summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlexander Bokovoy <abokovoy@redhat.com>2011-07-12 13:34:38 +0300
committerAlexander Bokovoy <abokovoy@redhat.com>2011-07-29 12:58:11 +0300
commitc458bdd1332df2cffc14283b62ec67d4bfbec06d (patch)
tree49c183fbfde986bce65bd9e662090772c34aa882
parent4c4b8a8189b5390628890717c01f2b6cb3e06c6a (diff)
downloadfreeipa-ticket-1369.zip
freeipa-ticket-1369.tar.gz
freeipa-ticket-1369.tar.xz
Improve error reporting on ipa-client-install for LDAP configurationsticket-1369
Re-arrange and improve reported warnings so that messages are clearer for administrators.
-rwxr-xr-xipa-client/ipa-install/ipa-client-install29
-rw-r--r--ipapython/ipautil.py18
2 files changed, 17 insertions, 30 deletions
diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install
index 6ad001b..75a1b3d 100755
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -31,7 +31,7 @@ try:
from ipaclient import ipadiscovery
import ipaclient.ipachangeconf
import ipaclient.ntpconf
- from ipapython.ipautil import run, user_input, CalledProcessError, file_exists, package_installed_name
+ from ipapython.ipautil import run, user_input, CalledProcessError, file_exists
from ipapython import ipautil
from ipapython import dnsclient
from ipapython import sysrestore
@@ -336,6 +336,7 @@ def configure_ldap_conf(fstore, cli_basedn, cli_realm, cli_domain, cli_server, d
opts.append({'name':'empty', 'type':'empty'})
+ ret = (0, 'LDAP', '')
# Depending on the release and distribution this may exist in any
# number of different file names, update what we find
for filename in ['/etc/ldap.conf', '/etc/nss_ldap.conf', '/etc/libnss-ldap.conf', '/etc/pam_ldap.conf']:
@@ -343,11 +344,12 @@ def configure_ldap_conf(fstore, cli_basedn, cli_realm, cli_domain, cli_server, d
try:
fstore.backup_file(filename)
ldapconf.newConf(filename, opts)
+ ret = (0, 'LDAP', filename)
except Exception, e:
print "Creation of %s: %s" % (filename, str(e))
- return 1
+ return (1, 'LDAP', filename)
- return 0
+ return ret
def configure_nslcd_conf(fstore, cli_basedn, cli_realm, cli_domain, cli_server, dnsok, options):
nslcdconf = ipaclient.ipachangeconf.IPAChangeConf("IPA Installer")
@@ -379,7 +381,7 @@ def configure_nslcd_conf(fstore, cli_basedn, cli_realm, cli_domain, cli_server,
nslcdconf.newConf('/etc/nslcd.conf', opts)
except Exception, e:
print "Creation of %s: %s" % ('/etc/nslcd.conf', str(e))
- return 1
+ return (1, 'nslcd')
if ipautil.service_is_installed('nslcd'):
try:
@@ -395,7 +397,7 @@ def configure_nslcd_conf(fstore, cli_basedn, cli_realm, cli_domain, cli_server,
else:
logging.debug("NSLCD daemon is not installed, skip configuration")
- return 0
+ return (0, 'NSLCD', '/etc/nslcd.conf')
def hardcode_ldap_server(cli_server):
"""
@@ -945,7 +947,8 @@ def main():
else:
# this is optional service, just log
- logging.info("NSCD daemon is not installed, skip configuration")
+ if not options.sssd:
+ logging.info("NSCD daemon is not installed, skip configuration")
# Modify nsswitch/pam stack
if options.sssd:
@@ -964,14 +967,17 @@ def main():
run(["/usr/sbin/authconfig", "--enablekrb5", "--update", "--nostart"])
print "Kerberos 5 enabled"
+ (retcode, conf, filename) = (0, 'SSSD', '/etc/sssd.conf')
# Update non-SSSD LDAP configuration after authconfig calls as it would
# change its configuration otherways
if not options.sssd:
- if configure_ldap_conf(fstore, cli_basedn, cli_realm, cli_domain, cli_server, dnsok, options):
+ (retcode, conf, filename) = configure_ldap_conf(fstore, cli_basedn, cli_realm, cli_domain, cli_server, dnsok, options)
+ if retcode:
return 1
- if configure_nslcd_conf(fstore, cli_basedn, cli_realm, cli_domain, cli_server, dnsok, options):
+ (retcode, conf, filename) = configure_nslcd_conf(fstore, cli_basedn, cli_realm, cli_domain, cli_server, dnsok, options)
+ if retcode:
return 1
- print "LDAP configured"
+ print "%s configured using configuration file %s" % (conf, filename)
#Check that nss is working properly
if not options.on_master:
@@ -989,9 +995,8 @@ def main():
n = n + 1
if not found:
- package = package_installed_name(["nss-pam-ldapd","nss_ldap"])
- print "Unable to use DNS discovery! Recognized configuration: %s" % (package)
- print "Changing configuration to use hardcoded server name: " +cli_server
+ print "Unable to use DNS discovery! Recognized configuration: %s" % (conf)
+ print "Changing configuration of /etc/ldap.conf to use hardcoded server name: " +cli_server
try:
hardcode_ldap_server(cli_server)
diff --git a/ipapython/ipautil.py b/ipapython/ipautil.py
index 6bfebca..da6e94c 100644
--- a/ipapython/ipautil.py
+++ b/ipapython/ipautil.py
@@ -1171,21 +1171,3 @@ def bind_port_responder(port, socket_stream=True, socket_timeout=None, responder
s.sendto(responder_data, addr)
finally:
s.close()
-
-def package_installed_name(packages):
- """
- Find out which of mutually exclusive packages is installed
-
- packages is a list of package names to check
-
- Returns package name or None
- """
-
- args = ["/bin/rpm","-q","--queryformat","%{NAME}"]
- for package in packages:
- try:
- (package_name, error, retcode) = run(args+[package])
- return package_name
- except CalledProcessError:
- continue
- return None