diff options
-rwxr-xr-x | install/tools/ipa-ca-install | 2 | ||||
-rwxr-xr-x | install/tools/ipa-compat-manage | 2 | ||||
-rwxr-xr-x | install/tools/ipa-csreplica-manage | 7 | ||||
-rwxr-xr-x | install/tools/ipa-dns-install | 2 | ||||
-rwxr-xr-x | install/tools/ipa-ldap-updater | 2 | ||||
-rwxr-xr-x | install/tools/ipa-managed-entries | 2 | ||||
-rwxr-xr-x | install/tools/ipa-nis-manage | 2 | ||||
-rwxr-xr-x | install/tools/ipa-replica-conncheck | 8 | ||||
-rwxr-xr-x | install/tools/ipa-replica-install | 2 | ||||
-rwxr-xr-x | install/tools/ipa-replica-manage | 7 | ||||
-rwxr-xr-x | install/tools/ipa-replica-prepare | 2 | ||||
-rwxr-xr-x | install/tools/ipa-server-certinstall | 8 | ||||
-rwxr-xr-x | install/tools/ipa-server-install | 7 | ||||
-rwxr-xr-x | ipa-client/ipa-install/ipa-client-install | 13 | ||||
-rw-r--r-- | ipaserver/install/installutils.py | 49 |
15 files changed, 81 insertions, 34 deletions
diff --git a/install/tools/ipa-ca-install b/install/tools/ipa-ca-install index 37fa6269b..bfb947bcd 100755 --- a/install/tools/ipa-ca-install +++ b/install/tools/ipa-ca-install @@ -98,6 +98,8 @@ def main(): dirman_password = get_dirman_password() except KeyboardInterrupt: sys.exit(0) + if dirman_password is None: + sys.exit("\nDirectory Manager password required") if not options.admin_password and not options.skip_conncheck and \ options.unattended: diff --git a/install/tools/ipa-compat-manage b/install/tools/ipa-compat-manage index 07531fddc..898a797cf 100755 --- a/install/tools/ipa-compat-manage +++ b/install/tools/ipa-compat-manage @@ -100,6 +100,8 @@ def main(): dirman_password = pw.strip() else: dirman_password = get_dirman_password() + if dirman_password is None: + sys.exit("\nDirectory Manager password required") api.bootstrap(context='cli', debug=options.debug) api.finalize() diff --git a/install/tools/ipa-csreplica-manage b/install/tools/ipa-csreplica-manage index c33f3bc5f..3b08abd4b 100755 --- a/install/tools/ipa-csreplica-manage +++ b/install/tools/ipa-csreplica-manage @@ -22,7 +22,7 @@ import sys import os -import getpass, ldap, krbV +import ldap, krbV import logging from ipapython import ipautil @@ -400,7 +400,10 @@ def main(): if options.dirman_passwd: dirman_passwd = options.dirman_passwd else: - dirman_passwd = getpass.getpass("Directory Manager password: ") + dirman_passwd = installutils.read_password("Directory Manager", confirm=False, + validate=False, retry=False) + if dirman_passwd is None: + sys.exit("\nDirectory Manager password required") options.dirman_passwd = dirman_passwd diff --git a/install/tools/ipa-dns-install b/install/tools/ipa-dns-install index 9869eae8b..d81b6a2e8 100755 --- a/install/tools/ipa-dns-install +++ b/install/tools/ipa-dns-install @@ -128,6 +128,8 @@ def main(): dm_password = options.dm_password or read_password("Directory Manager", confirm=False, validate=False) + if dm_password is None: + sys.exit("\nDirectory Manager password required") bind = bindinstance.BindInstance(fstore, dm_password) # try the connection diff --git a/install/tools/ipa-ldap-updater b/install/tools/ipa-ldap-updater index 5b63c120e..6ecb8c155 100755 --- a/install/tools/ipa-ldap-updater +++ b/install/tools/ipa-ldap-updater @@ -96,6 +96,8 @@ def main(): else: if (options.ask_password or not options.ldapi) and not options.upgrade: dirman_password = get_dirman_password() + if dirman_password is None: + sys.exit("\nDirectory Manager password required") files = [] if len(args) > 0: diff --git a/install/tools/ipa-managed-entries b/install/tools/ipa-managed-entries index 9b3f54714..16f0a956c 100755 --- a/install/tools/ipa-managed-entries +++ b/install/tools/ipa-managed-entries @@ -112,6 +112,8 @@ def main(): dirman_password = options.dirman_password else: dirman_password = get_dirman_password() + if dirman_password is None: + sys.exit("\nDirectory Manager password required") conn.do_simple_bind(bindpw=dirman_password) except errors.ExecutionError, lde: sys.exit("An error occurred while connecting to the server.\n%s\n" % diff --git a/install/tools/ipa-nis-manage b/install/tools/ipa-nis-manage index 542736a8d..886f23ab8 100755 --- a/install/tools/ipa-nis-manage +++ b/install/tools/ipa-nis-manage @@ -111,6 +111,8 @@ def main(): dirman_password = pw.strip() else: dirman_password = get_dirman_password() + if dirman_password is None: + sys.exit("\nDirectory Manager password required") if not dirman_password: sys.exit("No password supplied") diff --git a/install/tools/ipa-replica-conncheck b/install/tools/ipa-replica-conncheck index 09567d6eb..e9d78a065 100755 --- a/install/tools/ipa-replica-conncheck +++ b/install/tools/ipa-replica-conncheck @@ -22,6 +22,7 @@ from ipapython.config import IPAOptionParser from ipapython import version from ipapython import ipautil from ipapython.ipautil import CalledProcessError +from ipaserver.install import installutils import ipaclient.ipachangeconf from optparse import OptionGroup import logging @@ -29,7 +30,6 @@ import sys import os import signal import tempfile -import getpass import socket import time import threading @@ -314,7 +314,11 @@ def main(): if options.password: password=options.password else: - password = getpass.getpass("Password for %s: " % principal) + password = installutils.read_password(principal, confirm=False, + validate=False, retry=False) + if password is None: + sys.exit("\nPrincipal password required") + stderr='' (stdout, stderr, returncode) = ipautil.run(['/usr/bin/kinit', principal], diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install index 624e6ea82..356e533ca 100755 --- a/install/tools/ipa-replica-install +++ b/install/tools/ipa-replica-install @@ -310,6 +310,8 @@ def main(): dirman_password = get_dirman_password() except KeyboardInterrupt: sys.exit(0) + if dirman_password is None: + sys.exit("\nDirectory Manager password required") try: top_dir, dir = expand_replica_info(filename, dirman_password) diff --git a/install/tools/ipa-replica-manage b/install/tools/ipa-replica-manage index c3dd0b3fe..84cfd8f3e 100755 --- a/install/tools/ipa-replica-manage +++ b/install/tools/ipa-replica-manage @@ -20,7 +20,7 @@ import sys import os -import getpass, ldap, re, krbV +import ldap, re, krbV import traceback, logging from ipapython import ipautil @@ -444,7 +444,10 @@ def main(): dirman_passwd = options.dirman_passwd else: if not test_connection(realm, host): - dirman_passwd = getpass.getpass("Directory Manager password: ") + dirman_passwd = installutils.read_password("Directory Manager", + confirm=False, validate=False, retry=False) + if dirman_passwd is None: + sys.exit("\nDirectory Manager password required") options.dirman_passwd = dirman_passwd diff --git a/install/tools/ipa-replica-prepare b/install/tools/ipa-replica-prepare index 038fd69c9..eb93bc851 100755 --- a/install/tools/ipa-replica-prepare +++ b/install/tools/ipa-replica-prepare @@ -292,6 +292,8 @@ def main(): dirman_password = get_dirman_password() except KeyboardInterrupt: sys.exit(0) + if dirman_password is None: + sys.exit("\nDirectory Manager password required") # Try out the password try: diff --git a/install/tools/ipa-server-certinstall b/install/tools/ipa-server-certinstall index 312d41202..901678b2e 100755 --- a/install/tools/ipa-server-certinstall +++ b/install/tools/ipa-server-certinstall @@ -25,14 +25,13 @@ import tempfile import traceback -import krbV, getpass +import krbV from ipapython.ipautil import user_input from ipaserver.install import certs, dsinstance, httpinstance, installutils from ipalib import api from ipaserver.plugins.ldap2 import ldap2 -from ipaserver.install import installutils def get_realm_name(): c = krbV.default_context() @@ -132,7 +131,10 @@ def main(): try: if options.dirsrv: - dm_password = getpass.getpass("Directory Manager password: ") + dm_password = installutils.read_password("Directory Manager", + confirm=False, validate=False, retry=False) + if dm_password is None: + sys.exit("\nDirectory Manager password required") realm = get_realm_name() dirname = dsinstance.config_dirname(dsinstance.realm_to_serverid(realm)) fd = open(dirname + "/pwdfile.txt") diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install index cf00d5fac..fe91fe5b7 100755 --- a/install/tools/ipa-server-install +++ b/install/tools/ipa-server-install @@ -642,6 +642,8 @@ def main(): # This will override any settings passed in on the cmdline if ipautil.file_exists(ANSWER_CACHE): dm_password = read_password("Directory Manager", confirm=False) + if dm_password is None: + sys.exit("\nDirectory Manager password required") options._update_loose(read_cache(dm_password)) if options.external_cert_file: @@ -807,6 +809,9 @@ def main(): if not options.dm_password: dm_password = read_dm_password() + + if dm_password is None: + sys.exit("\nDirectory Manager password required") else: dm_password = options.dm_password @@ -817,6 +822,8 @@ def main(): if not options.admin_password: admin_password = read_admin_password() + if admin_password is None: + sys.exit("\nIPA admin password required") else: admin_password = options.admin_password diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install index 1c28e87c2..27104fc19 100755 --- a/ipa-client/ipa-install/ipa-client-install +++ b/ipa-client/ipa-install/ipa-client-install @@ -942,7 +942,10 @@ def install(options, env, fstore, statestore): stdin = options.password else: if not options.unattended: - stdin = getpass.getpass("Password for %s: " % principal) + try: + stdin = getpass.getpass("Password for %s: " % principal) + except EOFError: + stdin = None if not stdin: print "Password must be provided for %s. " % \ principal @@ -967,7 +970,13 @@ def install(options, env, fstore, statestore): if options.unattended: print "Password must be provided in non-interactive mode" return CLIENT_INSTALL_ERROR - password = getpass.getpass("Password: ") + try: + password = getpass.getpass("Password: ") + except EOFError: + password = None + if not password: + print "Password must be provided." + return CLIENT_INSTALL_ERROR join_args.append("-w") join_args.append(password) nolog = (password,) diff --git a/ipaserver/install/installutils.py b/ipaserver/install/installutils.py index 6ae117cb4..b3ee7e991 100644 --- a/ipaserver/install/installutils.py +++ b/ipaserver/install/installutils.py @@ -319,30 +319,33 @@ def _read_password_default_validator(password): def read_password(user, confirm=True, validate=True, retry=True, validator=_read_password_default_validator): correct = False - pwd = "" - while not correct: - if not retry: - correct = True - pwd = get_password(user + " password: ") - if not pwd: - continue - if validate: - try: - validator(pwd) - except ValueError, e: - print str(e) - pwd = "" + pwd = None + try: + while not correct: + if not retry: + correct = True + pwd = get_password(user + " password: ") + if not pwd: continue - if not confirm: - correct = True - continue - pwd_confirm = get_password("Password (confirm): ") - if pwd != pwd_confirm: - print "Password mismatch!" - print "" - pwd = "" - else: - correct = True + if validate: + try: + validator(pwd) + except ValueError, e: + print str(e) + pwd = None + continue + if not confirm: + correct = True + continue + pwd_confirm = get_password("Password (confirm): ") + if pwd != pwd_confirm: + print "Password mismatch!" + print "" + pwd = None + else: + correct = True + except EOFError: + return None print "" return pwd |