diff options
| author | Martin Kosek <mkosek@redhat.com> | 2013-03-13 14:42:12 +0100 |
|---|---|---|
| committer | Martin Kosek <mkosek@redhat.com> | 2013-03-14 09:35:17 +0100 |
| commit | 452ffa143aadba5f16f4fe67720e28852fdf1fb7 (patch) | |
| tree | 2af9e7d327f83ce77cd0680ffc537b3ea5523d0d | |
| parent | 158bf45cae0cb6ddcb84523b46e366b18634d11e (diff) | |
| download | freeipa-452ffa143aadba5f16f4fe67720e28852fdf1fb7.tar.gz freeipa-452ffa143aadba5f16f4fe67720e28852fdf1fb7.tar.xz freeipa-452ffa143aadba5f16f4fe67720e28852fdf1fb7.zip | |
Preserve order of servers in ipa-client-install
When multiple servers are passed via --server option, ipadiscovery
module changed its order. Make sure that we preserve it.
Also make sure that user is always warned when a tested server is
not available as then the server will be excluded from the fixed
server list. Log messages were made more informative so that user
knows which server is actually failing to be verified.
https://fedorahosted.org/freeipa/ticket/3418
| -rw-r--r-- | ipa-client/ipaclient/ipadiscovery.py | 21 |
1 files changed, 12 insertions, 9 deletions
diff --git a/ipa-client/ipaclient/ipadiscovery.py b/ipa-client/ipaclient/ipadiscovery.py index 6ae9616de..9a58b9678 100644 --- a/ipa-client/ipaclient/ipadiscovery.py +++ b/ipa-client/ipaclient/ipadiscovery.py @@ -246,7 +246,7 @@ class IPADiscovery(object): self.realm = ldapret[2] self.server_source = self.realm_source = ( 'Discovered from LDAP DNS records in %s' % self.server) - valid_servers.insert(0, server) + valid_servers.append(server) # verified, we actually talked to the remote server and it # is definetely an IPA server verified_servers = True @@ -256,7 +256,7 @@ class IPADiscovery(object): break elif ldapret[0] == NO_ACCESS_TO_LDAP or ldapret[0] == NO_TLS_LDAP: ldapaccess = False - valid_servers.insert(0, server) + valid_servers.append(server) # we may set verified_servers below, we don't have it yet if autodiscovered: # No need to keep verifying servers if we discovered them @@ -264,11 +264,14 @@ class IPADiscovery(object): break elif ldapret[0] == NOT_IPA_SERVER: root_logger.warn( - '%s (realm %s) is not an IPA server', server, self.realm) + 'Skip %s: not an IPA server', server) elif ldapret[0] == NO_LDAP_SERVER: - root_logger.debug( - 'Unable to verify that %s (realm %s) is an IPA server', - server, self.realm) + root_logger.warn( + 'Skip %s: LDAP server is not responding, unable to verify if ' + 'this is an IPA server', server) + else: + root_logger.warn( + 'Skip %s: cannot verify if this is an IPA server', server) # If one of LDAP servers checked rejects access (maybe anonymous # bind is disabled), assume realm and basedn generated off domain. @@ -396,7 +399,7 @@ class IPADiscovery(object): return [UNKNOWN_ERROR] except errors.DatabaseTimeout: - root_logger.error("LDAP Error: timeout") + root_logger.debug("LDAP Error: timeout") return [NO_LDAP_SERVER] except errors.NetworkError, err: root_logger.debug("LDAP Error: %s" % err.strerror) @@ -405,10 +408,10 @@ class IPADiscovery(object): root_logger.debug("LDAP Error: Anonymous access not allowed") return [NO_ACCESS_TO_LDAP] except errors.DatabaseError, err: - root_logger.error("Error checking LDAP: %s" % err.strerror) + root_logger.debug("Error checking LDAP: %s" % err.strerror) return [UNKNOWN_ERROR] except Exception, err: - root_logger.error("Error checking LDAP: %s" % err) + root_logger.debug("Error checking LDAP: %s" % err) return [UNKNOWN_ERROR] |