From 185ca8f6fc5e69e989e473c8b1d066aa2d8e5cb1 Mon Sep 17 00:00:00 2001 From: Martin Kosek Date: Thu, 6 Oct 2011 08:22:08 +0200 Subject: Install tools crash when password prompt is interrupted When getpass.getpass() function is interrupted via CTRL+D, EOFError exception is thrown. Most of the install tools are not prepared for this event and crash with this exception. Make sure that it is handled properly and nice error message is printed. https://fedorahosted.org/freeipa/ticket/1916 --- install/tools/ipa-ca-install | 2 ++ install/tools/ipa-compat-manage | 2 ++ install/tools/ipa-csreplica-manage | 7 +++++-- install/tools/ipa-dns-install | 2 ++ install/tools/ipa-ldap-updater | 2 ++ install/tools/ipa-managed-entries | 2 ++ install/tools/ipa-nis-manage | 2 ++ install/tools/ipa-replica-conncheck | 8 ++++++-- install/tools/ipa-replica-install | 2 ++ install/tools/ipa-replica-manage | 7 +++++-- install/tools/ipa-replica-prepare | 2 ++ install/tools/ipa-server-certinstall | 8 +++++--- install/tools/ipa-server-install | 7 +++++++ 13 files changed, 44 insertions(+), 9 deletions(-) (limited to 'install/tools') diff --git a/install/tools/ipa-ca-install b/install/tools/ipa-ca-install index 37fa6269b..bfb947bcd 100755 --- a/install/tools/ipa-ca-install +++ b/install/tools/ipa-ca-install @@ -98,6 +98,8 @@ def main(): dirman_password = get_dirman_password() except KeyboardInterrupt: sys.exit(0) + if dirman_password is None: + sys.exit("\nDirectory Manager password required") if not options.admin_password and not options.skip_conncheck and \ options.unattended: diff --git a/install/tools/ipa-compat-manage b/install/tools/ipa-compat-manage index 07531fddc..898a797cf 100755 --- a/install/tools/ipa-compat-manage +++ b/install/tools/ipa-compat-manage @@ -100,6 +100,8 @@ def main(): dirman_password = pw.strip() else: dirman_password = get_dirman_password() + if dirman_password is None: + sys.exit("\nDirectory Manager password required") api.bootstrap(context='cli', debug=options.debug) api.finalize() diff --git a/install/tools/ipa-csreplica-manage b/install/tools/ipa-csreplica-manage index c33f3bc5f..3b08abd4b 100755 --- a/install/tools/ipa-csreplica-manage +++ b/install/tools/ipa-csreplica-manage @@ -22,7 +22,7 @@ import sys import os -import getpass, ldap, krbV +import ldap, krbV import logging from ipapython import ipautil @@ -400,7 +400,10 @@ def main(): if options.dirman_passwd: dirman_passwd = options.dirman_passwd else: - dirman_passwd = getpass.getpass("Directory Manager password: ") + dirman_passwd = installutils.read_password("Directory Manager", confirm=False, + validate=False, retry=False) + if dirman_passwd is None: + sys.exit("\nDirectory Manager password required") options.dirman_passwd = dirman_passwd diff --git a/install/tools/ipa-dns-install b/install/tools/ipa-dns-install index 9869eae8b..d81b6a2e8 100755 --- a/install/tools/ipa-dns-install +++ b/install/tools/ipa-dns-install @@ -128,6 +128,8 @@ def main(): dm_password = options.dm_password or read_password("Directory Manager", confirm=False, validate=False) + if dm_password is None: + sys.exit("\nDirectory Manager password required") bind = bindinstance.BindInstance(fstore, dm_password) # try the connection diff --git a/install/tools/ipa-ldap-updater b/install/tools/ipa-ldap-updater index 5b63c120e..6ecb8c155 100755 --- a/install/tools/ipa-ldap-updater +++ b/install/tools/ipa-ldap-updater @@ -96,6 +96,8 @@ def main(): else: if (options.ask_password or not options.ldapi) and not options.upgrade: dirman_password = get_dirman_password() + if dirman_password is None: + sys.exit("\nDirectory Manager password required") files = [] if len(args) > 0: diff --git a/install/tools/ipa-managed-entries b/install/tools/ipa-managed-entries index 9b3f54714..16f0a956c 100755 --- a/install/tools/ipa-managed-entries +++ b/install/tools/ipa-managed-entries @@ -112,6 +112,8 @@ def main(): dirman_password = options.dirman_password else: dirman_password = get_dirman_password() + if dirman_password is None: + sys.exit("\nDirectory Manager password required") conn.do_simple_bind(bindpw=dirman_password) except errors.ExecutionError, lde: sys.exit("An error occurred while connecting to the server.\n%s\n" % diff --git a/install/tools/ipa-nis-manage b/install/tools/ipa-nis-manage index 542736a8d..886f23ab8 100755 --- a/install/tools/ipa-nis-manage +++ b/install/tools/ipa-nis-manage @@ -111,6 +111,8 @@ def main(): dirman_password = pw.strip() else: dirman_password = get_dirman_password() + if dirman_password is None: + sys.exit("\nDirectory Manager password required") if not dirman_password: sys.exit("No password supplied") diff --git a/install/tools/ipa-replica-conncheck b/install/tools/ipa-replica-conncheck index 09567d6eb..e9d78a065 100755 --- a/install/tools/ipa-replica-conncheck +++ b/install/tools/ipa-replica-conncheck @@ -22,6 +22,7 @@ from ipapython.config import IPAOptionParser from ipapython import version from ipapython import ipautil from ipapython.ipautil import CalledProcessError +from ipaserver.install import installutils import ipaclient.ipachangeconf from optparse import OptionGroup import logging @@ -29,7 +30,6 @@ import sys import os import signal import tempfile -import getpass import socket import time import threading @@ -314,7 +314,11 @@ def main(): if options.password: password=options.password else: - password = getpass.getpass("Password for %s: " % principal) + password = installutils.read_password(principal, confirm=False, + validate=False, retry=False) + if password is None: + sys.exit("\nPrincipal password required") + stderr='' (stdout, stderr, returncode) = ipautil.run(['/usr/bin/kinit', principal], diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install index 624e6ea82..356e533ca 100755 --- a/install/tools/ipa-replica-install +++ b/install/tools/ipa-replica-install @@ -310,6 +310,8 @@ def main(): dirman_password = get_dirman_password() except KeyboardInterrupt: sys.exit(0) + if dirman_password is None: + sys.exit("\nDirectory Manager password required") try: top_dir, dir = expand_replica_info(filename, dirman_password) diff --git a/install/tools/ipa-replica-manage b/install/tools/ipa-replica-manage index c3dd0b3fe..84cfd8f3e 100755 --- a/install/tools/ipa-replica-manage +++ b/install/tools/ipa-replica-manage @@ -20,7 +20,7 @@ import sys import os -import getpass, ldap, re, krbV +import ldap, re, krbV import traceback, logging from ipapython import ipautil @@ -444,7 +444,10 @@ def main(): dirman_passwd = options.dirman_passwd else: if not test_connection(realm, host): - dirman_passwd = getpass.getpass("Directory Manager password: ") + dirman_passwd = installutils.read_password("Directory Manager", + confirm=False, validate=False, retry=False) + if dirman_passwd is None: + sys.exit("\nDirectory Manager password required") options.dirman_passwd = dirman_passwd diff --git a/install/tools/ipa-replica-prepare b/install/tools/ipa-replica-prepare index 038fd69c9..eb93bc851 100755 --- a/install/tools/ipa-replica-prepare +++ b/install/tools/ipa-replica-prepare @@ -292,6 +292,8 @@ def main(): dirman_password = get_dirman_password() except KeyboardInterrupt: sys.exit(0) + if dirman_password is None: + sys.exit("\nDirectory Manager password required") # Try out the password try: diff --git a/install/tools/ipa-server-certinstall b/install/tools/ipa-server-certinstall index 312d41202..901678b2e 100755 --- a/install/tools/ipa-server-certinstall +++ b/install/tools/ipa-server-certinstall @@ -25,14 +25,13 @@ import tempfile import traceback -import krbV, getpass +import krbV from ipapython.ipautil import user_input from ipaserver.install import certs, dsinstance, httpinstance, installutils from ipalib import api from ipaserver.plugins.ldap2 import ldap2 -from ipaserver.install import installutils def get_realm_name(): c = krbV.default_context() @@ -132,7 +131,10 @@ def main(): try: if options.dirsrv: - dm_password = getpass.getpass("Directory Manager password: ") + dm_password = installutils.read_password("Directory Manager", + confirm=False, validate=False, retry=False) + if dm_password is None: + sys.exit("\nDirectory Manager password required") realm = get_realm_name() dirname = dsinstance.config_dirname(dsinstance.realm_to_serverid(realm)) fd = open(dirname + "/pwdfile.txt") diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install index cf00d5fac..fe91fe5b7 100755 --- a/install/tools/ipa-server-install +++ b/install/tools/ipa-server-install @@ -642,6 +642,8 @@ def main(): # This will override any settings passed in on the cmdline if ipautil.file_exists(ANSWER_CACHE): dm_password = read_password("Directory Manager", confirm=False) + if dm_password is None: + sys.exit("\nDirectory Manager password required") options._update_loose(read_cache(dm_password)) if options.external_cert_file: @@ -807,6 +809,9 @@ def main(): if not options.dm_password: dm_password = read_dm_password() + + if dm_password is None: + sys.exit("\nDirectory Manager password required") else: dm_password = options.dm_password @@ -817,6 +822,8 @@ def main(): if not options.admin_password: admin_password = read_admin_password() + if admin_password is None: + sys.exit("\nIPA admin password required") else: admin_password = options.admin_password -- cgit