IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity
10,512 Commits 11 Branches 60 Tags
a2c58889735c794cd1e93331c755b6f9ba273773
Commit Graph

29 Commits

Author SHA1 Message Date
Jan Cholasta
a2c5888973 ipalib: move certstore to the install subpackage 
The certstore module depends on ipaplatform.

Move it to ipalib.install, as it is used only from installers.

https://fedorahosted.org/freeipa/ticket/6474

Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
 2016-11-29 14:50:51 +01:00
Jan Cholasta
7d5c680ace ipautil: move kinit functions to ipalib.install 
kinit_password() depends on ipaplatform.

Move kinit_password() as well as kinit_keytab() to a new
ipalib.install.kinit module, as they are used only from installers.

https://fedorahosted.org/freeipa/ticket/6474

Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
 2016-11-29 14:50:51 +01:00
Jan Cholasta
75b70e3f0d ipautil: move is_fips_enabled() to ipaplatform.tasks 
The FIPS setting is platform-specific.

https://fedorahosted.org/freeipa/ticket/6474

Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
 2016-11-29 14:50:51 +01:00
Jan Cholasta
fba6c21da3 certdb: move IPA NSS DB install functions to ipaclient.install 
The create_ipa_nssdb() and update_ipa_nssdb() depend on ipaplatform.

Move them to ipaclient.install.client as they are used only from the client
installer and ipa-restore.

https://fedorahosted.org/freeipa/ticket/6474

Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
 2016-11-29 14:50:51 +01:00
Jan Cholasta
26c46a447f ipapython: move certmonger and sysrestore to ipalib.install 
The certmonger and sysrestore modules depend on ipaplatform.

Move them to ipalib.install as they are used only from installers.

https://fedorahosted.org/freeipa/ticket/6474

Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
 2016-11-29 14:50:51 +01:00
Jan Cholasta
9117a5d5a6 paths: remove DEV_NULL 
The platform-specific path to /dev/null is provided by the Python standard
library in os.devnull.

Replace all uses of paths.DEV_NULL with os.devnull and remove DEV_NULL.

https://fedorahosted.org/freeipa/ticket/6474

Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
 2016-11-29 14:50:51 +01:00
Christian Heimes
6409abf1a6 Break ipaplatform / ipalib import cycle of hell 
Here is an attempt to break the import cycle of hell between ipaplatform
and ipalib. All services now pass an ipalib.api object to
services.service(). RedHatServices.__init__() still needs to do a local
import because it initializes its wellknown service dict with service
instances.

Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
 2016-11-24 16:30:32 +01:00
Jan Cholasta
09423acb65 install: migrate client install to the new class hierarchy 
Migrate ipa-client-install from the custom script to the new installer
class hierarchy classes.

https://fedorahosted.org/freeipa/ticket/6392

Reviewed-By: Martin Basti <mbasti@redhat.com>
 2016-11-11 12:17:25 +01:00
Jan Cholasta
a8fdb8de82 install: introduce installer class hierarchy 
Add class hierarchy which allows inherting knob definitions between the
various client and server install scripts.

https://fedorahosted.org/freeipa/ticket/6392

Reviewed-By: Martin Basti <mbasti@redhat.com>
 2016-11-11 12:17:25 +01:00
Stanislav Laznicka
b068d3336a Added file permissions option to IPAChangeConf.newConf() 
Also added information about why os.chmod is called sometimes
after newConf() calls.

https://fedorahosted.org/freeipa/ticket/6392

Reviewed-By: Martin Basti <mbasti@redhat.com>
 2016-11-11 12:13:56 +01:00
Martin Basti
847b6eddab client: use correct code for failed uninstall 
Hardcoded value 1 means CLIENT_INSTALL_ERROR, but this part belongs to
uninstallation so it should be CLIENT_UNINSTALL_ERROR

https://fedorahosted.org/freeipa/ticket/6392

Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
 2016-11-11 12:13:56 +01:00
Martin Basti
5249eb817e client: use exceptions instead of return states 
Python has builtin exceptions which can be used very well to handling
errors in python instead of returning error states (C style)

Exception will allow better client-server integration in future

https://fedorahosted.org/freeipa/ticket/6392

Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
 2016-11-11 12:13:56 +01:00
Martin Basti
b3786730e5 client: move install cleanup from ipa-client-install to module 
Cleanup should be part of installation function

https://fedorahosted.org/freeipa/ticket/6392

Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
 2016-11-11 12:13:56 +01:00
Martin Basti
bbad08900b client: move clean CCACHE to module 
According 04b8575c52 cleaning CCACHE is
needed after installation. This commit moves this cleanup from
ipa-client-install to client.install() function

https://fedorahosted.org/freeipa/ticket/6392

Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
 2016-11-11 12:13:56 +01:00
Martin Basti
83fe6b626f client: move custom env variable into client module 
There is no need to have env as parameter because this is used only
once, so it can eb safely moved to client.py module

NOTE: PATH should be overwritten to safe values before we execute any
command
https://www.securecoding.cert.org/confluence/display/c/ENV03-C.+Sanitize+the+environment+when+invoking+external+programs

https://fedorahosted.org/freeipa/ticket/6392

Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
 2016-11-11 12:13:56 +01:00
Martin Basti
fcea3b3fb8 client: extract checks from uninstall to uninstall_check 
Checks if uninstallation is possible should be moved to uninstall_check

https://fedorahosted.org/freeipa/ticket/6392

Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
 2016-11-11 12:13:56 +01:00
Martin Basti
3f690a0a3a client: extract checks from install to install_check 
client install contained installation check that have been moved to
install_check function

https://fedorahosted.org/freeipa/ticket/6392

Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
 2016-11-11 12:13:56 +01:00
Martin Basti
2c226ebc27 client: move checks to client.install_check 
Move checks from ipa-client-install to clien.install_check

https://fedorahosted.org/freeipa/ticket/6392

Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
 2016-11-11 12:13:56 +01:00
Martin Basti
33537f5556 client: make statestore and fstore consistent with server 
There should not be mixed statestore as global variable and as local
function parameter. This commit fixes usage of sysrestore and statestore
as local variables only. In future we may need to change default
statestore and fstore depending on where the functions are called and
this change makes it easier and less error prone.

https://fedorahosted.org/freeipa/ticket/6392

Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
 2016-11-11 12:13:56 +01:00
Martin Babinsky
3d5161d7e9 Separate function to purge IPA host principals from keytab 
This functionality will be reused in the DL0 host enrollment

https://fedorahosted.org/freeipa/ticket/6434

Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
 2016-11-11 12:13:56 +01:00
Stanislav Laznicka
bddd4fac46 Replaced EMPTY_LINE constant with a function call 
https://fedorahosted.org/freeipa/ticket/6392

Reviewed-By: Martin Basti <mbasti@redhat.com>
 2016-11-11 12:13:56 +01:00
Stanislav Laznicka
cf1c4e84e7 client: Making the configure functions more readable 
https://fedorahosted.org/freeipa/ticket/6392

Reviewed-By: Martin Basti <mbasti@redhat.com>
 2016-11-11 12:13:56 +01:00
Martin Basti
31a9ef4f8b IPAChangeConf: use constant for empty line 
Instead of copy&paste is better to use constant. It makes code shorter
and improves readability, saves resources.

https://fedorahosted.org/freeipa/ticket/6392

Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
 2016-11-11 12:13:56 +01:00
Martin Basti
1c9267803c client: import IPAChangeConf directly instead the module 
We should use as specific import as possible, better for python memory
consumption and speed, and looks better in code.

https://fedorahosted.org/freeipa/ticket/6392

Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
 2016-11-11 12:13:56 +01:00
Martin Basti
c30b45ab15 client: remove extra return from hardcode_ldap_server 
https://fedorahosted.org/freeipa/ticket/6392

Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
 2016-11-11 12:13:56 +01:00
Martin Basti
cc6efb9798 client: install function: return constant not hardcoded number 
https://fedorahosted.org/freeipa/ticket/6392

Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
 2016-11-11 12:13:56 +01:00
Martin Basti
49f201e2b2 client: remove unneded return from configure_ipa_conf 
Function always returns return code 0, and this code is even not used
elsewehere.

https://fedorahosted.org/freeipa/ticket/6392

Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
 2016-11-11 12:13:56 +01:00
Martin Basti
5c16608a0d client: remove unneded return configure_krb5_conf 
Function configure_krb5_conf always returns 0 as return state. Remove
the 'return' statement and let exceptions work

https://fedorahosted.org/freeipa/ticket/6392

Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
 2016-11-11 12:13:56 +01:00
Martin Basti
f98faec478 ipa-client-install: move client install to module 
This commit only moves the code from ipa-client-install to module
ipaclient/install/client.py and fixes PEP8.

https://fedorahosted.org/freeipa/ticket/6392

Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
 2016-11-11 12:13:56 +01:00