diff options
| author | Martin Kosek <mkosek@redhat.com> | 2011-05-22 19:17:07 +0200 |
|---|---|---|
| committer | Martin Kosek <mkosek@redhat.com> | 2011-06-08 09:29:52 +0200 |
| commit | 241ee334defda108e22855331d5d9a14f261ce16 (patch) | |
| tree | 7bfaaeeb2673f473423d6aa418142468fa4b6dd9 /ipapython | |
| parent | 8077b7ab938f436582b3985c1b6fd0ad90e8bb3d (diff) | |
| download | freeipa-241ee334defda108e22855331d5d9a14f261ce16.tar.gz freeipa-241ee334defda108e22855331d5d9a14f261ce16.tar.xz freeipa-241ee334defda108e22855331d5d9a14f261ce16.zip | |
Connection check program for replica installation
When connection between a master machine and future replica is not
sane, the replica installation may fail unexpectedly with
inconvenient error messages. One common problem is misconfigured
firewall.
This patch adds a program ipa-replica-conncheck which tests the
connection using the following procedure:
1) Execute the on-replica check testing the connection to master
2) Open required ports on local machine
3) Ask user to run the on-master part of the check OR run it
automatically:
a) kinit to master as default admin user with given password
b) run the on-master part using ssh
4) When master part is executed, it checks connection back to
the replica and prints the check result
This program is run by ipa-replica-install as mandatory part. It
can, however, be skipped using --skip-conncheck option.
ipa-replica-install now requires password for admin user to run
the command on remote master.
https://fedorahosted.org/freeipa/ticket/1107
Diffstat (limited to 'ipapython')
| -rw-r--r-- | ipapython/ipautil.py | 73 |
1 files changed, 73 insertions, 0 deletions
diff --git a/ipapython/ipautil.py b/ipapython/ipautil.py index acfd70cae..ed8f04af5 100644 --- a/ipapython/ipautil.py +++ b/ipapython/ipautil.py @@ -32,6 +32,7 @@ import copy import stat import shutil import urllib2 +import socket from ipapython import ipavalidate from types import * @@ -1093,3 +1094,75 @@ def chkconfig_add(service_name): def chkconfig_del(service_name): run(["/sbin/chkconfig", "--del", service_name]) +def host_port_open(host, port, socket_stream=True, socket_timeout=None): + families = (socket.AF_INET, socket.AF_INET6) + success = False + + if socket_stream: + socket_type = socket.SOCK_STREAM + else: + socket_type = socket.SOCK_DGRAM + + for family in families: + try: + try: + s = socket.socket(family, socket_type) + except socket.error: + continue + + if socket_timeout is not None: + s.settimeout(socket_timeout) + + s.connect((host, port)) + success = True + except socket.error, e: + pass + finally: + s.close() + + if success: + return True + + return False + +def bind_port_responder(port, socket_stream=True, socket_timeout=None, responder_data=None): + families = (socket.AF_INET, socket.AF_INET6) + + if socket_stream: + socket_type = socket.SOCK_STREAM + else: + socket_type = socket.SOCK_DGRAM + + host = '' # all available interfaces + + for family in families: + try: + s = socket.socket(family, socket_type) + except socket.error, e: + if family == families[-1]: # last available family + raise e + + if socket_timeout is not None: + s.settimeout(socket_timeout) + + if socket_stream: + s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) + + try: + s.bind((host, port)) + + if socket_stream: + s.listen(1) + connection, client_address = s.accept() + try: + if responder_data: + connection.sendall(responder_data) #pylint: disable=E1101 + finally: + connection.close() + else: + data, addr = s.recvfrom( 512 ) # buffer size is 1024 bytes + + if responder_data: + s.sendto(responder_data, addr) + finally: + s.close() |