summaryrefslogtreecommitdiffstats
path: root/install/tools/ipa-server-install
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2010-10-29 20:24:31 +0200
committerRob Crittenden <rcritten@redhat.com>2010-11-09 13:28:10 -0500
commit594adb98773d365efda5a7449f66042015645f7f (patch)
tree885747621352119fbe3751c4b0f84b148136b162 /install/tools/ipa-server-install
parent22056206641f7b8f2751f9d4f2200e7c5030e084 (diff)
downloadfreeipa-594adb98773d365efda5a7449f66042015645f7f.tar.gz
freeipa-594adb98773d365efda5a7449f66042015645f7f.tar.xz
freeipa-594adb98773d365efda5a7449f66042015645f7f.zip
Log script options to logfile
Uses a new subclass IPAOptionParser in scripts instead of OptionParser from the standard python library. IPAOptionParser uses its own IPAOption class to store options, which adds a new 'sensitive' attribute. https://fedorahosted.org/freeipa/ticket/393
Diffstat (limited to 'install/tools/ipa-server-install')
-rwxr-xr-xinstall/tools/ipa-server-install23
1 files changed, 14 insertions, 9 deletions
diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install
index ebf71666e..c5b3333b9 100755
--- a/install/tools/ipa-server-install
+++ b/install/tools/ipa-server-install
@@ -35,7 +35,6 @@ import signal
import shutil
import glob
import traceback
-from optparse import OptionParser
from ConfigParser import RawConfigParser
import random
@@ -55,6 +54,7 @@ from ipaserver.plugins.ldap2 import ldap2
from ipapython import sysrestore
from ipapython.ipautil import *
from ipalib import api, errors, util
+from ipapython.config import IPAOptionParser
pw_name = None
@@ -65,7 +65,7 @@ MAXINT_32BIT = 2147483648
def parse_options():
namespace = random.randint(1000000, (MAXINT_32BIT - 1000000))
- parser = OptionParser(version=version.VERSION)
+ parser = IPAOptionParser(version=version.VERSION)
parser.add_option("-u", "--user", dest="ds_user",
help="ds user")
parser.add_option("-r", "--realm", dest="realm_name",
@@ -73,10 +73,12 @@ def parse_options():
parser.add_option("-n", "--domain", dest="domain_name",
help="domain name")
parser.add_option("-p", "--ds-password", dest="dm_password",
- help="admin password")
- parser.add_option("-P", "--master-password", dest="master_password",
+ sensitive=True, help="admin password")
+ parser.add_option("-P", "--master-password",
+ dest="master_password", sensitive=True,
help="kerberos master password (normally autogenerated)")
- parser.add_option("-a", "--admin-password", dest="admin_password",
+ parser.add_option("-a", "--admin-password",
+ sensitive=True, dest="admin_password",
help="admin user kerberos password")
parser.add_option("-d", "--debug", dest="debug", action="store_true",
default=False, help="print debugging information")
@@ -108,9 +110,9 @@ def parse_options():
help="PKCS#12 file containing the Directory Server SSL certificate")
parser.add_option("--http_pkcs12", dest="http_pkcs12",
help="PKCS#12 file containing the Apache Server SSL certificate")
- parser.add_option("--dirsrv_pin", dest="dirsrv_pin",
+ parser.add_option("--dirsrv_pin", dest="dirsrv_pin", sensitive=True,
help="The password of the Directory Server PKCS#12 file")
- parser.add_option("--http_pin", dest="http_pin",
+ parser.add_option("--http_pin", dest="http_pin", sensitive=True,
help="The password of the Apache Server PKCS#12 file")
parser.add_option("--no-host-dns", dest="no_host_dns", action="store_true",
default=False,
@@ -126,6 +128,7 @@ def parse_options():
action="store_true",
help="Don't install allow_all HBAC rule")
options, args = parser.parse_args()
+ safe_options = parser.get_safe_opts(options)
if not options.setup_dns:
if options.forwarders:
@@ -167,7 +170,7 @@ def parse_options():
if (options.external_cert_file and not os.path.isabs(options.external_cert_file)):
parser.error("--external-cert-file must use an absolute path")
- return options
+ return safe_options, options
def signal_handler(signum, frame):
global ds
@@ -432,7 +435,7 @@ def main():
global uninstalling
ds = None
- options = parse_options()
+ safe_options, options = parse_options()
if os.getegid() != 0:
print "Must be root to set up server"
@@ -450,6 +453,8 @@ def main():
if dsinstance.DsInstance().is_configured() or cainstance.CADSInstance().is_configured():
sys.exit("IPA server is already configured on this system.")
+ logging.debug('%s was invoked with options: %s' % (sys.argv[0], safe_options))
+
global fstore
fstore = sysrestore.FileStore('/var/lib/ipa/sysrestore')