summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xinstall/tools/ipa-replica-install4
-rwxr-xr-xinstall/tools/ipa-server-certinstall2
-rw-r--r--ipalib/cli.py11
-rw-r--r--ipalib/frontend.py2
-rw-r--r--ipalib/parameters.py7
-rw-r--r--ipalib/pkcs10.py2
-rw-r--r--ipalib/plugins/dns.py2
-rw-r--r--ipalib/plugins/group.py2
-rw-r--r--ipalib/plugins/host.py1
-rw-r--r--ipapython/ipautil.py4
-rw-r--r--ipaserver/install/certs.py2
-rw-r--r--ipaserver/install/installutils.py4
-rw-r--r--ipaserver/ipaldap.py2
-rw-r--r--ipaserver/plugins/dogtag.py4
-rw-r--r--ipaserver/plugins/ldap2.py2
-rw-r--r--ipaserver/plugins/ldapapi.py6
-rw-r--r--ipaserver/servercore.py8
17 files changed, 19 insertions, 46 deletions
diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install
index 9fca31ff..717d25f0 100755
--- a/install/tools/ipa-replica-install
+++ b/install/tools/ipa-replica-install
@@ -439,8 +439,8 @@ def main():
# We ned to ldap_enable the CA now that DS is up and running
if CA:
- CA.ldap_enable('CA', host_name, dm_password,
- util.realm_to_suffix(self.realm_name))
+ CA.ldap_enable('CA', config.host_name, config.dirman_password,
+ util.realm_to_suffix(config.realm_name))
install_krb(config, setup_pkinit=options.setup_pkinit)
install_http(config)
diff --git a/install/tools/ipa-server-certinstall b/install/tools/ipa-server-certinstall
index 543c770b..5fc5811d 100755
--- a/install/tools/ipa-server-certinstall
+++ b/install/tools/ipa-server-certinstall
@@ -141,7 +141,7 @@ def main():
set_ds_cert_name(server_cert[0], dm_password)
if options.http:
- dirname = httpinstance.NSS_DIR
+ dirname = certs.NSS_DIR
server_cert = import_cert(dirname, pkcs12_fname, options.http_pin, "")
installutils.set_directive(httpinstance.NSS_CONF, 'NSSNickname', server_cert[0])
diff --git a/ipalib/cli.py b/ipalib/cli.py
index 2d219b71..9dda1c27 100644
--- a/ipalib/cli.py
+++ b/ipalib/cli.py
@@ -620,17 +620,6 @@ class help(frontend.Local):
if module == __name__:
return
return module.split('.')[-1]
- # get representation in the form of 'base_module.bare_module.command()'
- r = repr(cmd_plugin_proxy)
- # skip base module part and the following dot
- start = r.find(self._PLUGIN_BASE_MODULE)
- if start == -1:
- # command module isn't a plugin module, it's a builtin
- return None
- start += len(self._PLUGIN_BASE_MODULE) + 1
- # parse bare module name
- end = r.find('.', start)
- return r[start:end]
def _get_module_topic(self, module_name):
if not sys.modules[module_name]:
diff --git a/ipalib/frontend.py b/ipalib/frontend.py
index 567edfd1..58fd4d64 100644
--- a/ipalib/frontend.py
+++ b/ipalib/frontend.py
@@ -693,13 +693,13 @@ class Command(HasParam):
If the client minor version is less than or equal to the server
then let the request proceed.
"""
+ server_ver = version.LooseVersion(API_VERSION)
ver = version.LooseVersion(client_version)
if len(ver.version) < 2:
raise VersionError(cver=ver.version, sver=server_ver.version, server= self.env.xmlrpc_uri)
client_major = ver.version[0]
client_minor = ver.version[1]
- server_ver = version.LooseVersion(API_VERSION)
server_major = server_ver.version[0]
server_minor = server_ver.version[1]
diff --git a/ipalib/parameters.py b/ipalib/parameters.py
index 0d6c6902..22b03212 100644
--- a/ipalib/parameters.py
+++ b/ipalib/parameters.py
@@ -1532,6 +1532,13 @@ class AccessTime(Str):
if value < 1 or value > 52:
raise ValueError('week of the year out of range')
+ def _check_doty(self, t):
+ if not t.isnumeric():
+ raise ValueError('day of the year non-numeric')
+ value = int(t)
+ if value < 1 or value > 365:
+ raise ValueError('day of the year out of range')
+
def _check_month_num(self, t):
if not t.isnumeric():
raise ValueError('month number non-numeric')
diff --git a/ipalib/pkcs10.py b/ipalib/pkcs10.py
index 25658273..29f9b352 100644
--- a/ipalib/pkcs10.py
+++ b/ipalib/pkcs10.py
@@ -83,8 +83,6 @@ if __name__ == '__main__':
# Read PEM request from stdin and print out its components
csrlines = sys.stdin.readlines()
- csrlines = fp.readlines()
- fp.close()
csr = ''.join(csrlines)
csr = load_certificate_request(csr)
diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py
index 69c38b26..af2ba4dd 100644
--- a/ipalib/plugins/dns.py
+++ b/ipalib/plugins/dns.py
@@ -369,7 +369,7 @@ class dnsrecord(LDAPObject):
),
)
- def is_pkey_zone_record(*keys):
+ def is_pkey_zone_record(self, *keys):
idnsname = keys[-1]
if idnsname == '@' or idnsname == ('%s.' % keys[-2]):
return True
diff --git a/ipalib/plugins/group.py b/ipalib/plugins/group.py
index ecf5453e..078d535b 100644
--- a/ipalib/plugins/group.py
+++ b/ipalib/plugins/group.py
@@ -160,7 +160,7 @@ class group_del(LDAPDelete):
def_primary_group = config.get('ipadefaultprimarygroup', '')
def_primary_group_dn = group_dn = self.obj.get_dn(def_primary_group)
if dn == def_primary_group_dn:
- raise errors.DefaultGroup()
+ raise errors.DefaultGroupError()
group_attrs = self.obj.methods.show(
self.obj.get_primary_key_from_dn(dn), all=True
)['result']
diff --git a/ipalib/plugins/host.py b/ipalib/plugins/host.py
index 3225a78a..0bc7947a 100644
--- a/ipalib/plugins/host.py
+++ b/ipalib/plugins/host.py
@@ -437,7 +437,6 @@ class host_del(LDAPDelete):
break
if not match:
raise errors.NotFound(reason=_('DNS zone %(zone)s not found' % dict(zone=domain)))
- raise e
# Get all forward resources for this host
records = api.Command['dnsrecord_find'](domain, idnsname=parts[0])['result']
for record in records:
diff --git a/ipapython/ipautil.py b/ipapython/ipautil.py
index 69a410f4..88d08365 100644
--- a/ipapython/ipautil.py
+++ b/ipapython/ipautil.py
@@ -41,9 +41,6 @@ import datetime
from ipapython import config
try:
from subprocess import CalledProcessError
- class CalledProcessError(subprocess.CalledProcessError):
- def __init__(self, returncode, cmd):
- super(CalledProcessError, self).__init__(returncode, cmd)
except ImportError:
# Python 2.4 doesn't implement CalledProcessError
class CalledProcessError(Exception):
@@ -876,6 +873,7 @@ class ItemCompleter:
self.items = items
self.initial_input = None
self.item_delims = ' \t,'
+ self.operator = '='
self.split_re = re.compile('[%s]+' % self.item_delims)
def open(self):
diff --git a/ipaserver/install/certs.py b/ipaserver/install/certs.py
index 209ed3e1..da89370a 100644
--- a/ipaserver/install/certs.py
+++ b/ipaserver/install/certs.py
@@ -602,7 +602,7 @@ class CertDB(object):
dogtag.https_request(self.host_name, api.env.ca_ee_port, "/ca/ee/ca/profileSubmitSSLClient", self.secdir, password, "ipaCert", **params)
if http_status != 200:
- raise CertificateOperationError(error=_('Unable to communicate with CMS (%s)') % \
+ raise CertificateOperationError(error='Unable to communicate with CMS (%s)' % \
http_reason_phrase)
# The result is an XML blob. Pull the certificate out of that
diff --git a/ipaserver/install/installutils.py b/ipaserver/install/installutils.py
index a5457e2d..05d397ee 100644
--- a/ipaserver/install/installutils.py
+++ b/ipaserver/install/installutils.py
@@ -82,7 +82,7 @@ def verify_dns_records(host_name, responses, resaddr, family):
rs = dnsclient.query(dns_addr.reverse_dns, dnsclient.DNS_C_IN, dnsclient.DNS_T_PTR)
if len(rs) == 0:
- raise RuntimeError("Cannot find Reverse Address for %s (%s)" % (host_name, addr))
+ raise RuntimeError("Cannot find Reverse Address for %s (%s)" % (host_name, dns_addr.format()))
rev = None
for rsn in rs:
@@ -91,7 +91,7 @@ def verify_dns_records(host_name, responses, resaddr, family):
break
if rev == None:
- raise RuntimeError("Cannot find Reverse Address for %s (%s)" % (host_name, addr))
+ raise RuntimeError("Cannot find Reverse Address for %s (%s)" % (host_name, dns_addr.format()))
if rec.dns_name != rev.rdata.ptrdname:
raise RuntimeError("The DNS forward record %s does not match the reverse address %s" % (rec.dns_name, rev.rdata.ptrdname))
diff --git a/ipaserver/ipaldap.py b/ipaserver/ipaldap.py
index b1f9f40c..d2d3d98a 100644
--- a/ipaserver/ipaldap.py
+++ b/ipaserver/ipaldap.py
@@ -611,8 +611,6 @@ class IPAdmin(SimpleLDAPObject):
while not entry and int(time.time()) < timeout:
try:
entry = self.getEntry(dn, scope, filter, attrlist)
- except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND):
- pass # found entry, but no attr
except ldap.NO_SUCH_OBJECT:
pass # no entry yet
except ldap.LDAPError, e: # badness
diff --git a/ipaserver/plugins/dogtag.py b/ipaserver/plugins/dogtag.py
index 45c3c197..8563848b 100644
--- a/ipaserver/plugins/dogtag.py
+++ b/ipaserver/plugins/dogtag.py
@@ -1519,9 +1519,7 @@ class ra(rabase.rabase):
"""
self.debug('%s.revoke_certificate()', self.fullname)
if type(revocation_reason) is not int:
- raise TYPE_ERROR('revocation_reason', int, revocation_reason,
- type(revocation_reason)
- )
+ raise TypeError(TYPE_ERROR % ('revocation_reason', int, revocation_reason, type(revocation_reason)))
# Convert serial number to integral type from string to properly handle
# radix issues. Note: the int object constructor will properly handle large
diff --git a/ipaserver/plugins/ldap2.py b/ipaserver/plugins/ldap2.py
index 86ea3f88..c920d21f 100644
--- a/ipaserver/plugins/ldap2.py
+++ b/ipaserver/plugins/ldap2.py
@@ -308,7 +308,7 @@ class ldap2(CrudBackend, Encoder):
_ldap.set_option(_ldap.OPT_X_TLS_KEYFILE, tls_keyfile)
if debug_level:
- _ldap.set_option(_ldap.OPT_X_DEBUG_LEVEL, debug_level)
+ _ldap.set_option(_ldap.OPT_DEBUG_LEVEL, debug_level)
try:
conn = _ldap.initialize(self.ldap_uri)
diff --git a/ipaserver/plugins/ldapapi.py b/ipaserver/plugins/ldapapi.py
index 847e2d2b..1ef84579 100644
--- a/ipaserver/plugins/ldapapi.py
+++ b/ipaserver/plugins/ldapapi.py
@@ -25,7 +25,6 @@ This wraps the python-ldap bindings.
"""
import ldap as _ldap
-import ldap.dn
from ipalib import api
from ipalib import errors
from ipalib.crud import CrudBackend
@@ -443,9 +442,4 @@ class ldap(CrudBackend):
return results
- def get_effective_rights(self, dn, attrs=None):
- binddn = self.find_entry_dn("krbprincipalname", self.conn.principal, "posixAccount")
-
- return servercore.get_effective_rights(binddn, dn, attrs)
-
api.register(ldap)
diff --git a/ipaserver/servercore.py b/ipaserver/servercore.py
index 38d42167..66af1161 100644
--- a/ipaserver/servercore.py
+++ b/ipaserver/servercore.py
@@ -168,14 +168,6 @@ def get_entry_by_cn (cn, sattrs):
searchfilter = "(cn=%s)" % cn
return get_sub_entry("cn=accounts," + api.env.basedn, searchfilter, sattrs)
-def get_user_by_uid(uid, sattrs):
- """Get a specific user's entry."""
- # FIXME: should accept a container to look in
-# uid = self.__safe_filter(uid)
- searchfilter = "(&(uid=%s)(objectclass=posixAccount))" % uid
-
- return get_sub_entry("cn=accounts," + api.env.basedn, searchfilter, sattrs)
-
# User support
def entry_exists(dn):