From 28ac93a5356979efeff2e0a09b099ded77cba75e Mon Sep 17 00:00:00 2001
From: Simo Sorce <ssorce@redhat.com>
Date: Mon, 31 Mar 2008 17:33:55 -0400
Subject: Implement client uninstall (including RHEL4 contrib setup script)

---
 ipa-client/ipa-client.spec                |  5 ++++
 ipa-client/ipa-client.spec.in             |  5 ++++
 ipa-client/ipa-install/ipa-client-install | 44 +++++++++++++++++++++++++++++--
 ipa-client/ipaclient/ntpconf.py           | 34 +++++++++++++++++++-----
 4 files changed, 80 insertions(+), 8 deletions(-)

(limited to 'ipa-client')

diff --git a/ipa-client/ipa-client.spec b/ipa-client/ipa-client.spec
index 8c49c203..7537a7c9 100755
--- a/ipa-client/ipa-client.spec
+++ b/ipa-client/ipa-client.spec
@@ -30,6 +30,8 @@ rm -rf %{buildroot}
 
 make install
 
+mkdir -p %{buildroot}/%{_localstatedir}/lib/ipa-client/sysrestore
+
 
 %clean
 rm -rf %{buildroot}
@@ -46,6 +48,9 @@ rm -rf %{buildroot}
 %dir %{python_sitelib}/ipaclient
 %{python_sitelib}/ipaclient/*.py*
 
+%dir %{_localstatedir}/lib/ipa-client
+%dir %{_localstatedir}/lib/ipa-client/sysrestore
+
 %{_mandir}/man1/*
 
 %changelog
diff --git a/ipa-client/ipa-client.spec.in b/ipa-client/ipa-client.spec.in
index 05436900..7d55bc18 100644
--- a/ipa-client/ipa-client.spec.in
+++ b/ipa-client/ipa-client.spec.in
@@ -30,6 +30,8 @@ rm -rf %{buildroot}
 
 make install
 
+mkdir -p %{buildroot}/%{_localstatedir}/lib/ipa-client/sysrestore
+
 
 %clean
 rm -rf %{buildroot}
@@ -46,6 +48,9 @@ rm -rf %{buildroot}
 %dir %{python_sitelib}/ipaclient
 %{python_sitelib}/ipaclient/*.py*
 
+%dir %{_localstatedir}/lib/ipa-client
+%dir %{_localstatedir}/lib/ipa-client/sysrestore
+
 %{_mandir}/man1/*
 
 %changelog
diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install
index fce17e87..056e20f3 100644
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -38,6 +38,8 @@ def parse_options():
                       help="do not configure ntp", default=True, dest="conf_ntp")
     parser.add_option("--on-master", dest="on_master", action="store_true",
                       help="use this option when run on a master", default=False)
+    parser.add_option("", "--uninstall", dest="uninstall", action="store_true",
+                      default=False, help="uninstall an existing installation")
 
     options, args = parser.parse_args()
 
@@ -53,9 +55,14 @@ def ask_for_confirmation(message):
 def logging_setup(options):
     # Always log everything (i.e., DEBUG) to the log
     # file.
+
+    log_file = "/var/log/ipaclient-install.log"
+    if options.uninstall:
+        log_file = "/var/log/ipaclient-uninstall.log"
+
     logging.basicConfig(level=logging.DEBUG,
                         format='%(asctime)s %(levelname)s %(message)s',
-                        filename='/var/log/ipaclient-install.log',
+                        filename=log_file,
                         filemode='w')
 
     console = logging.StreamHandler()
@@ -69,11 +76,40 @@ def logging_setup(options):
     console.setFormatter(formatter)
     logging.getLogger('').addHandler(console)
 
+def uninstall(options):
+
+    print "Restoring client configuration files"
+    fstore.restore_all_files()
+
+    print "Disabling client Kerberos and Ldap configurations"
+    try:
+        run(["/usr/sbin/authconfig", "--disableldap", "--disablekrb5", "--update"])
+    except Exception, e:
+        print "Failed to remove krb5/ldap configuration. " +str(e)
+        sys.exit(1)
+
+    if not options.unattended:
+        print "The original nsswitch.conf configuration has been restored."
+        print "You may need to restart services or reboot the machine."
+        if not options.on_master:
+            if ask_for_confirmation("Do you want to reboot the machine?"):
+                try:
+                    run(["/usr/bin/reboot"])
+                except Exception, e:
+                    print "Reboot command failed to exceute. " + str(e)
+                    sys.exit(1)
+
 def main():
     options = parse_options()
     logging_setup(options)
     dnsok = True
 
+    global fstore
+    fstore = sysrestore.FileStore('/var/lib/ipa-client/sysrestore')
+
+    if options.uninstall:
+        return uninstall(options)
+
     # Create the discovery instance
     ds = ipaclient.ipadiscovery.IPADiscovery()
 
@@ -156,6 +192,7 @@ def main():
     opts.append({'name':'defaults', 'type':'section', 'value':defopts})
     opts.append({'name':'empty', 'type':'empty'})
 
+    fstore.backup_file("/etc/ipa/ipa.conf")
     ipaconf.newConf("/etc/ipa/ipa.conf", opts)
     print "Created /etc/ipa/ipa.conf"
 
@@ -175,6 +212,7 @@ def main():
 
     opts.append({'name':'empty', 'type':'empty'})
     try:
+        fstore.backup_file("/etc/ldap.conf")
         ldapconf.newConf("/etc/ldap.conf", opts)
         print "Configured /etc/ldap.conf"
     except Exception, e:
@@ -236,6 +274,7 @@ def main():
         appopts = [{'name':'pam', 'type':'subsection', 'value':pamopts}]
         opts.append({'name':'appdefaults', 'type':'section', 'value':appopts})
 
+        fstore.backup_file("/etc/krb5.conf")
         krbconf.newConf("/etc/krb5.conf", opts);
         print "Configured /etc/krb5.conf for IPA realm " + ds.getRealmName()
 
@@ -268,7 +307,7 @@ def main():
             ntp_server = options.ntp_server
         else:
             ntp_server = ds.getServerName()
-        ipaclient.ntpconf.config_ntp(ntp_server)
+        ipaclient.ntpconf.config_ntp(ntp_server, fstore)
         print "NTP enabled"
 
     print "Client configuration complete."
@@ -286,6 +325,7 @@ try:
     import ipaclient.ipachangeconf
     import ipaclient.ntpconf
     from ipa.ipautil import run
+    from ipa import sysrestore
 
     sys.exit(main())
 except KeyboardInterrupt:
diff --git a/ipa-client/ipaclient/ntpconf.py b/ipa-client/ipaclient/ntpconf.py
index ca88cede..14e720c2 100644
--- a/ipa-client/ipaclient/ntpconf.py
+++ b/ipa-client/ipaclient/ntpconf.py
@@ -70,20 +70,42 @@ keys /etc/ntp/keys
 #controlkey 8
 """
 
-def config_ntp(server_fqdn):
+ntp_sysconfig = """# Drop root to id 'ntp:ntp' by default.
+OPTIONS="-x -u ntp:ntp -p /var/run/ntpd.pid"
+
+# Set to 'yes' to sync hw clock after successful ntpdate
+SYNC_HWCLOCK=yes
+
+# Additional options for ntpdate
+NTPDATE_OPTIONS=""
+"""
+
+def config_ntp(server_fqdn, fstore = None):
     sub_dict = { }
     sub_dict["SERVER"] = server_fqdn
-    
+
     nc = template_str(ntp_conf, sub_dict)
-    
-    shutil.copy("/etc/ntp.conf", "/etc/ntp.conf.ipasave")
-    
+
+    if fstore:
+        fstore.backup_file("/etc/ntp.conf")
+    else:
+        shutil.copy("/etc/ntp.conf", "/etc/ntp.conf.ipasave")
+
     fd = open("/etc/ntp.conf", "w")
     fd.write(nc)
     fd.close()
 
+    if fstore:
+        fstore.backup_file("/etc/sysconfig/ntpd")
+    else:
+        shutil.copy("/etc/sysconfig/ntpd", "/etc/sysconfig/ntpd.ipasave")
+
+    fd = open("/etc/sysconfig/ntpd", "w")
+    fd.write(ntp_sysconfig)
+    fd.close()
+
     # Set the ntpd to start on boot
     run(["/sbin/chkconfig", "ntpd", "on"])
-    
+
     # Restart ntpd
     run(["/sbin/service", "ntpd", "restart"])
-- 
cgit