diff options
author | Karl MacMillan <kmacmill@redhat.com> | 2007-12-20 17:05:16 -0500 |
---|---|---|
committer | Karl MacMillan <kmacmill@redhat.com> | 2007-12-20 17:05:16 -0500 |
commit | ac0fb8ea524dcc86f358f405ba233c8dcbef71ed (patch) | |
tree | ff12b4ddea8f4779fa4e603e10ae1d17b6ce3baf /ipa-server/ipa-install/ipa-replica-install | |
parent | 6d9974dd95aa5e9e8578c61a3dd71b2a530f1412 (diff) | |
download | freeipa-ac0fb8ea524dcc86f358f405ba233c8dcbef71ed.tar.gz freeipa-ac0fb8ea524dcc86f358f405ba233c8dcbef71ed.tar.xz freeipa-ac0fb8ea524dcc86f358f405ba233c8dcbef71ed.zip |
Convert replication to use the new cert infrastructure and
correctly issue certs from the same authority. Also remove
support for read-only replicas since that work will not
be finished and tested for 1.0.
Diffstat (limited to 'ipa-server/ipa-install/ipa-replica-install')
-rw-r--r-- | ipa-server/ipa-install/ipa-replica-install | 45 |
1 files changed, 32 insertions, 13 deletions
diff --git a/ipa-server/ipa-install/ipa-replica-install b/ipa-server/ipa-install/ipa-replica-install index 706dc323d..5d5eaeaed 100644 --- a/ipa-server/ipa-install/ipa-replica-install +++ b/ipa-server/ipa-install/ipa-replica-install @@ -21,13 +21,13 @@ import sys sys.path.append("/usr/share/ipa") -import tempfile +import tempfile, os, pwd, traceback, logging from ConfigParser import SafeConfigParser from ipa import ipautil from ipaserver import dsinstance, replication, installutils, krbinstance, service -from ipaserver import httpinstance, webguiinstance, radiusinstance, ntpinstance +from ipaserver import httpinstance, webguiinstance, radiusinstance, ntpinstance, certs class ReplicaConfig: def __init__(self): @@ -42,8 +42,8 @@ class ReplicaConfig: def parse_options(): from optparse import OptionParser parser = OptionParser() - parser.add_option("-r", "--read-only", dest="master", action="store_false", - default=True, help="create read-only replica - default is master") + parser.add_option("-d", "--debug", dest="debug", action="store_true", + default=False, help="gather extra debugging information") options, args = parser.parse_args() @@ -82,12 +82,25 @@ def get_host_name(): return hostname +def set_owner(config, dir): + pw = pwd.getpwnam(config.ds_user) + os.chown(dir, pw.pw_uid, pw.pw_gid) + def install_ds(config): dsinstance.check_existing_installation() dsinstance.check_ports() + # if we have a pkcs12 file, create the cert db from + # that. Otherwise the ds setup will create the CA + # cert + pkcs12_info = None + if ipautil.file_exists(config.dir + "/cacert.p12"): + pkcs12_info = (config.dir + "/cacert.p12", + config.dir + "/pwdfile.txt") + ds = dsinstance.DsInstance() - ds.create_instance(config.ds_user, config.realm_name, config.host_name, config.dirman_password) + ds.create_instance(config.ds_user, config.realm_name, config.host_name, config.dirman_password, + pkcs12_info) def install_krb(config): krb = krbinstance.KrbInstance() @@ -101,6 +114,8 @@ def install_http(config): def main(): options, filename = parse_options() + installutils.standard_logging_setup("ipareplica-install.log", options.debug) + top_dir, dir = expand_info(filename) config = ReplicaConfig() @@ -115,7 +130,9 @@ def main(): install_ds(config) repl = replication.ReplicationManager(config.host_name, config.dirman_password) - repl.setup_replication(config.master_host_name, config.realm_name, options.master) + ret = repl.setup_replication(config.master_host_name, config.realm_name) + if ret != 0: + raise RuntimeError("failed to start replication") install_krb(config) install_http(config) @@ -124,11 +141,6 @@ def main(): webgui = webguiinstance.WebGuiInstance() webgui.create_instance() - # Create a radius instance - radius = radiusinstance.RadiusInstance() - # FIXME: ldap_server should be derived, not hardcoded to localhost, also should it be a URL? - radius.create_instance(config.realm_name, config.host_name, 'localhost') - # Configure ntpd ntp = ntpinstance.NTPInstance() ntp.create_instance() @@ -137,6 +149,13 @@ def main(): service.restart("dirsrv") service.restart("krb5kdc") -main() - +try: + main() +except Exception, e: + print "creation of replica failed: %s" % str(e) + message = str(e) + for str in traceback.format_tb(sys.exc_info()[2]): + message = message + "\n" + str + logging.debug(message) + sys.exit(1) |