
||||
"value %s", basedn_attr, dn,
|
||||
self.api.env.basedn)
|
||||
logger.debug("updating attribute %s of %s to correct "
|
||||
"value %s",
|
||||
basedn_attr, dn, self.api.env.basedn)
|
||||
ldap.update_entry(entry)
|
||||
modified = True
|
||||
else:
|
||||
self.log.debug("configured basedn for %s is okay", dn)
|
||||
logger.debug("configured basedn for %s is okay", dn)
|
||||
|
||||
return modified
|
||||
|
||||
def execute(self, **options):
|
||||
if sysupgrade.get_upgrade_state('sidgen', 'config_basedn_updated'):
|
||||
self.log.debug("Already done, skipping")
|
||||
logger.debug("Already done, skipping")
|
||||
return False, ()
|
||||
|
||||
restart = False
|
||||
@@ -250,7 +254,7 @@ class update_sids(Updater):
|
||||
ldap = self.api.Backend.ldap2
|
||||
|
||||
if sysupgrade.get_upgrade_state('sidgen', 'update_sids') is not True:
|
||||
self.log.debug("SIDs do not need to be generated")
|
||||
logger.debug("SIDs do not need to be generated")
|
||||
return False, ()
|
||||
|
||||
# check if IPA domain for AD trust has been created, and if we need to
|
||||
@@ -264,8 +268,8 @@ class update_sids(Updater):
|
||||
try:
|
||||
entry = ldap.get_entry(domain_IPA_AD_dn, attrs_list=[attr_name])
|
||||
except errors.NotFound:
|
||||
self.log.debug("IPA domain object %s is not configured",
|
||||
domain_IPA_AD_dn)
|
||||
logger.debug("IPA domain object %s is not configured",
|
||||
domain_IPA_AD_dn)
|
||||
sysupgrade.set_upgrade_state('sidgen', 'update_sids', False)
|
||||
return False, ()
|
||||
else:
|
||||
@@ -286,9 +290,9 @@ class update_sids(Updater):
|
||||
try:
|
||||
ldap.add_entry(task_entry)
|
||||
except errors.DuplicateEntry:
|
||||
self.log.debug("sidgen task already created")
|
||||
logger.debug("sidgen task already created")
|
||||
else:
|
||||
self.log.debug("sidgen task has been created")
|
||||
logger.debug("sidgen task has been created")
|
||||
|
||||
# we have to check all trusts domains which may been affected by the
|
||||
# bug. Symptom is missing 'ipaNTSecurityIdentifier' attribute
|
||||
@@ -307,11 +311,11 @@ class update_sids(Updater):
|
||||
pass
|
||||
else:
|
||||
if truncated:
|
||||
self.log.warning("update_sids: Search results were truncated")
|
||||
logger.warning("update_sids: Search results were truncated")
|
||||
|
||||
for entry in trust_domain_entries:
|
||||
domain = entry.single_value["cn"]
|
||||
self.log.error(
|
||||
logger.error(
|
||||
"Your trust to %s is broken. Please re-create it by "
|
||||
"running 'ipa trust-add' again.", domain)
|
||||
|
||||
@@ -331,7 +335,7 @@ class update_tdo_gidnumber(Updater):
|
||||
|
||||
# First, see if trusts are enabled on the server
|
||||
if not self.api.Command.adtrust_is_enabled()['result']:
|
||||
self.log.debug('AD Trusts are not enabled on this server')
|
||||
logger.debug('AD Trusts are not enabled on this server')
|
||||
return False, []
|
||||
|
||||
# Read the gidnumber of the fallback group
|
||||
@@ -343,13 +347,13 @@ class update_tdo_gidnumber(Updater):
|
||||
entry = ldap.get_entry(dn, ['gidnumber'])
|
||||
gidNumber = entry.get('gidnumber')
|
||||
except errors.NotFound:
|
||||
self.log.error("{0} not found".format(
|
||||
ADTRUSTInstance.FALLBACK_GROUP_NAME))
|
||||
logger.error("%s not found",
|
||||
ADTRUSTInstance.FALLBACK_GROUP_NAME)
|
||||
return False, ()
|
||||
|
||||
if not gidNumber:
|
||||
self.log.error("{0} does not have a gidnumber".format(
|
||||
ADTRUSTInstance.FALLBACK_GROUP_NAME))
|
||||
logger.error("%s does not have a gidnumber",
|
||||
ADTRUSTInstance.FALLBACK_GROUP_NAME)
|
||||
return False, ()
|
||||
|
||||
# For each trusted domain object, add gidNumber
|
||||
@@ -366,14 +370,14 @@ class update_tdo_gidnumber(Updater):
|
||||
try:
|
||||
tdo['gidnumber'] = gidNumber
|
||||
ldap.update_entry(tdo)
|
||||
self.log.debug("Added gidnumber {0} to {1}".format(
|
||||
gidNumber, tdo.dn))
|
||||
logger.debug("Added gidnumber %s to %s",
|
||||
gidNumber, tdo.dn)
|
||||
except Exception:
|
||||
self.log.warning(
|
||||
"Failed to add gidnumber to {0}".format(tdo.dn))
|
||||
logger.warning(
|
||||
"Failed to add gidnumber to %s", tdo.dn)
|
||||
|
||||
except errors.NotFound:
|
||||
self.log.debug("No trusted domain object to update")
|
||||
logger.debug("No trusted domain object to update")
|
||||
return False, ()
|
||||
|
||||
return False, ()
|
||||
|
||||
@@ -17,6 +17,8 @@
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
import logging
|
||||
|
||||
from ipaserver.install import installutils, cainstance
|
||||
from ipalib import errors
|
||||
from ipalib import Updater
|
||||
@@ -25,6 +27,8 @@ from ipalib.plugable import Registry
|
||||
from ipaplatform.paths import paths
|
||||
from ipapython.dn import DN
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
register = Registry()
|
||||
|
||||
@register()
|
||||
@@ -36,7 +40,7 @@ class update_ca_renewal_master(Updater):
|
||||
def execute(self, **options):
|
||||
ca = cainstance.CAInstance(self.api.env.realm)
|
||||
if not ca.is_configured():
|
||||
self.debug("CA is not configured on this host")
|
||||
logger.debug("CA is not configured on this host")
|
||||
return False, []
|
||||
|
||||
ldap = self.api.Backend.ldap2
|
||||
@@ -50,7 +54,7 @@ class update_ca_renewal_master(Updater):
|
||||
except errors.NotFound:
|
||||
pass
|
||||
else:
|
||||
self.debug("found CA renewal master %s", entries[0].dn[1].value)
|
||||
logger.debug("found CA renewal master %s", entries[0].dn[1].value)
|
||||
|
||||
master = False
|
||||
updates = []
|
||||
@@ -78,11 +82,11 @@ class update_ca_renewal_master(Updater):
|
||||
}
|
||||
request_id = certmonger.get_request_id(criteria)
|
||||
if request_id is not None:
|
||||
self.debug("found certmonger request for RA cert")
|
||||
logger.debug("found certmonger request for RA cert")
|
||||
|
||||
ca_name = certmonger.get_request_value(request_id, 'ca-name')
|
||||
if ca_name is None:
|
||||
self.warning(
|
||||
logger.warning(
|
||||
"certmonger request for RA cert is missing ca_name, "
|
||||
"assuming local CA is renewal slave")
|
||||
return False, []
|
||||
@@ -95,12 +99,12 @@ class update_ca_renewal_master(Updater):
|
||||
elif ca_name == 'dogtag-ipa-ca-renew-agent':
|
||||
return False, []
|
||||
else:
|
||||
self.warning(
|
||||
logger.warning(
|
||||
"certmonger request for RA cert has unknown ca_name '%s', "
|
||||
"assuming local CA is renewal slave", ca_name)
|
||||
return False, []
|
||||
else:
|
||||
self.debug("certmonger request for RA cert not found")
|
||||
logger.debug("certmonger request for RA cert not found")
|
||||
|
||||
config = installutils.get_directive(
|
||||
paths.CA_CS_CFG_PATH, 'subsystem.select', '=')
|
||||
@@ -110,7 +114,7 @@ class update_ca_renewal_master(Updater):
|
||||
elif config == 'Clone':
|
||||
return False, []
|
||||
else:
|
||||
self.warning(
|
||||
logger.warning(
|
||||
"CS.cfg has unknown subsystem.select value '%s', "
|
||||
"assuming local CA is renewal slave", config)
|
||||
return (False, False, [])
|
||||
|
||||
@@ -19,6 +19,8 @@
|
||||
|
||||
from __future__ import absolute_import
|
||||
|
||||
import logging
|
||||
|
||||
import dns.exception
|
||||
import re
|
||||
import traceback
|
||||
@@ -35,6 +37,8 @@ from ipaserver.install import sysupgrade
|
||||
from ipaserver.install.bindinstance import ensure_dnsserver_container_exists
|
||||
from ipaserver.plugins.dns import dns_container_exists
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
register = Registry()
|
||||
|
||||
|
||||
@@ -65,8 +69,8 @@ class DNSUpdater(Updater):
|
||||
@property
|
||||
def ldif_writer(self):
|
||||
if not self._ldif_writer:
|
||||
self.log.info('Original zones will be saved in LDIF format in '
|
||||
'%s file' % self.backup_path)
|
||||
logger.info('Original zones will be saved in LDIF format in '
|
||||
'%s file', self.backup_path)
|
||||
self._ldif_writer = LDIFWriter(open(self.backup_path, 'w'))
|
||||
return self._ldif_writer
|
||||
|
||||
@@ -137,7 +141,7 @@ class update_ipaconfigstring_dnsversion_to_ipadnsversion(Updater):
|
||||
# version data are already migrated
|
||||
return False, []
|
||||
|
||||
self.log.debug('Migrating DNS ipaConfigString to ipaDNSVersion')
|
||||
logger.debug('Migrating DNS ipaConfigString to ipaDNSVersion')
|
||||
container_entry['objectclass'].append('ipadnscontainer')
|
||||
version = 0
|
||||
for config_option in container_entry.get("ipaConfigString", []):
|
||||
@@ -146,12 +150,12 @@ class update_ipaconfigstring_dnsversion_to_ipadnsversion(Updater):
|
||||
if matched:
|
||||
version = int(matched.group("version"))
|
||||
else:
|
||||
self.log.error(
|
||||
logger.error(
|
||||
'Failed to parse DNS version from ipaConfigString, '
|
||||
'defaulting to version %s', version)
|
||||
container_entry['ipadnsversion'] = version
|
||||
ldap.update_entry(container_entry)
|
||||
self.log.debug('ipaDNSVersion = %s', version)
|
||||
logger.debug('ipaDNSVersion = %s', version)
|
||||
return False, []
|
||||
|
||||
|
||||
@@ -189,7 +193,7 @@ class update_dnszones(Updater):
|
||||
try:
|
||||
zones = self.api.Command.dnszone_find(all=True)['result']
|
||||
except errors.NotFound:
|
||||
self.log.debug('No DNS zone to update found')
|
||||
logger.debug('No DNS zone to update found')
|
||||
return False, []
|
||||
|
||||
for zone in zones:
|
||||
@@ -284,7 +288,7 @@ class update_master_to_dnsforwardzones(DNSUpdater):
|
||||
# no upgrade is required
|
||||
return False, []
|
||||
|
||||
self.log.debug('Updating forward zones')
|
||||
logger.debug('Updating forward zones')
|
||||
# update the DNSVersion, following upgrade can be executed only once
|
||||
self.api.Command['dnsconfig_mod'](ipadnsversion=1)
|
||||
|
||||
@@ -311,7 +315,7 @@ class update_master_to_dnsforwardzones(DNSUpdater):
|
||||
pass
|
||||
|
||||
if not zones:
|
||||
self.log.debug('No DNS zone to update found')
|
||||
logger.debug('No DNS zone to update found')
|
||||
return False, []
|
||||
|
||||
zones_to_transform = []
|
||||
@@ -326,27 +330,27 @@ class update_master_to_dnsforwardzones(DNSUpdater):
|
||||
zones_to_transform.append(zone)
|
||||
|
||||
if zones_to_transform:
|
||||
self.log.info('Zones with specified forwarders with policy different'
|
||||
' than none will be transformed to forward zones.')
|
||||
logger.info('Zones with specified forwarders with policy '
|
||||
'different than none will be transformed to forward '
|
||||
'zones.')
|
||||
# update
|
||||
for zone in zones_to_transform:
|
||||
try:
|
||||
self.backup_zone(zone)
|
||||
except Exception:
|
||||
self.log.error('Unable to create backup for zone, '
|
||||
'terminating zone upgrade')
|
||||
self.log.error(traceback.format_exc())
|
||||
logger.error('Unable to create backup for zone, '
|
||||
'terminating zone upgrade')
|
||||
logger.error("%s", traceback.format_exc())
|
||||
return False, []
|
||||
|
||||
# delete master zone
|
||||
try:
|
||||
self.api.Command['dnszone_del'](zone['idnsname'])
|
||||
except Exception as e:
|
||||
self.log.error('Transform to forwardzone terminated: '
|
||||
'removing zone %s failed (%s)' % (
|
||||
zone['idnsname'][0], e)
|
||||
)
|
||||
self.log.error(traceback.format_exc())
|
||||
logger.error('Transform to forwardzone terminated: '
|
||||
'removing zone %s failed (%s)',
|
||||
zone['idnsname'][0], e)
|
||||
logger.error("%s", traceback.format_exc())
|
||||
continue
|
||||
|
||||
# create forward zone
|
||||
@@ -358,11 +362,11 @@ class update_master_to_dnsforwardzones(DNSUpdater):
|
||||
'skip_overlap_check': True,
|
||||
}
|
||||
self.api.Command['dnsforwardzone_add'](zone['idnsname'][0], **kw)
|
||||
except Exception as e:
|
||||
self.log.error('Transform to forwardzone terminated: creating '
|
||||
'forwardzone %s failed' %
|
||||
zone['idnsname'][0])
|
||||
self.log.error(traceback.format_exc())
|
||||
except Exception:
|
||||
logger.error('Transform to forwardzone terminated: '
|
||||
'creating forwardzone %s failed',
|
||||
zone['idnsname'][0])
|
||||
logger.error("%s", traceback.format_exc())
|
||||
continue
|
||||
|
||||
# create permission if original zone has one
|
||||
@@ -370,14 +374,14 @@ class update_master_to_dnsforwardzones(DNSUpdater):
|
||||
try:
|
||||
perm_name = self.api.Command['dnsforwardzone_add_permission'](
|
||||
zone['idnsname'][0])['value']
|
||||
except Exception as e:
|
||||
self.log.error('Transform to forwardzone terminated: '
|
||||
'Adding managed by permission to forward zone'
|
||||
' %s failed' % zone['idnsname'])
|
||||
self.log.error(traceback.format_exc())
|
||||
self.log.info('Zone %s was transformed to forward zone '
|
||||
' without managed permissions',
|
||||
zone['idnsname'][0])
|
||||
except Exception:
|
||||
logger.error('Transform to forwardzone terminated: '
|
||||
'Adding managed by permission to forward '
|
||||
'zone %s failed', zone['idnsname'])
|
||||
logger.error("%s", traceback.format_exc())
|
||||
logger.info('Zone %s was transformed to forward zone '
|
||||
' without managed permissions',
|
||||
zone['idnsname'][0])
|
||||
continue
|
||||
|
||||
else:
|
||||
@@ -388,18 +392,20 @@ class update_master_to_dnsforwardzones(DNSUpdater):
|
||||
try:
|
||||
self.api.Command['permission_add_member'](perm_name,
|
||||
privilege=privileges)
|
||||
except Exception as e:
|
||||
self.log.error('Unable to restore privileges for '
|
||||
'permission %s, for zone %s'
|
||||
% (perm_name, zone['idnsname']))
|
||||
self.log.error(traceback.format_exc())
|
||||
self.log.info('Zone %s was transformed to forward zone'
|
||||
' without restored privileges',
|
||||
zone['idnsname'][0])
|
||||
except Exception:
|
||||
logger.error('Unable to restore privileges '
|
||||
'for permission %s, for zone %s',
|
||||
perm_name, zone['idnsname'])
|
||||
logger.error("%s", traceback.format_exc())
|
||||
logger.info('Zone %s was transformed to '
|
||||
'forward zone without restored '
|
||||
'privileges',
|
||||
zone['idnsname'][0])
|
||||
continue
|
||||
|
||||
self.log.debug('Zone %s was sucessfully transformed to forward zone',
|
||||
zone['idnsname'][0])
|
||||
logger.debug('Zone %s was sucessfully transformed to forward '
|
||||
'zone',
|
||||
zone['idnsname'][0])
|
||||
|
||||
return False, []
|
||||
|
||||
@@ -437,18 +443,18 @@ class update_dnsforward_emptyzones(DNSUpdater):
|
||||
continue
|
||||
|
||||
if not logged_once:
|
||||
self.log.info('Forward policy for zones conflicting with '
|
||||
'automatic empty zones will be changed to '
|
||||
'"only"')
|
||||
logger.info('Forward policy for zones conflicting with '
|
||||
'automatic empty zones will be changed to "only"')
|
||||
logged_once = True
|
||||
|
||||
# backup
|
||||
try:
|
||||
self.backup_zone(zone)
|
||||
except Exception:
|
||||
self.log.error('Unable to create backup for zone %s, '
|
||||
'terminating zone upgrade', zone['idnsname'][0])
|
||||
self.log.error(traceback.format_exc())
|
||||
logger.error('Unable to create backup for zone %s, '
|
||||
'terminating zone upgrade',
|
||||
zone['idnsname'][0])
|
||||
logger.error("%s", traceback.format_exc())
|
||||
continue
|
||||
|
||||
# change forward policy
|
||||
@@ -458,13 +464,13 @@ class update_dnsforward_emptyzones(DNSUpdater):
|
||||
idnsforwardpolicy=u'only'
|
||||
)
|
||||
except Exception as e:
|
||||
self.log.error('Forward policy update for zone %s failed '
|
||||
'(%s)' % (zone['idnsname'][0], e))
|
||||
self.log.error(traceback.format_exc())
|
||||
logger.error('Forward policy update for zone %s failed '
|
||||
'(%s)', zone['idnsname'][0], e)
|
||||
logger.error("%s", traceback.format_exc())
|
||||
continue
|
||||
|
||||
self.log.debug('Zone %s was sucessfully modified to use '
|
||||
'forward policy "only"', zone['idnsname'][0])
|
||||
logger.debug('Zone %s was sucessfully modified to use forward '
|
||||
'policy "only"', zone['idnsname'][0])
|
||||
|
||||
def update_global_ldap_forwarder(self):
|
||||
config = self.api.Command['dnsconfig_show'](all=True,
|
||||
@@ -473,9 +479,9 @@ class update_dnsforward_emptyzones(DNSUpdater):
|
||||
config.get('idnsforwardpolicy', [u'first'])[0] == u'first'
|
||||
and config.get('idnsforwarders', [])
|
||||
):
|
||||
self.log.info('Global forward policy in LDAP for all servers will '
|
||||
'be changed to "only" to avoid conflicts with '
|
||||
'automatic empty zones')
|
||||
logger.info('Global forward policy in LDAP for all servers will '
|
||||
'be changed to "only" to avoid conflicts with '
|
||||
'automatic empty zones')
|
||||
self.backup_zone(config)
|
||||
self.api.Command['dnsconfig_mod'](idnsforwardpolicy=u'only')
|
||||
|
||||
@@ -485,8 +491,8 @@ class update_dnsforward_emptyzones(DNSUpdater):
|
||||
# forwardzones already use new semantics, no upgrade is required
|
||||
return False, []
|
||||
|
||||
self.log.debug('Updating forwarding policies in LDAP '
|
||||
'to avoid conflicts with automatic empty zones')
|
||||
logger.debug('Updating forwarding policies in LDAP '
|
||||
'to avoid conflicts with automatic empty zones')
|
||||
# update the DNSVersion, following upgrade can be executed only once
|
||||
self.api.Command['dnsconfig_mod'](ipadnsversion=2)
|
||||
|
||||
@@ -495,11 +501,11 @@ class update_dnsforward_emptyzones(DNSUpdater):
|
||||
if dnsutil.has_empty_zone_addresses(self.api.env.host):
|
||||
self.update_global_ldap_forwarder()
|
||||
except dns.exception.DNSException as ex:
|
||||
self.log.error('Skipping update of global DNS forwarder in LDAP: '
|
||||
'Unable to determine if local server is using an '
|
||||
'IP address belonging to an automatic empty zone. '
|
||||
'Consider changing forwarding policy to "only". '
|
||||
'DNS exception: %s', ex)
|
||||
logger.error('Skipping update of global DNS forwarder in LDAP: '
|
||||
'Unable to determine if local server is using an '
|
||||
'IP address belonging to an automatic empty zone. '
|
||||
'Consider changing forwarding policy to "only". '
|
||||
'DNS exception: %s', ex)
|
||||
|
||||
return False, []
|
||||
|
||||
@@ -513,33 +519,33 @@ class update_dnsserver_configuration_into_ldap(DNSUpdater):
|
||||
def execute(self, **options):
|
||||
ldap = self.api.Backend.ldap2
|
||||
if sysupgrade.get_upgrade_state('dns', 'server_config_to_ldap'):
|
||||
self.log.debug('upgrade is not needed')
|
||||
logger.debug('upgrade is not needed')
|
||||
return False, []
|
||||
|
||||
dns_container_dn = DN(self.api.env.container_dns, self.api.env.basedn)
|
||||
try:
|
||||
ldap.get_entry(dns_container_dn)
|
||||
except errors.NotFound:
|
||||
self.log.debug('DNS container not found, nothing to upgrade')
|
||||
logger.debug('DNS container not found, nothing to upgrade')
|
||||
sysupgrade.set_upgrade_state('dns', 'server_config_to_ldap', True)
|
||||
return False, []
|
||||
|
||||
result = self.api.Command.server_show(self.api.env.host)['result']
|
||||
if not 'DNS server' in result.get('enabled_role_servrole', []):
|
||||
self.log.debug('This server is not DNS server, nothing to upgrade')
|
||||
logger.debug('This server is not DNS server, nothing to upgrade')
|
||||
sysupgrade.set_upgrade_state('dns', 'server_config_to_ldap', True)
|
||||
return False, []
|
||||
|
||||
# create container first, if doesn't exist
|
||||
ensure_dnsserver_container_exists(ldap, self.api, logger=self.log)
|
||||
ensure_dnsserver_container_exists(ldap, self.api)
|
||||
|
||||
try:
|
||||
self.api.Command.dnsserver_add(self.api.env.host)
|
||||
except errors.DuplicateEntry:
|
||||
self.log.debug("DNS server configuration already exists "
|
||||
"in LDAP database")
|
||||
logger.debug("DNS server configuration already exists "
|
||||
"in LDAP database")
|
||||
else:
|
||||
self.log.debug("DNS server configuration has been sucessfully "
|
||||
"created in LDAP database")
|
||||
logger.debug("DNS server configuration has been sucessfully "
|
||||
"created in LDAP database")
|
||||
sysupgrade.set_upgrade_state('dns', 'server_config_to_ldap', True)
|
||||
return False, []
|
||||
|
||||
@@ -17,10 +17,14 @@
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
import logging
|
||||
|
||||
from ipaserver.install import replication
|
||||
from ipalib import Registry
|
||||
from ipalib import Updater
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
register = Registry()
|
||||
|
||||
EXCLUDE_TEMPLATE = '(objectclass=*) $ EXCLUDE %s'
|
||||
@@ -36,7 +40,7 @@ class update_replica_attribute_lists(Updater):
|
||||
|
||||
def execute(self, **options):
|
||||
# We need an LDAPClient connection to the backend
|
||||
self.log.debug("Start replication agreement exclude list update task")
|
||||
logger.debug("Start replication agreement exclude list update task")
|
||||
conn = self.api.Backend.ldap2
|
||||
|
||||
repl = replication.ReplicationManager(self.api.env.realm,
|
||||
@@ -46,11 +50,11 @@ class update_replica_attribute_lists(Updater):
|
||||
# We need to update only IPA replica agreements, not winsync
|
||||
ipa_replicas = repl.find_ipa_replication_agreements()
|
||||
|
||||
self.log.debug("Found %d agreement(s)", len(ipa_replicas))
|
||||
logger.debug("Found %d agreement(s)", len(ipa_replicas))
|
||||
|
||||
for replica in ipa_replicas:
|
||||
for desc in replica.get('description', []):
|
||||
self.log.debug(desc)
|
||||
logger.debug('%s', desc)
|
||||
|
||||
self._update_attr(repl, replica,
|
||||
'nsDS5ReplicatedAttributeList',
|
||||
@@ -61,7 +65,7 @@ class update_replica_attribute_lists(Updater):
|
||||
self._update_attr(repl, replica,
|
||||
'nsds5ReplicaStripAttrs', replication.STRIP_ATTRS)
|
||||
|
||||
self.log.debug("Done updating agreements")
|
||||
logger.debug("Done updating agreements")
|
||||
|
||||
return False, [] # No restart, no updates
|
||||
|
||||
@@ -81,16 +85,16 @@ class update_replica_attribute_lists(Updater):
|
||||
"""
|
||||
attrlist = replica.single_value.get(attribute)
|
||||
if attrlist is None:
|
||||
self.log.debug("Adding %s", attribute)
|
||||
logger.debug("Adding %s", attribute)
|
||||
|
||||
# Need to add it altogether
|
||||
replica[attribute] = [template % " ".join(values)]
|
||||
|
||||
try:
|
||||
repl.conn.update_entry(replica)
|
||||
self.log.debug("Updated")
|
||||
logger.debug("Updated")
|
||||
except Exception as e:
|
||||
self.log.error("Error caught updating replica: %s", str(e))
|
||||
logger.error("Error caught updating replica: %s", str(e))
|
||||
|
||||
else:
|
||||
attrlist_normalized = attrlist.lower().split()
|
||||
@@ -98,17 +102,17 @@ class update_replica_attribute_lists(Updater):
|
||||
if a.lower() not in attrlist_normalized]
|
||||
|
||||
if missing:
|
||||
self.log.debug("%s needs updating (missing: %s)", attribute,
|
||||
', '.join(missing))
|
||||
logger.debug("%s needs updating (missing: %s)", attribute,
|
||||
', '.join(missing))
|
||||
|
||||
replica[attribute] = [
|
||||
'%s %s' % (attrlist, ' '.join(missing))]
|
||||
|
||||
try:
|
||||
repl.conn.update_entry(replica)
|
||||
self.log.debug("Updated %s", attribute)
|
||||
logger.debug("Updated %s", attribute)
|
||||
except Exception as e:
|
||||
self.log.error("Error caught updating %s: %s",
|
||||
attribute, str(e))
|
||||
logger.error("Error caught updating %s: %s",
|
||||
attribute, str(e))
|
||||
else:
|
||||
self.log.debug("%s: No update necessary" % attribute)
|
||||
logger.debug("%s: No update necessary", attribute)
|
||||
|
||||
@@ -17,6 +17,8 @@
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
import logging
|
||||
|
||||
import six
|
||||
|
||||
from ipalib import Registry, errors
|
||||
@@ -24,6 +26,8 @@ from ipalib import Updater
|
||||
from ipapython import ipautil
|
||||
from ipapython.dn import DN
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
register = Registry()
|
||||
|
||||
if six.PY3:
|
||||
@@ -56,8 +60,8 @@ class GenerateUpdateMixin(object):
|
||||
If the input DN doesn't end with old_suffix, log, an raise ValueError.
|
||||
"""
|
||||
if not dn.endswith(old_suffix):
|
||||
self.error("unable to replace suffix '%s' with '%s' in '%s'",
|
||||
old_suffix, new_suffix, dn)
|
||||
logger.error("unable to replace suffix '%s' with '%s' in '%s'",
|
||||
old_suffix, new_suffix, dn)
|
||||
raise ValueError('no replacement made')
|
||||
return DN(*dn[:-len(old_suffix)]) + new_suffix
|
||||
|
||||
|
||||
@@ -2,6 +2,8 @@
|
||||
# Copyright (C) 2015 FreeIPA Contributors see COPYING for license
|
||||
#
|
||||
|
||||
import logging
|
||||
|
||||
from ipalib import errors
|
||||
from ipalib import Registry
|
||||
from ipalib import Updater
|
||||
@@ -10,6 +12,8 @@ from ipaserver.install import cainstance
|
||||
from ipaserver.install import ldapupdate
|
||||
from ipaplatform.paths import paths
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
register = Registry()
|
||||
|
||||
|
||||
@@ -23,7 +27,7 @@ class update_ca_topology(Updater):
|
||||
|
||||
ca = cainstance.CAInstance(self.api.env.realm)
|
||||
if not ca.is_configured():
|
||||
self.log.debug("CA is not configured on this host")
|
||||
logger.debug("CA is not configured on this host")
|
||||
return False, []
|
||||
|
||||
ld = ldapupdate.LDAPUpdate(ldapi=True, sub_dict={
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
# Copyright (C) 2016 FreeIPA Contributors see COPYING for license
|
||||
#
|
||||
|
||||
import logging
|
||||
import time
|
||||
import ldap
|
||||
|
||||
@@ -10,6 +11,8 @@ from ipalib import errors
|
||||
from ipalib import Updater
|
||||
from ipapython.dn import DN
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
register = Registry()
|
||||
|
||||
|
||||
@@ -35,23 +38,23 @@ class update_dna_shared_config(Updater):
|
||||
if entry.single_value.get('nsslapd-pluginenabled') == 'off':
|
||||
return False, ()
|
||||
except errors.NotFound:
|
||||
self.log.error("Could not find DNA plugin entry: %s" %
|
||||
dna_config_base)
|
||||
logger.error("Could not find DNA plugin entry: %s",
|
||||
dna_config_base)
|
||||
return False, ()
|
||||
|
||||
try:
|
||||
entry = conn.get_entry(dna_config_base)
|
||||
except errors.NotFound:
|
||||
self.log.error("Could not find DNA config entry: %s" %
|
||||
dna_config_base)
|
||||
logger.error("Could not find DNA config entry: %s",
|
||||
dna_config_base)
|
||||
return False, ()
|
||||
|
||||
sharedcfgdn = entry.single_value.get("dnaSharedCfgDN")
|
||||
if sharedcfgdn is not None:
|
||||
sharedcfgdn = DN(sharedcfgdn)
|
||||
else:
|
||||
self.log.error(
|
||||
"Could not find DNA shared config DN in entry: %s" %
|
||||
logger.error(
|
||||
"Could not find DNA shared config DN in entry: %s",
|
||||
dna_config_base)
|
||||
return False, ()
|
||||
|
||||
@@ -80,25 +83,25 @@ class update_dna_shared_config(Updater):
|
||||
)
|
||||
break
|
||||
except errors.NotFound:
|
||||
self.log.debug(
|
||||
logger.debug(
|
||||
"Unable to find DNA shared config entry for "
|
||||
"dnaHostname=%s (under %s) so far. Retry in 2 sec." %
|
||||
(fqdn, sharedcfgdn)
|
||||
"dnaHostname=%s (under %s) so far. Retry in 2 sec.",
|
||||
fqdn, sharedcfgdn
|
||||
)
|
||||
time.sleep(2)
|
||||
else:
|
||||
self.log.error(
|
||||
"Could not get dnaHostname entries in {} seconds".format(
|
||||
max_wait * 2)
|
||||
logger.error(
|
||||
"Could not get dnaHostname entries in %s seconds",
|
||||
max_wait * 2
|
||||
)
|
||||
return False, ()
|
||||
|
||||
# If there are several entries, all of them will be updated
|
||||
# just log a debug msg. This is likely the result of #5510
|
||||
if len(entries) != 1:
|
||||
self.log.debug(
|
||||
"%d entries dnaHostname=%s under %s. One expected" %
|
||||
(len(entries), fqdn, sharedcfgdn)
|
||||
logger.debug(
|
||||
"%d entries dnaHostname=%s under %s. One expected",
|
||||
len(entries), fqdn, sharedcfgdn
|
||||
)
|
||||
|
||||
# time to set the bind method and the protocol in the
|
||||
@@ -117,9 +120,9 @@ class update_dna_shared_config(Updater):
|
||||
try:
|
||||
conn.update_entry(entry)
|
||||
except Exception as e:
|
||||
self.log.error(
|
||||
logger.error(
|
||||
"Failed to set SASL/GSSAPI bind method/protocol "
|
||||
"in entry {}: {}".format(entry, e)
|
||||
"in entry %s: %s", entry, e
|
||||
)
|
||||
# no restart, no update
|
||||
return False, ()
|
||||
|
||||
@@ -83,6 +83,8 @@ No other keys are allowed in the template
|
||||
The plugin also deletes permissions specified in OBSOLETE_PERMISSIONS.
|
||||
"""
|
||||
|
||||
import logging
|
||||
|
||||
import six
|
||||
|
||||
from ipalib import api, errors
|
||||
@@ -97,6 +99,8 @@ from ipaserver.plugins.permission import permission, permission_del
|
||||
if six.PY3:
|
||||
unicode = str
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
register = Registry()
|
||||
|
||||
OBSOLETE_PERMISSIONS = {
|
||||
@@ -327,7 +331,7 @@ class update_managed_permissions(Updater):
|
||||
|
||||
for acistr in acistrs:
|
||||
if ACI(acistr).isequal(anonymous_read_aci):
|
||||
self.log.debug('Removing anonymous ACI: %s', acistr)
|
||||
logger.debug('Removing anonymous ACI: %s', acistr)
|
||||
acistrs.remove(acistr)
|
||||
break
|
||||
else:
|
||||
@@ -356,18 +360,18 @@ class update_managed_permissions(Updater):
|
||||
anonymous_read_aci = self.get_anonymous_read_aci(ldap)
|
||||
|
||||
if anonymous_read_aci:
|
||||
self.log.debug('Anonymous read ACI: %s', anonymous_read_aci)
|
||||
logger.debug('Anonymous read ACI: %s', anonymous_read_aci)
|
||||
else:
|
||||
self.log.debug('Anonymous ACI not found')
|
||||
logger.debug('Anonymous ACI not found')
|
||||
|
||||
current_obj = () # initially distinct from any obj value, even None
|
||||
for name, template, obj in self.get_templates():
|
||||
if current_obj != obj:
|
||||
if obj:
|
||||
self.log.debug('Updating managed permissions for %s',
|
||||
obj.name)
|
||||
logger.debug('Updating managed permissions for %s',
|
||||
obj.name)
|
||||
else:
|
||||
self.log.debug('Updating non-object managed permissions')
|
||||
logger.debug('Updating non-object managed permissions')
|
||||
current_obj = obj
|
||||
|
||||
self.update_permission(ldap,
|
||||
@@ -380,15 +384,15 @@ class update_managed_permissions(Updater):
|
||||
self.remove_anonymous_read_aci(ldap, anonymous_read_aci)
|
||||
|
||||
for obsolete_name in OBSOLETE_PERMISSIONS:
|
||||
self.log.debug('Deleting obsolete permission %s', obsolete_name)
|
||||
logger.debug('Deleting obsolete permission %s', obsolete_name)
|
||||
try:
|
||||
self.api.Command[permission_del](unicode(obsolete_name),
|
||||
force=True,
|
||||
version=u'2.101')
|
||||
except errors.NotFound:
|
||||
self.log.debug('Obsolete permission not found')
|
||||
logger.debug('Obsolete permission not found')
|
||||
else:
|
||||
self.log.debug('Obsolete permission deleted: %s', obsolete_name)
|
||||
logger.debug('Obsolete permission deleted: %s', obsolete_name)
|
||||
|
||||
return False, ()
|
||||
|
||||
@@ -429,7 +433,7 @@ class update_managed_permissions(Updater):
|
||||
legacy_entry = ldap.get_entry(legacy_dn,
|
||||
['ipapermissiontype', 'cn'])
|
||||
except errors.NotFound:
|
||||
self.log.debug("Legacy permission %s not found", legacy_name)
|
||||
logger.debug("Legacy permission %s not found", legacy_name)
|
||||
else:
|
||||
if 'ipapermissiontype' not in legacy_entry:
|
||||
if is_new:
|
||||
@@ -440,47 +444,47 @@ class update_managed_permissions(Updater):
|
||||
included, excluded = self.get_upgrade_attr_lists(
|
||||
acistr, legacy_acistrs)
|
||||
except IncompatibleACIModification:
|
||||
self.log.error(
|
||||
logger.error(
|
||||
"Permission '%s' has been modified from its "
|
||||
"default; not updating it to '%s'.",
|
||||
legacy_name, name)
|
||||
return
|
||||
else:
|
||||
self.log.debug("Merging attributes from legacy "
|
||||
"permission '%s'", legacy_name)
|
||||
self.log.debug("Included attrs: %s",
|
||||
', '.join(sorted(included)))
|
||||
self.log.debug("Excluded attrs: %s",
|
||||
', '.join(sorted(excluded)))
|
||||
logger.debug("Merging attributes from legacy "
|
||||
"permission '%s'", legacy_name)
|
||||
logger.debug("Included attrs: %s",
|
||||
', '.join(sorted(included)))
|
||||
logger.debug("Excluded attrs: %s",
|
||||
', '.join(sorted(excluded)))
|
||||
entry['ipapermincludedattr'] = list(included)
|
||||
entry['ipapermexcludedattr'] = list(excluded)
|
||||
remove_legacy = True
|
||||
else:
|
||||
self.log.debug("Ignoring attributes in legacy "
|
||||
"permission '%s' because '%s' exists",
|
||||
legacy_name, name)
|
||||
logger.debug("Ignoring attributes in legacy "
|
||||
"permission '%s' because '%s' exists",
|
||||
legacy_name, name)
|
||||
remove_legacy = True
|
||||
else:
|
||||
self.log.debug("Ignoring V2 permission named '%s'" %
|
||||
legacy_name)
|
||||
logger.debug("Ignoring V2 permission named '%s'",
|
||||
legacy_name)
|
||||
|
||||
update_aci = True
|
||||
self.log.debug('Updating managed permission: %s', name)
|
||||
logger.debug('Updating managed permission: %s', name)
|
||||
if is_new:
|
||||
ldap.add_entry(entry)
|
||||
else:
|
||||
try:
|
||||
ldap.update_entry(entry)
|
||||
except errors.EmptyModlist:
|
||||
self.log.debug('No changes to permission: %s', name)
|
||||
logger.debug('No changes to permission: %s', name)
|
||||
update_aci = False
|
||||
|
||||
if update_aci:
|
||||
self.log.debug('Updating ACI for managed permission: %s', name)
|
||||
logger.debug('Updating ACI for managed permission: %s', name)
|
||||
permission_plugin.update_aci(entry)
|
||||
|
||||
if remove_legacy:
|
||||
self.log.debug("Removing legacy permission '%s'", legacy_name)
|
||||
logger.debug("Removing legacy permission '%s'", legacy_name)
|
||||
self.api.Command[permission_del](unicode(legacy_name))
|
||||
|
||||
for name in template.get('replaces_system', ()):
|
||||
@@ -489,14 +493,14 @@ class update_managed_permissions(Updater):
|
||||
entry = ldap.get_entry(permission_plugin.get_dn(name),
|
||||
['ipapermissiontype'])
|
||||
except errors.NotFound:
|
||||
self.log.debug("Legacy permission '%s' not found", name)
|
||||
logger.debug("Legacy permission '%s' not found", name)
|
||||
else:
|
||||
flags = entry.get('ipapermissiontype', [])
|
||||
if list(flags) == ['SYSTEM']:
|
||||
self.log.debug("Removing legacy permission '%s'", name)
|
||||
logger.debug("Removing legacy permission '%s'", name)
|
||||
self.api.Command[permission_del](name, force=True)
|
||||
else:
|
||||
self.log.debug("Ignoring V2 permission '%s'", name)
|
||||
logger.debug("Ignoring V2 permission '%s'", name)
|
||||
|
||||
def get_upgrade_attr_lists(self, current_acistring, default_acistrings):
|
||||
"""Compute included and excluded attributes for a new permission
|
||||
@@ -541,8 +545,8 @@ class update_managed_permissions(Updater):
|
||||
|
||||
current_aci = ACI(current_acistring)
|
||||
current_attrs = _pop_targetattr(current_aci)
|
||||
self.log.debug("Current ACI for '%s': %s",
|
||||
current_aci.name, current_acistring)
|
||||
logger.debug("Current ACI for '%s': %s",
|
||||
current_aci.name, current_acistring)
|
||||
|
||||
attrs_in_all_defaults = None
|
||||
attrs_in_any_defaults = set()
|
||||
@@ -550,11 +554,11 @@ class update_managed_permissions(Updater):
|
||||
for default_acistring in default_acistrings:
|
||||
default_aci = ACI(default_acistring)
|
||||
default_attrs = _pop_targetattr(default_aci)
|
||||
self.log.debug("Default ACI for '%s': %s",
|
||||
default_aci.name, default_acistring)
|
||||
logger.debug("Default ACI for '%s': %s",
|
||||
default_aci.name, default_acistring)
|
||||
|
||||
if current_aci != default_aci:
|
||||
self.log.debug('ACIs not compatible')
|
||||
logger.debug('ACIs not compatible')
|
||||
continue
|
||||
else:
|
||||
all_incompatible = False
|
||||
@@ -566,7 +570,7 @@ class update_managed_permissions(Updater):
|
||||
attrs_in_any_defaults |= default_attrs
|
||||
|
||||
if all_incompatible:
|
||||
self.log.debug('All old default ACIs are incompatible')
|
||||
logger.debug('All old default ACIs are incompatible')
|
||||
raise(IncompatibleACIModification())
|
||||
|
||||
included = current_attrs - attrs_in_any_defaults
|
||||
@@ -659,8 +663,8 @@ class update_managed_permissions(Updater):
|
||||
anonymous_read_aci.target['targetattr']['expression'])
|
||||
read_blacklist &= attributes
|
||||
if read_blacklist:
|
||||
self.log.debug('Excluded attributes for %s: %s',
|
||||
name, ', '.join(read_blacklist))
|
||||
logger.debug('Excluded attributes for %s: %s',
|
||||
name, ', '.join(read_blacklist))
|
||||
entry['ipapermexcludedattr'] = list(read_blacklist)
|
||||
|
||||
# Sanity check
|
||||
@@ -700,7 +704,7 @@ class update_read_replication_agreements_permission(Updater):
|
||||
try:
|
||||
perm_entry = ldap.get_entry(old_perm_dn)
|
||||
except errors.NotFound:
|
||||
self.log.debug("Old permission not found")
|
||||
logger.debug("Old permission not found")
|
||||
return False, ()
|
||||
|
||||
try:
|
||||
@@ -709,9 +713,9 @@ class update_read_replication_agreements_permission(Updater):
|
||||
# we can happily upgrade
|
||||
pass
|
||||
else:
|
||||
self.log.error("Permission '{}' cannot be upgraded. "
|
||||
"Permission with target name '{}' already "
|
||||
"exists".format(old_perm_dn, new_perm_dn))
|
||||
logger.error("Permission '%s' cannot be upgraded. "
|
||||
"Permission with target name '%s' already "
|
||||
"exists", old_perm_dn, new_perm_dn)
|
||||
return False, ()
|
||||
|
||||
# values are case insensitive
|
||||
@@ -729,14 +733,14 @@ class update_read_replication_agreements_permission(Updater):
|
||||
perm_entry['ipapermlocation'] = []
|
||||
perm_entry['ipapermtargetfilter'] = []
|
||||
|
||||
self.log.debug("Removing MANAGED attributes from permission %s",
|
||||
old_perm_dn)
|
||||
logger.debug("Removing MANAGED attributes from permission %s",
|
||||
old_perm_dn)
|
||||
try:
|
||||
ldap.update_entry(perm_entry)
|
||||
except errors.EmptyModlist:
|
||||
pass
|
||||
|
||||
# do modrdn on permission
|
||||
self.log.debug("modrdn: %s -> %s", old_perm_dn, new_perm_dn)
|
||||
logger.debug("modrdn: %s -> %s", old_perm_dn, new_perm_dn)
|
||||
ldap.move_entry(old_perm_dn, new_perm_dn)
|
||||
return False, ()
|
||||
|
||||
@@ -2,6 +2,8 @@
|
||||
# Copyright (C) 2015 FreeIPA Contributors see COPYING for license
|
||||
#
|
||||
|
||||
import logging
|
||||
|
||||
from ipalib.plugable import Registry
|
||||
from ipalib import errors
|
||||
from ipalib import Updater
|
||||
@@ -10,6 +12,8 @@ from ipapython.dn import DN
|
||||
from ipaserver.install import sysupgrade
|
||||
from ipaserver.install.ldapupdate import LDAPUpdate
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
register = Registry()
|
||||
|
||||
|
||||
@@ -32,7 +36,7 @@ class update_nis_configuration(Updater):
|
||||
# maps, we do not want to restore them again
|
||||
return
|
||||
|
||||
self.log.debug("Recovering from missing NIS maps bug")
|
||||
logger.debug("Recovering from missing NIS maps bug")
|
||||
|
||||
suffix = "cn=NIS Server,cn=plugins,cn=config"
|
||||
domain = self.api.env.domain
|
||||
@@ -71,7 +75,7 @@ class update_nis_configuration(Updater):
|
||||
ldap.get_entry(dn, attrs_list=['cn'])
|
||||
except errors.NotFound:
|
||||
# NIS is not configured on system, do not execute update
|
||||
self.log.debug("Skipping NIS update, NIS Server is not configured")
|
||||
logger.debug("Skipping NIS update, NIS Server is not configured")
|
||||
|
||||
# container does not exist, bug #5507 is not effective
|
||||
sysupgrade.set_upgrade_state(
|
||||
@@ -79,7 +83,7 @@ class update_nis_configuration(Updater):
|
||||
else:
|
||||
self.__recover_from_missing_maps(ldap)
|
||||
|
||||
self.log.debug("Executing NIS Server update")
|
||||
logger.debug("Executing NIS Server update")
|
||||
ld = LDAPUpdate(sub_dict={}, ldapi=True)
|
||||
ld.update([paths.NIS_UPDATE_ULDIF])
|
||||
|
||||
|
||||
@@ -17,10 +17,14 @@
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
import logging
|
||||
|
||||
from ipalib import Registry, errors
|
||||
from ipalib import Updater
|
||||
from ipapython.dn import DN
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
register = Registry()
|
||||
|
||||
|
||||
@@ -38,18 +42,18 @@ class update_pacs(Updater):
|
||||
entry = ldap.get_entry(dn, ['ipakrbauthzdata'])
|
||||
pacs = entry.get('ipakrbauthzdata', [])
|
||||
except errors.NotFound:
|
||||
self.log.warning('Error retrieving: %s' % str(dn))
|
||||
logger.warning('Error retrieving: %s', str(dn))
|
||||
return False, []
|
||||
|
||||
nfs_pac_set = any(pac.startswith('nfs:') for pac in pacs)
|
||||
|
||||
if not nfs_pac_set:
|
||||
self.log.debug('Adding nfs:NONE to default PAC types')
|
||||
logger.debug('Adding nfs:NONE to default PAC types')
|
||||
|
||||
updated_pacs = pacs + [u'nfs:NONE']
|
||||
entry['ipakrbauthzdata'] = updated_pacs
|
||||
ldap.update_entry(entry)
|
||||
else:
|
||||
self.log.debug('PAC for nfs is already set, not adding nfs:NONE.')
|
||||
logger.debug('PAC for nfs is already set, not adding nfs:NONE.')
|
||||
|
||||
return False, []
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
# Copyright (C) 2016 FreeIPA Contributors see COPYING for license
|
||||
#
|
||||
|
||||
import logging
|
||||
import os
|
||||
import tempfile
|
||||
|
||||
@@ -12,6 +13,8 @@ from ipaplatform.paths import paths
|
||||
from ipapython.certdb import NSSDatabase
|
||||
from ipaserver.install import cainstance
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
register = Registry()
|
||||
|
||||
|
||||
@@ -35,11 +38,11 @@ class update_ra_cert_store(Updater):
|
||||
elif os.path.exists(paths.RA_AGENT_PEM):
|
||||
# even though the certificate file exists, we will overwrite it
|
||||
# as it's probabably something wrong anyway
|
||||
self.log.warning(
|
||||
logger.warning(
|
||||
"A certificate with the nickname 'ipaCert' exists in "
|
||||
"the old '{}' NSS database as well as in the new "
|
||||
"PEM file '{}'"
|
||||
.format(paths.HTTPD_ALIAS_DIR, paths.RA_AGENT_PEM))
|
||||
"the old '%s' NSS database as well as in the new "
|
||||
"PEM file '%s'",
|
||||
paths.HTTPD_ALIAS_DIR, paths.RA_AGENT_PEM)
|
||||
|
||||
_fd, p12file = tempfile.mkstemp(dir=certdb.secdir)
|
||||
# no password is necessary as we will be saving it in clear anyway
|
||||
|
||||
@@ -17,6 +17,8 @@
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
import logging
|
||||
|
||||
from ipalib.install import certstore
|
||||
from ipaplatform.paths import paths
|
||||
from ipaserver.install import certs
|
||||
@@ -25,6 +27,8 @@ from ipalib import Updater
|
||||
from ipapython import certdb
|
||||
from ipapython.dn import DN
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
register = Registry()
|
||||
|
||||
|
||||
@@ -66,8 +70,8 @@ class update_upload_cacrt(Updater):
|
||||
try:
|
||||
certstore.init_ca_entry(entry, cert, nickname, trust, eku)
|
||||
except Exception as e:
|
||||
self.log.warning("Failed to create entry for %s: %s",
|
||||
nickname, e)
|
||||
logger.warning("Failed to create entry for %s: %s",
|
||||
nickname, e)
|
||||
continue
|
||||
if nickname == ca_nickname:
|
||||
ca_cert = cert
|
||||
|
||||
Reference in New Issue
Block a user