summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPatrick Uiterwijk <puiterwijk@redhat.com>2015-05-08 18:12:06 +0200
committerRob Crittenden <rcritten@redhat.com>2015-05-08 16:34:02 -0400
commit485baf6ee7a315d1af1086fe5b5da8cff6c4ba37 (patch)
tree80620b1ccf7bcfa052122559a9dddab638420bf4
parent9b7f9756d89f0a7908d9b7323f682f34b37d200e (diff)
downloadipsilon-485baf6ee7a315d1af1086fe5b5da8cff6c4ba37.tar.gz
ipsilon-485baf6ee7a315d1af1086fe5b5da8cff6c4ba37.tar.xz
ipsilon-485baf6ee7a315d1af1086fe5b5da8cff6c4ba37.zip
Implement change registration
This will make it possible for plugins to register what they have changed during installation, so that they can revert any changes they made during the uninstallation. https://fedorahosted.org/ipsilon/ticket/67 Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com> Reviewed-by: Rob Crittenden <rcritten@redhat.com>
Diffstat
-rw-r--r--ipsilon/helpers/common.py4
-rw-r--r--ipsilon/helpers/ipa.py2
-rw-r--r--ipsilon/info/common.py4
-rw-r--r--ipsilon/info/infoldap.py2
-rw-r--r--ipsilon/info/infonss.py2
-rw-r--r--ipsilon/info/infosssd.py2
-rwxr-xr-xipsilon/install/ipsilon-server-install46
-rw-r--r--ipsilon/login/authfas.py2
-rw-r--r--ipsilon/login/authform.py2
-rw-r--r--ipsilon/login/authgssapi.py2
-rw-r--r--ipsilon/login/authldap.py2
-rw-r--r--ipsilon/login/authpam.py2
-rw-r--r--ipsilon/login/authtest.py2
-rw-r--r--ipsilon/login/common.py4
-rw-r--r--ipsilon/providers/common.py4
-rw-r--r--ipsilon/providers/openidp.py2
-rw-r--r--ipsilon/providers/personaidp.py2
-rw-r--r--ipsilon/providers/saml2idp.py2
18 files changed, 59 insertions, 29 deletions
diff --git a/ipsilon/helpers/common.py b/ipsilon/helpers/common.py
index d3f7125..bdaa82f 100644
--- a/ipsilon/helpers/common.py
+++ b/ipsilon/helpers/common.py
@@ -12,7 +12,7 @@ class EnvHelpersInstaller(object):
self.ptype = 'helper'
self.name = None
- def unconfigure(self, opts):
+ def unconfigure(self, opts, changes):
return
def install_args(self, group):
@@ -21,7 +21,7 @@ class EnvHelpersInstaller(object):
def validate_args(self, args):
return
- def configure_server(self, opts):
+ def configure_server(self, opts, changes):
raise NotImplementedError
diff --git a/ipsilon/helpers/ipa.py b/ipsilon/helpers/ipa.py
index a785edb..9c786f9 100644
--- a/ipsilon/helpers/ipa.py
+++ b/ipsilon/helpers/ipa.py
@@ -163,7 +163,7 @@ class Installer(EnvHelpersInstaller):
pw = pwd.getpwnam(HTTPD_USER)
os.chown(opts['gssapi_httpd_keytab'], pw.pw_uid, pw.pw_gid)
- def configure_server(self, opts):
+ def configure_server(self, opts, changes):
if opts['ipa'] != 'yes' and opts['ipa'] != 'auto':
return
if opts['ipa'] != 'yes' and opts['gssapi'] == 'no':
diff --git a/ipsilon/info/common.py b/ipsilon/info/common.py
index 06b71aa..4cd6663 100644
--- a/ipsilon/info/common.py
+++ b/ipsilon/info/common.py
@@ -102,10 +102,10 @@ class InfoProviderInstaller(object):
def validate_args(self, args):
return
- def unconfigure(self, opts):
+ def unconfigure(self, opts, changes):
return
- def configure(self, opts):
+ def configure(self, opts, changes):
raise NotImplementedError
diff --git a/ipsilon/info/infoldap.py b/ipsilon/info/infoldap.py
index 9494666..66e8d50 100644
--- a/ipsilon/info/infoldap.py
+++ b/ipsilon/info/infoldap.py
@@ -182,7 +182,7 @@ class Installer(InfoProviderInstaller):
group.add_argument('--info-ldap-base-dn', action='store',
help='LDAP Base DN')
- def configure(self, opts):
+ def configure(self, opts, changes):
if opts['info_ldap'] != 'yes':
return
diff --git a/ipsilon/info/infonss.py b/ipsilon/info/infonss.py
index 1966c27..0cd6fa0 100644
--- a/ipsilon/info/infonss.py
+++ b/ipsilon/info/infonss.py
@@ -79,7 +79,7 @@ class Installer(InfoProviderInstaller):
group.add_argument('--info-nss', choices=['yes', 'no'], default='no',
help='Use passwd data to populate user attrs')
- def configure(self, opts):
+ def configure(self, opts, changes):
if opts['info_nss'] != 'yes':
return
diff --git a/ipsilon/info/infosssd.py b/ipsilon/info/infosssd.py
index 75fcf24..54d0ba2 100644
--- a/ipsilon/info/infosssd.py
+++ b/ipsilon/info/infosssd.py
@@ -131,7 +131,7 @@ class Installer(InfoProviderInstaller):
help='SSSD domain to enable mod_lookup_identity'
' for')
- def configure(self, opts):
+ def configure(self, opts, changes):
if opts['info_sssd'] != 'yes':
return
diff --git a/ipsilon/install/ipsilon-server-install b/ipsilon/install/ipsilon-server-install
index 471fe9a..0677f0e 100755
--- a/ipsilon/install/ipsilon-server-install
+++ b/ipsilon/install/ipsilon-server-install
@@ -10,6 +10,7 @@ from ipsilon.tools import files
import ConfigParser
import argparse
import cherrypy
+import json
import logging
import os
import pwd
@@ -154,6 +155,12 @@ def install(plugins, args):
# components
cherrypy.config.update(ipsilon_conf)
+ # Prepare to allow plugins to save things changed during install
+ changes = {'env_helper': {},
+ 'login_manager': {},
+ 'info_provider': {},
+ 'auth_provider': {}}
+
# Move pre-existing admin db away
admin_db = cherrypy.config['admin.config.db']
if os.path.exists(admin_db):
@@ -169,8 +176,10 @@ def install(plugins, args):
logger.info('Configuring environment helpers')
for plugin_name in plugins['Environment Helpers']:
plugin = plugins['Environment Helpers'][plugin_name]
- if plugin.configure_server(args) == False:
+ plugin_changes = {}
+ if plugin.configure_server(args, plugin_changes) == False:
logger.info('Configuration of environment helper %s failed' % plugin_name)
+ changes['env_helper'][plugin_name] = plugin_changes
logger.info('Configuring login managers')
for plugin_name in args['lm_order']:
@@ -178,20 +187,32 @@ def install(plugins, args):
plugin = plugins['Login Managers'][plugin_name]
except KeyError:
sys.exit('Login provider %s not installed' % plugin_name)
- if plugin.configure(args) == False:
+ plugin_changes = {}
+ if plugin.configure(args, plugin_changes) == False:
logger.info('Configuration of login manager %s failed' % plugin_name)
+ changes['login_manager'][plugin_name] = plugin_changes
logger.info('Configuring Info provider')
for plugin_name in plugins['Info Provider']:
plugin = plugins['Info Provider'][plugin_name]
- if plugin.configure(args) == False:
+ plugin_changes = {}
+ if plugin.configure(args, plugin_changes) == False:
logger.info('Configuration of info provider %s failed' % plugin_name)
+ changes['info_provider'][plugin_name] = plugin_changes
logger.info('Configuring Authentication Providers')
for plugin_name in plugins['Auth Providers']:
plugin = plugins['Auth Providers'][plugin_name]
- if plugin.configure(args) == False:
+ plugin_changes = {}
+ if plugin.configure(args, plugin_changes) == False:
logger.info('Configuration of auth provider %s failed' % plugin_name)
+ changes['auth_provider'][plugin_name] = plugin_changes
+
+ # Save any changes that were made
+ install_changes = os.path.join(instance_conf, 'install_changes')
+ changes = json.dumps(changes)
+ with open(install_changes, 'w+') as f:
+ f.write(changes)
# Fixup permissions so only the ipsilon user can read these files
files.fix_user_dirs(instance_conf, opts['system_user'])
@@ -223,28 +244,37 @@ def uninstall(plugins, args):
if sure != 'yes':
raise Exception('Aborting')
+ # Get the details of what we changed during installation
+ install_changes = os.path.join(instance_conf, 'install_changes')
+ with open(install_changes, 'r') as f:
+ changes = json.loads(f.read())
+
logger.info('Removing environment helpers')
for plugin_name in plugins['Environment Helpers']:
plugin = plugins['Environment Helpers'][plugin_name]
- if plugin.unconfigure(args) == False:
+ plugin_changes = changes['env_helper'][plugin_name]
+ if plugin.unconfigure(args, plugin_changes) == False:
logger.info('Removal of environment helper %s failed' % plugin_name)
logger.info('Removing login managers')
for plugin_name in plugins['Login Managers']:
plugin = plugins['Login Managers'][plugin_name]
- if plugin.unconfigure(args) == False:
+ plugin_changes = changes['login_manager'][plugin_name]
+ if plugin.unconfigure(args, plugin_changes) == False:
logger.info('Removal of login manager %s failed' % plugin_name)
logger.info('Removing Info providers')
for plugin_name in plugins['Info Provider']:
plugin = plugins['Info Provider'][plugin_name]
- if plugin.unconfigure(args) == False:
+ plugin_changes = changes['info_provider'][plugin_name]
+ if plugin.unconfigure(args, plugin_changes) == False:
logger.info('Removal of info provider %s failed' % plugin_name)
logger.info('Removing Authentication Providers')
for plugin_name in plugins['Auth Providers']:
plugin = plugins['Auth Providers'][plugin_name]
- if plugin.unconfigure(args) == False:
+ plugin_changes = changes['auth_provider'][plugin_name]
+ if plugin.unconfigure(args, plugin_changes) == False:
logger.info('Removal of auth provider %s failed' % plugin_name)
logger.info('Removing httpd configuration')
diff --git a/ipsilon/login/authfas.py b/ipsilon/login/authfas.py
index 8af7f28..d0b834a 100644
--- a/ipsilon/login/authfas.py
+++ b/ipsilon/login/authfas.py
@@ -185,7 +185,7 @@ class Installer(LoginManagerInstaller):
group.add_argument('--fas', choices=['yes', 'no'], default='no',
help='Configure FAS authentication')
- def configure(self, opts):
+ def configure(self, opts, changes):
if opts['fas'] != 'yes':
return
diff --git a/ipsilon/login/authform.py b/ipsilon/login/authform.py
index c6b958f..eed35fc 100644
--- a/ipsilon/login/authform.py
+++ b/ipsilon/login/authform.py
@@ -99,7 +99,7 @@ class Installer(LoginManagerInstaller):
group.add_argument('--form-service', action='store', default='remote',
help='PAM service name to use for authentication')
- def configure(self, opts):
+ def configure(self, opts, changes):
if opts['form'] != 'yes':
return
diff --git a/ipsilon/login/authgssapi.py b/ipsilon/login/authgssapi.py
index ce8213d..a05644d 100644
--- a/ipsilon/login/authgssapi.py
+++ b/ipsilon/login/authgssapi.py
@@ -114,7 +114,7 @@ class Installer(LoginManagerInstaller):
default='/etc/httpd/conf/http.keytab',
help='Kerberos keytab location for HTTPD')
- def configure(self, opts):
+ def configure(self, opts, changes):
if opts['gssapi'] != 'yes':
return
diff --git a/ipsilon/login/authldap.py b/ipsilon/login/authldap.py
index 161ef75..ce096f4 100644
--- a/ipsilon/login/authldap.py
+++ b/ipsilon/login/authldap.py
@@ -194,7 +194,7 @@ class Installer(LoginManagerInstaller):
group.add_argument('--ldap-base-dn', action='store',
help='LDAP Base DN')
- def configure(self, opts):
+ def configure(self, opts, changes):
if opts['ldap'] != 'yes':
return
diff --git a/ipsilon/login/authpam.py b/ipsilon/login/authpam.py
index c2a6afb..1a34f8f 100644
--- a/ipsilon/login/authpam.py
+++ b/ipsilon/login/authpam.py
@@ -114,7 +114,7 @@ class Installer(LoginManagerInstaller):
group.add_argument('--pam-service', action='store', default='remote',
help='PAM service name to use for authentication')
- def configure(self, opts):
+ def configure(self, opts, changes):
if opts['pam'] != 'yes':
return
diff --git a/ipsilon/login/authtest.py b/ipsilon/login/authtest.py
index 0b05e0a..aa2a73a 100644
--- a/ipsilon/login/authtest.py
+++ b/ipsilon/login/authtest.py
@@ -101,7 +101,7 @@ class Installer(LoginManagerInstaller):
group.add_argument('--testauth', choices=['yes', 'no'], default='no',
help='Configure PAM authentication')
- def configure(self, opts):
+ def configure(self, opts, changes):
if opts['testauth'] != 'yes':
return
diff --git a/ipsilon/login/common.py b/ipsilon/login/common.py
index 7cf0c2a..db71fb0 100644
--- a/ipsilon/login/common.py
+++ b/ipsilon/login/common.py
@@ -322,7 +322,7 @@ class LoginManagerInstaller(object):
self.ptype = 'login'
self.name = None
- def unconfigure(self, opts):
+ def unconfigure(self, opts, changes):
return
def install_args(self, group):
@@ -331,7 +331,7 @@ class LoginManagerInstaller(object):
def validate_args(self, args):
return
- def configure(self, opts):
+ def configure(self, opts, changes):
raise NotImplementedError
diff --git a/ipsilon/providers/common.py b/ipsilon/providers/common.py
index b842b39..c4d6658 100644
--- a/ipsilon/providers/common.py
+++ b/ipsilon/providers/common.py
@@ -105,7 +105,7 @@ class ProviderInstaller(object):
self.ptype = 'provider'
self.name = None
- def unconfigure(self, opts):
+ def unconfigure(self, opts, changes):
return
def install_args(self, group):
@@ -114,7 +114,7 @@ class ProviderInstaller(object):
def validate_args(self, args):
return
- def configure(self, opts):
+ def configure(self, opts, changes):
raise NotImplementedError
diff --git a/ipsilon/providers/openidp.py b/ipsilon/providers/openidp.py
index 052ab43..8f74578 100644
--- a/ipsilon/providers/openidp.py
+++ b/ipsilon/providers/openidp.py
@@ -146,7 +146,7 @@ class Installer(ProviderInstaller):
group.add_argument('--openid-extensions', default='',
help='List of OpenID Extensions to enable')
- def configure(self, opts):
+ def configure(self, opts, changes):
if opts['openid'] != 'yes':
return
diff --git a/ipsilon/providers/personaidp.py b/ipsilon/providers/personaidp.py
index d2794e0..f0146db 100644
--- a/ipsilon/providers/personaidp.py
+++ b/ipsilon/providers/personaidp.py
@@ -85,7 +85,7 @@ class Installer(ProviderInstaller):
group.add_argument('--persona', choices=['yes', 'no'], default='yes',
help='Configure Persona Provider')
- def configure(self, opts):
+ def configure(self, opts, changes):
if opts['persona'] != 'yes':
return
diff --git a/ipsilon/providers/saml2idp.py b/ipsilon/providers/saml2idp.py
index 6dfb03a..11ba832 100644
--- a/ipsilon/providers/saml2idp.py
+++ b/ipsilon/providers/saml2idp.py
@@ -452,7 +452,7 @@ class Installer(ProviderInstaller):
'(default - %d)' %
METADATA_DEFAULT_VALIDITY_PERIOD))
- def configure(self, opts):
+ def configure(self, opts, changes):
if opts['saml2'] != 'yes':
return
generated by cgit (git 2.34.1) at 2024-04-19 03:50:04 +0000