diff options
| author | Petr Viktorin <pviktori@redhat.com> | 2013-12-10 13:00:16 +0100 |
|---|---|---|
| committer | Petr Viktorin <pviktori@redhat.com> | 2014-01-23 09:53:52 +0100 |
| commit | b4401a17706176ed7a82d82ad559f30c78a37ab2 (patch) | |
| tree | bda08a0c2129b648bb2aecb15c33b97170bec0d0 | |
| parent | 6bdc75ea24d0798c6779130451e47e569900ff4e (diff) | |
| download | freeipa-b4401a17706176ed7a82d82ad559f30c78a37ab2.tar.gz freeipa-b4401a17706176ed7a82d82ad559f30c78a37ab2.tar.xz freeipa-b4401a17706176ed7a82d82ad559f30c78a37ab2.zip | |
ipa-replica-install: Move check for existing host before DNS resolution check
The checks for existing host and existing replication agreement
set a flag that caused an exit() if any of them failed.
Between these checks there was an unrelated check, DNS resolution.
If the host and DNS checks both failed, this made it look like
the DNS check was the cause of failed install. Especially if the user
ignored the DNS check in unattended mode, the output was confusing.
Remove the flag and fail directly.
Do the replication agreement check first; fixing this with
ipa-replica-manage del will also remove the host entry.
Also, use the logger for error messages so they appear in the log
file as well as on the console.
https://fedorahosted.org/freeipa/ticket/3889
| -rwxr-xr-x | install/tools/ipa-replica-install | 39 |
1 files changed, 24 insertions, 15 deletions
diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install index d29131bdf..0979cde0e 100755 --- a/install/tools/ipa-replica-install +++ b/install/tools/ipa-replica-install @@ -606,14 +606,34 @@ def main(): tls_cacertfile=CACERT) replman = ReplicationManager(config.realm_name, config.master_host_name, config.dirman_password) - found = False + + # Check that we don't already have a replication agreement + try: + (agreement_cn, agreement_dn) = replman.agreement_dn(host) + entry = conn.get_entry(agreement_dn, ['*']) + except errors.NotFound: + pass + else: + root_logger.info('Error: A replication agreement for this host ' + 'already exists.') + print ('A replication agreement for this host already exists. ' + 'It needs to be removed.') + print "Run this on the master that generated the info file:" + print " %% ipa-replica-manage del %s --force" % host + exit(3) + + # Check pre-existing host entry try: entry = conn.find_entries(u'fqdn=%s' % host, ['fqdn'], DN(api.env.container_host, api.env.basedn)) - print "The host %s already exists on the master server.\nYou should remove it before proceeding:" % host - print " %% ipa host-del %s" % host - found = True except errors.NotFound: pass + else: + root_logger.info( + 'Error: Host %s already exists on the master server.' % host) + print 'The host %s already exists on the master server.' % host + print "You should remove it before proceeding:" + print " %% ipa host-del %s" % host + exit(3) # If remote host has DNS, check forward/reverse resolution with temporary_ldap2_connection( @@ -633,17 +653,6 @@ def main(): root_logger.debug('No IPA DNS servers, ' 'skipping forward/reverse resolution check') - # Check that we don't already have a replication agreement - try: - (agreement_cn, agreement_dn) = replman.agreement_dn(host) - entry = conn.get_entry(agreement_dn, ['*']) - print "A replication agreement for this host already exists. It needs to be removed. Run this on the master that generated the info file:" - print " %% ipa-replica-manage del %s --force" % host - found = True - except errors.NotFound: - pass - if found: - sys.exit(3) except errors.ACIError: sys.exit("\nThe password provided is incorrect for LDAP server %s" % config.master_host_name) except errors.LDAPError: |