summaryrefslogtreecommitdiffstats
path: root/ipaserver/install
diff options
context:
space:
mode:
authorRob Crittenden <rcritten@redhat.com>2010-05-03 15:21:51 -0400
committerJason Gerard DeRose <jderose@redhat.com>2010-05-03 13:41:18 -0600
commit04e9056ec2b6e0360f3f3545fd638ecc17aaad2c (patch)
treeb9fefef29f7ba68c1932aac39f7b2bedfc85d356 /ipaserver/install
parent6d35812252cb4fcf34cf13bf88cbb705560afc3a (diff)
downloadfreeipa-04e9056ec2b6e0360f3f3545fd638ecc17aaad2c.tar.gz
freeipa-04e9056ec2b6e0360f3f3545fd638ecc17aaad2c.tar.xz
freeipa-04e9056ec2b6e0360f3f3545fd638ecc17aaad2c.zip
Make the installer/uninstaller more aware of its state
We have had a state file for quite some time that is used to return the system to its pre-install state. We can use that to determine what has been configured. This patch: - uses the state file to determine if dogtag was installed - prevents someone from trying to re-install an installed server - displays some output when uninstalling - re-arranges the ipa_kpasswd installation so the state is properly saved - removes pkiuser if it was added by the installer - fetches and installs the CA on both masters and clients
Diffstat (limited to 'ipaserver/install')
-rw-r--r--ipaserver/install/bindinstance.py3
-rw-r--r--ipaserver/install/cainstance.py19
-rw-r--r--ipaserver/install/dsinstance.py3
-rw-r--r--ipaserver/install/httpinstance.py3
-rw-r--r--ipaserver/install/krbinstance.py11
-rw-r--r--ipaserver/install/ntpinstance.py3
-rw-r--r--ipaserver/install/service.py6
7 files changed, 45 insertions, 3 deletions
diff --git a/ipaserver/install/bindinstance.py b/ipaserver/install/bindinstance.py
index d584e0af8..b57fc9f0d 100644
--- a/ipaserver/install/bindinstance.py
+++ b/ipaserver/install/bindinstance.py
@@ -377,6 +377,9 @@ class BindInstance(service.Service):
resolv_fd.close()
def uninstall(self):
+ if self.is_configured():
+ self.print_msg("Unconfiguring %s" % self.service_name)
+
running = self.restore_state("running")
enabled = self.restore_state("enabled")
diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py
index bb7e00e2e..9e55333db 100644
--- a/ipaserver/install/cainstance.py
+++ b/ipaserver/install/cainstance.py
@@ -336,6 +336,9 @@ class CADSInstance(service.Service):
logging.critical("Failed to restart the directory server. See the installation log for details.")
def uninstall(self):
+ if self.is_configured():
+ self.print_msg("Unconfiguring CA directory server")
+
running = self.restore_state("running")
enabled = self.restore_state("enabled")
serverid = self.restore_state("serverid")
@@ -351,6 +354,7 @@ class CADSInstance(service.Service):
if not serverid is None:
dsinstance.erase_ds_instance_data(serverid)
+ self.service_name="pkids"
ds_user = self.restore_state("user")
user_exists = self.restore_state("user_exists")
@@ -1028,6 +1032,13 @@ class CAInstance(service.Service):
self.__restart_instance()
def uninstall(self):
+ if self.is_configured():
+ self.print_msg("Unconfiguring CA")
+
+ enabled = self.restore_state("enabled")
+ if not enabled is None and not enabled:
+ self.chkconfig_off()
+
try:
ipautil.run(["/usr/bin/pkiremove", "-pki_instance_root=/var/lib",
"-pki_instance_name=%s" % PKI_INSTANCE_NAME, "--force"])
@@ -1039,6 +1050,14 @@ class CAInstance(service.Service):
except ipautil.CalledProcessError, e:
pass
+ pki_user = self.restore_state("user")
+ user_exists = self.restore_state("user_exists")
+ if not pki_user is None and not user_exists is None and not user_exists:
+ try:
+ ipautil.run(["/usr/sbin/userdel", pki_user])
+ except ipautil.CalledProcessError, e:
+ logging.critical("failed to delete user %s" % e)
+
if __name__ == "__main__":
installutils.standard_logging_setup("install.log", False)
cs = CADSInstance()
diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py
index 61887dde8..3987f08ee 100644
--- a/ipaserver/install/dsinstance.py
+++ b/ipaserver/install/dsinstance.py
@@ -430,6 +430,9 @@ class DsInstance(service.Service):
logging.debug("Unable to set admin password %s" % e)
def uninstall(self):
+ if self.is_configured():
+ self.print_msg("Unconfiguring directory server")
+
running = self.restore_state("running")
enabled = self.restore_state("enabled")
diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py
index 3ff5cf8a6..48a908f15 100644
--- a/ipaserver/install/httpinstance.py
+++ b/ipaserver/install/httpinstance.py
@@ -242,6 +242,9 @@ class HTTPInstance(service.Service):
os.chmod("/usr/share/ipa/html/ca.crt", 0444)
def uninstall(self):
+ if self.is_configured():
+ self.print_msg("Unconfiguring web server")
+
running = self.restore_state("running")
enabled = self.restore_state("enabled")
diff --git a/ipaserver/install/krbinstance.py b/ipaserver/install/krbinstance.py
index 71aeeb207..23ed10015 100644
--- a/ipaserver/install/krbinstance.py
+++ b/ipaserver/install/krbinstance.py
@@ -85,8 +85,6 @@ class KrbInstance(service.Service):
self.kdc_password = None
self.sub_dict = None
- self.kpasswd = KpasswdInstance()
-
if fstore:
self.fstore = fstore
else:
@@ -181,6 +179,8 @@ class KrbInstance(service.Service):
self.start_creation("Configuring Kerberos KDC")
+ self.kpasswd = KpasswdInstance()
+
self.kpasswd.create_instance()
def create_replica(self, ds_user, realm_name, host_name, domain_name, admin_password, ldap_passwd_filename, kpasswd_filename):
@@ -200,6 +200,7 @@ class KrbInstance(service.Service):
self.start_creation("Configuring Kerberos KDC")
+ self.kpasswd = KpasswdInstance()
self.kpasswd.create_instance()
def __copy_ldap_passwd(self, filename):
@@ -473,7 +474,8 @@ class KrbInstance(service.Service):
update_key_val_in_file("/etc/sysconfig/ipa_kpasswd", "export KRB5_KTNAME", "/var/kerberos/krb5kdc/kpasswd.keytab")
def uninstall(self):
- self.kpasswd.uninstall()
+ if self.is_configured():
+ self.print_msg("Unconfiguring %s" % self.service_name)
running = self.restore_state("running")
enabled = self.restore_state("enabled")
@@ -495,3 +497,6 @@ class KrbInstance(service.Service):
if not running is None and running:
self.start()
+
+ self.kpasswd = KpasswdInstance()
+ self.kpasswd.uninstall()
diff --git a/ipaserver/install/ntpinstance.py b/ipaserver/install/ntpinstance.py
index 2c53b5611..320522de5 100644
--- a/ipaserver/install/ntpinstance.py
+++ b/ipaserver/install/ntpinstance.py
@@ -87,6 +87,9 @@ class NTPInstance(service.Service):
self.start_creation("Configuring ntpd")
def uninstall(self):
+ if self.is_configured():
+ self.print_msg("Unconfiguring %s" % self.service_name)
+
running = self.restore_state("running")
enabled = self.restore_state("enabled")
diff --git a/ipaserver/install/service.py b/ipaserver/install/service.py
index d9db9ba45..4958721e7 100644
--- a/ipaserver/install/service.py
+++ b/ipaserver/install/service.py
@@ -186,6 +186,9 @@ class Service:
logging.critical("Could not add certificate to service %s entry: %s" % (self.principal, str(e)))
conn.unbind()
+ def is_configured(self):
+ return self.sstore.has_state(self.service_name)
+
def set_output(self, fd):
self.output_fd = fd
@@ -257,6 +260,9 @@ class SimpleServiceInstance(Service):
self.chkconfig_on()
def uninstall(self):
+ if self.is_configured():
+ self.print_msg("Unconfiguring %s" % self.service_name)
+
running = self.restore_state("running")
enabled = not self.restore_state("enabled")