ipa-server/ipa-upgradeconfig


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112

#!/usr/bin/python
#
# Upgrade configuration files to a newer template.

import sys
try:
    from ipa import ipautil
    import krbV
    import re
    import os
    import shutil
    import fileinput
except ImportError:
    print >> sys.stderr, """\
There was a problem importing one of the required Python modules. The
error was:

    %s
""" % sys.exc_value
    sys.exit(1)

def backup_file(filename, ext):
    """Make a backup of filename using ext as the extension. Do not overwrite
       previous backups."""
    if not os.path.isabs(filename):
        raise ValueError("Absolute path required")

    backupfile = filename + ".bak"
    (reldir, file) = os.path.split(filename)

    while os.path.exists(backupfile):
        backupfile = backupfile + "." + str(ext)

    shutil.copy2(filename, backupfile)

def update_conf(sub_dict, filename, template_filename):
    template = ipautil.template_file(template_filename, sub_dict)
    fd = open(filename, "w")
    fd.write(template)
    fd.close()

def find_hostname():
    """Find the hostname currently configured in ipa-rewrite.conf"""
    filename="/etc/httpd/conf.d/ipa-rewrite.conf"
    if os.path.exists(filename):
        pattern = "^[\s#]*.*https:\/\/([A-Za-z0-9\.\-]*)\/.*"
        p = re.compile(pattern)
        for line in fileinput.input(filename):
            if p.search(line):
                fileinput.close()
                return p.search(line).group(1)
        fileinput.close()

    return None

def find_version(filename):
    """Find the version of a configuration file"""
    if os.path.exists(filename):
        pattern = "^[\s#]*VERSION\s+([0-9]+)\s+.*"
        p = re.compile(pattern)
        for line in fileinput.input(filename):
            if p.search(line):
                fileinput.close()
                return p.search(line).group(1)
        fileinput.close()

        # no VERSION found
        return 0
    else:
        return -1

def upgrade(sub_dict, filename, template):
    old = int(find_version(filename))
    new = int(find_version(template))

    if old < 0:
        print "%s not found." % filename
        sys.exit(1)

    if new < 0:
        print "%s not found." % template

    if old < new:
        backup_file(filename, new)
        update_conf(sub_dict, filename, template)
        print "Upgraded %s to version %d" % (filename, new)

def main():
    try:
        krbctx = krbV.default_context()
    except krbV.Krb5Error, e:
        print "Unable to get default kerberos realm: %s" % e[1]
        sys.exit(1)

    fqdn = find_hostname()

    if fqdn is None:
        print "Unable to determine hostname from ipa-rewrite.conf"
        sys.exit(1)

    sub_dict = { "REALM" : krbctx.default_realm, "FQDN": fqdn }

    upgrade(sub_dict, "/etc/httpd/conf.d/ipa.conf", ipautil.SHARE_DIR + "ipa.conf")
    upgrade(sub_dict, "/etc/httpd/conf.d/ipa-rewrite.conf", ipautil.SHARE_DIR + "ipa-rewrite.conf")

try:
    if __name__ == "__main__":
        sys.exit(main())
except SystemExit, e:
    sys.exit(e)
except KeyboardInterrupt, e:
    sys.exit(1)