summaryrefslogtreecommitdiffstats
path: root/ipaserver/install/installutils.py
diff options
context:
space:
mode:
authorRob Crittenden <rcritten@redhat.com>2011-06-17 16:47:39 -0400
committerRob Crittenden <rcritten@redhat.com>2011-06-23 19:04:33 -0400
commit8a32bb3746802a29b2655e4ad2cbbba8481e1eaf (patch)
tree14c7e77b744d31e303d78313cf9866502dad1ef9 /ipaserver/install/installutils.py
parentcbffe1d65df222acf6eb26cdaa121932a01f9ba7 (diff)
downloadfreeipa-8a32bb3746802a29b2655e4ad2cbbba8481e1eaf.tar.gz
freeipa-8a32bb3746802a29b2655e4ad2cbbba8481e1eaf.tar.xz
freeipa-8a32bb3746802a29b2655e4ad2cbbba8481e1eaf.zip
Make dogtag an optional (and default un-) installed component in a replica.
A dogtag replica file is created as usual. When the replica is installed dogtag is optional and not installed by default. Adding the --setup-ca option will configure it when the replica is installed. A new tool ipa-ca-install will configure dogtag if it wasn't configured when the replica was initially installed. This moves a fair bit of code out of ipa-replica-install into installutils and cainstance to avoid duplication. https://fedorahosted.org/freeipa/ticket/1251
Diffstat (limited to 'ipaserver/install/installutils.py')
-rw-r--r--ipaserver/install/installutils.py57
1 files changed, 57 insertions, 0 deletions
diff --git a/ipaserver/install/installutils.py b/ipaserver/install/installutils.py
index f5a862599..68fce7e69 100644
--- a/ipaserver/install/installutils.py
+++ b/ipaserver/install/installutils.py
@@ -29,6 +29,8 @@ import struct
import fcntl
import netaddr
import time
+import tempfile
+from ConfigParser import SafeConfigParser
from ipapython import ipautil
from ipapython import dnsclient
@@ -36,6 +38,17 @@ from ipapython import dnsclient
class HostnameLocalhost(Exception):
pass
+class ReplicaConfig:
+ def __init__(self):
+ self.realm_name = ""
+ self.domain_name = ""
+ self.master_host_name = ""
+ self.dirman_password = ""
+ self.host_name = ""
+ self.dir = ""
+ self.subject_base = ""
+ self.setup_ca = False
+
def get_fqdn():
fqdn = ""
try:
@@ -442,3 +455,47 @@ def resolve_host(host_name):
return addrinfos[0][4][0]
except:
return None
+
+def get_host_name(no_host_dns):
+ """
+ Get the current FQDN from the socket and verify that it is valid.
+
+ no_host_dns is a boolean that determines whether we enforce that the
+ hostname is resolvable.
+
+ Will raise a RuntimeError on error, returns hostname on success
+ """
+ hostname = get_fqdn()
+ verify_fqdn(hostname, no_host_dns)
+ return hostname
+
+def expand_replica_info(filename, password):
+ """
+ Decrypt and expand a replica installation file into a temporary
+ location. The caller is responsible to remove this directory.
+ """
+ top_dir = tempfile.mkdtemp("ipa")
+ tarfile = top_dir+"/files.tar"
+ dir = top_dir + "/realm_info"
+ ipautil.decrypt_file(filename, tarfile, password, top_dir)
+ ipautil.run(["tar", "xf", tarfile, "-C", top_dir])
+ os.remove(tarfile)
+
+ return top_dir, dir
+
+def read_replica_info(dir, rconfig):
+ """
+ Read the contents of a replica installation file.
+
+ rconfig is a ReplicaConfig object
+ """
+ filename = dir + "/realm_info"
+ fd = open(filename)
+ config = SafeConfigParser()
+ config.readfp(fd)
+
+ rconfig.realm_name = config.get("realm", "realm_name")
+ rconfig.master_host_name = config.get("realm", "master_host_name")
+ rconfig.domain_name = config.get("realm", "domain_name")
+ rconfig.host_name = config.get("realm", "destination_host")
+ rconfig.subject_base = config.get("realm", "subject_base")