diff options
| author | Simo Sorce <ssorce@redhat.com> | 2010-12-20 23:34:00 -0500 |
|---|---|---|
| committer | Simo Sorce <ssorce@redhat.com> | 2010-12-21 17:28:13 -0500 |
| commit | 613f5feb0e87efb668f1facdc55c43216ff3169e (patch) | |
| tree | 787bf474e6e297ee017cc3021f9be86d6617f5b7 /ipaserver | |
| parent | 91f3e79d81671441bbf7c187d1415d864f80d101 (diff) | |
| download | freeipa-613f5feb0e87efb668f1facdc55c43216ff3169e.tar.gz freeipa-613f5feb0e87efb668f1facdc55c43216ff3169e.tar.xz freeipa-613f5feb0e87efb668f1facdc55c43216ff3169e.zip | |
Rework old init and synch commands and use better names.
These commands can now be run exclusively o the replica that needs to be
resynced or reinitialized and the --from command must be used to tell from
which other replica it can will pull data.
Fixes: https://fedorahosted.org/freeipa/ticket/626
Diffstat (limited to 'ipaserver')
| -rw-r--r-- | ipaserver/install/service.py | 21 |
1 files changed, 14 insertions, 7 deletions
diff --git a/ipaserver/install/service.py b/ipaserver/install/service.py index 6517b8905..b8d049fee 100644 --- a/ipaserver/install/service.py +++ b/ipaserver/install/service.py @@ -28,6 +28,7 @@ from ipaserver import ipaldap import base64 import time import datetime +from ipaserver.install import installutils SERVICE_LIST = { 'KDC':('krb5kdc', 10), @@ -105,22 +106,27 @@ class Service: self.sstore = sysrestore.StateFile('/var/lib/ipa/sysrestore') def _ldap_mod(self, ldif, sub_dict = None): - assert self.dm_password is not None + pw_name = None fd = None path = ipautil.SHARE_DIR + ldif + hostname = installutils.get_fqdn() if sub_dict is not None: txt = ipautil.template_file(path, sub_dict) fd = ipautil.write_tmp_file(txt) path = fd.name - [pw_fd, pw_name] = tempfile.mkstemp() - os.write(pw_fd, self.dm_password) - os.close(pw_fd) + if self.dm_password: + [pw_fd, pw_name] = tempfile.mkstemp() + os.write(pw_fd, self.dm_password) + os.close(pw_fd) + auth_parms = ["-x", "-D", "cn=Directory Manager", "-y", pw_name] + else: + auth_parms = ["-Y", "GSSAPI"] - args = ["/usr/bin/ldapmodify", "-h", "127.0.0.1", "-xv", - "-D", "cn=Directory Manager", "-y", pw_name, "-f", path] + args = ["/usr/bin/ldapmodify", "-h", hostname, "-v", "-f", path] + args += auth_parms try: try: @@ -128,7 +134,8 @@ class Service: except ipautil.CalledProcessError, e: logging.critical("Failed to load %s: %s" % (ldif, str(e))) finally: - os.remove(pw_name) + if pw_name: + os.remove(pw_name) if fd is not None: fd.close() |