diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2011-06-09 13:16:07 -0400 |
|---|---|---|
| committer | Martin Kosek <mkosek@redhat.com> | 2011-06-13 09:51:05 +0200 |
| commit | 7940270b9fbebfa09b25c18198933b6a6b82b1d3 (patch) | |
| tree | 7996dc4d9f9df086cf8e07e93ef940b9c3f0ebbf /ipaserver/install/upgradeinstance.py | |
| parent | 6f1b62fb1ad8c4d1639a54874462c9e7204bbf4c (diff) | |
| download | freeipa-7940270b9fbebfa09b25c18198933b6a6b82b1d3.tar.gz freeipa-7940270b9fbebfa09b25c18198933b6a6b82b1d3.tar.xz freeipa-7940270b9fbebfa09b25c18198933b6a6b82b1d3.zip | |
Remove root autobind search restriction, fix upgrade logging & error handling.
There was no point in limiting autobind root to just search cn=config since
it could always just modify its way out of the box, so remove the
restriction.
The upgrade log wasn't being created. Clearing all other loggers before
we calling logging.basicConfig() fixes this.
Add a global exception when performing updates so we can gracefully catch
and log problems without leaving the server in a bad state.
https://fedorahosted.org/freeipa/ticket/1243
https://fedorahosted.org/freeipa/ticket/1254
Diffstat (limited to 'ipaserver/install/upgradeinstance.py')
| -rw-r--r-- | ipaserver/install/upgradeinstance.py | 24 |
1 files changed, 8 insertions, 16 deletions
diff --git a/ipaserver/install/upgradeinstance.py b/ipaserver/install/upgradeinstance.py index ad977b745..2f42358b7 100644 --- a/ipaserver/install/upgradeinstance.py +++ b/ipaserver/install/upgradeinstance.py @@ -21,6 +21,7 @@ import os import sys import shutil import random +import logging from ipaserver.install import installutils from ipaserver.install import dsinstance @@ -56,6 +57,7 @@ class IPAUpgrade(service.Service): self.files = files self.modified = False self.badsyntax = False + self.upgradefailed = False def create_instance(self): self.step("stopping directory server", self.stop) @@ -75,41 +77,26 @@ class IPAUpgrade(service.Service): separator=':') security = installutils.get_directive(self.filename, 'nsslapd-security', separator=':') - autobind = installutils.get_directive(self.filename, - 'nsslapd-ldapiautobind', separator=':') - searchbase = installutils.get_directive(self.filename, - 'nsslapd-ldapientrysearchbase', separator=':') self.backup_state('nsslapd-port', port) self.backup_state('nsslapd-security', security) - self.backup_state('nsslapd-ldapiautobind', autobind) - self.backup_state('nsslapd-ldapientrysearchbase', searchbase) def __restore_config(self): port = self.restore_state('nsslapd-port') security = self.restore_state('nsslapd-security') - autobind = self.restore_state('nsslapd-ldapiautobind') - searchbase = self.restore_state('nsslapd-ldapientrysearchbase') installutils.set_directive(self.filename, 'nsslapd-port', port, quotes=False, separator=':') installutils.set_directive(self.filename, 'nsslapd-security', security, quotes=False, separator=':') - installutils.set_directive(self.filename, 'nsslapd-ldapiautobind', - autobind, quotes=False, separator=':') - installutils.set_directive(self.filename, - 'nsslapd-ldapientrysearchbase', - searchbase, quotes=False, separator=':') def __disable_listeners(self): installutils.set_directive(self.filename, 'nsslapd-port', 0, quotes=False, separator=':') installutils.set_directive(self.filename, 'nsslapd-security', 'off', quotes=False, separator=':') - installutils.set_directive(self.filename, 'nsslapd-ldapiautobind', - 'on', quotes=False, separator=':') installutils.set_directive(self.filename, 'nsslapd-ldapientrysearchbase', - '', quotes=False, separator=':') + None, quotes=False, separator=':') def __upgrade(self): try: @@ -120,6 +107,11 @@ class IPAUpgrade(service.Service): except ldapupdate.BadSyntax: self.modified = False self.badsyntax = True + except Exception, e: + # Bad things happened, return gracefully + self.modified = False + self.upgradefailed = True + logging.error('Upgrade failed with %s' % str(e)) def main(): if os.getegid() != 0: |