diff options
author | Timo Aaltonen <tjaalton@ubuntu.com> | 2012-12-05 14:58:06 +0200 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2013-01-14 14:39:54 +0100 |
commit | ed849639272acf0aed44935591ba525ec1348d59 (patch) | |
tree | dce45b15575c4c9561a260a898d358575b45c610 /ipapython | |
parent | 38dded7db6529be096b92c9d63182a980e0b3a93 (diff) | |
download | freeipa-ed849639272acf0aed44935591ba525ec1348d59.tar.gz freeipa-ed849639272acf0aed44935591ba525ec1348d59.tar.xz freeipa-ed849639272acf0aed44935591ba525ec1348d59.zip |
convert the base platform modules into packages
Diffstat (limited to 'ipapython')
-rw-r--r-- | ipapython/platform/base/__init__.py (renamed from ipapython/platform/base.py) | 0 | ||||
-rw-r--r-- | ipapython/platform/base/systemd.py (renamed from ipapython/platform/systemd.py) | 5 | ||||
-rw-r--r-- | ipapython/platform/fedora16/__init__.py | 52 | ||||
-rw-r--r-- | ipapython/platform/fedora16/selinux.py | 26 | ||||
-rw-r--r-- | ipapython/platform/fedora16/service.py (renamed from ipapython/platform/fedora16.py) | 45 | ||||
-rw-r--r-- | ipapython/platform/fedora18/__init__.py (renamed from ipapython/platform/fedora18.py) | 0 | ||||
-rw-r--r-- | ipapython/platform/redhat/__init__.py (renamed from ipapython/platform/redhat.py) | 144 | ||||
-rw-r--r-- | ipapython/platform/redhat/auth.py | 49 | ||||
-rw-r--r-- | ipapython/platform/redhat/service.py | 123 | ||||
-rw-r--r-- | ipapython/setup.py.in | 7 |
10 files changed, 273 insertions, 178 deletions
diff --git a/ipapython/platform/base.py b/ipapython/platform/base/__init__.py index e2aa33fa..e2aa33fa 100644 --- a/ipapython/platform/base.py +++ b/ipapython/platform/base/__init__.py diff --git a/ipapython/platform/systemd.py b/ipapython/platform/base/systemd.py index 4e8a03f2..a9c1ec03 100644 --- a/ipapython/platform/systemd.py +++ b/ipapython/platform/base/systemd.py @@ -17,9 +17,12 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. # +import os +import shutil +import sys + from ipapython import ipautil from ipapython.platform import base -import sys, os, shutil from ipalib import api class SystemdService(base.PlatformService): diff --git a/ipapython/platform/fedora16/__init__.py b/ipapython/platform/fedora16/__init__.py new file mode 100644 index 00000000..26a6afd2 --- /dev/null +++ b/ipapython/platform/fedora16/__init__.py @@ -0,0 +1,52 @@ +# Author: Alexander Bokovoy <abokovoy@redhat.com> +# +# Copyright (C) 2011 Red Hat +# see file 'COPYING' for use and warranty information +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +from ipapython.platform import base, redhat +from ipapython.platform.fedora16 import selinux +from ipapython.platform.fedora16.service import f16_service, Fedora16Services + +# All what we allow exporting directly from this module +# Everything else is made available through these symbols when they are +# directly imported into ipapython.services: +# authconfig -- class reference for platform-specific implementation of +# authconfig(8) +# service -- class reference for platform-specific implementation of a +# PlatformService class +# knownservices -- factory instance to access named services IPA cares about, +# names are ipapython.services.wellknownservices +# backup_and_replace_hostname -- platform-specific way to set hostname and +# make it persistent over reboots +# restore_context -- platform-sepcific way to restore security context, if +# applicable +# check_selinux_status -- platform-specific way to see if SELinux is enabled +# and restorecon is installed. +__all__ = ['authconfig', 'service', 'knownservices', + 'backup_and_replace_hostname', 'restore_context', 'check_selinux_status', + 'restore_network_configuration', 'timedate_services'] + +# Just copy a referential list of timedate services +timedate_services = list(base.timedate_services) + +authconfig = redhat.authconfig +service = f16_service +knownservices = Fedora16Services() +backup_and_replace_hostname = redhat.backup_and_replace_hostname +restore_context = selinux.restore_context +check_selinux_status = selinux.check_selinux_status +restore_network_configuration = redhat.restore_network_configuration diff --git a/ipapython/platform/fedora16/selinux.py b/ipapython/platform/fedora16/selinux.py new file mode 100644 index 00000000..cf71a38e --- /dev/null +++ b/ipapython/platform/fedora16/selinux.py @@ -0,0 +1,26 @@ +# Author: Alexander Bokovoy <abokovoy@redhat.com> +# +# Copyright (C) 2011 Red Hat +# see file 'COPYING' for use and warranty information +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +from ipapython.platform import redhat + +def restore_context(filepath, restorecon='/usr/sbin/restorecon'): + return redhat.restore_context(filepath, restorecon) + +def check_selinux_status(restorecon='/usr/sbin/restorecon'): + return redhat.check_selinux_status(restorecon) diff --git a/ipapython/platform/fedora16.py b/ipapython/platform/fedora16/service.py index 628cad13..c2e35d32 100644 --- a/ipapython/platform/fedora16.py +++ b/ipapython/platform/fedora16/service.py @@ -21,34 +21,12 @@ import os import time from ipapython import ipautil, dogtag -from ipapython.platform import base, redhat, systemd +from ipapython.platform import base, redhat +from ipapython.platform.base import systemd +from ipapython.platform.fedora16 import selinux from ipapython.ipa_log_manager import root_logger from ipalib import api -# All what we allow exporting directly from this module -# Everything else is made available through these symbols when they are -# directly imported into ipapython.services: -# authconfig -- class reference for platform-specific implementation of -# authconfig(8) -# service -- class reference for platform-specific implementation of a -# PlatformService class -# knownservices -- factory instance to access named services IPA cares about, -# names are ipapython.services.wellknownservices -# backup_and_replace_hostname -- platform-specific way to set hostname and -# make it persistent over reboots -# restore_network_configuration -- platform-specific way of restoring network -# configuration (e.g. static hostname) -# restore_context -- platform-sepcific way to restore security context, if -# applicable -# check_selinux_status -- platform-specific way to see if SELinux is enabled -# and restorecon is installed. -__all__ = ['authconfig', 'service', 'knownservices', - 'backup_and_replace_hostname', 'restore_context', 'check_selinux_status', - 'restore_network_configuration', 'timedate_services'] - -# Just copy a referential list of timedate services -timedate_services = list(base.timedate_services) - # For beginning just remap names to add .service # As more services will migrate to systemd, unit names will deviate and # mapping will be kept in this dictionary @@ -88,6 +66,7 @@ class Fedora16Service(systemd.SystemdService): # systemd, default to foo.service style then systemd_name = "%s.service" % (service_name) super(Fedora16Service, self).__init__(service_name, systemd_name) + # Special handling of directory server service # # We need to explicitly enable instances to install proper symlinks as @@ -110,7 +89,7 @@ class Fedora16DirectoryService(Fedora16Service): # into dirsrv@.service unit replacevars = {'LimitNOFILE':'8192'} ipautil.inifile_replace_variables(dirsrv_systemd, 'service', replacevars=replacevars) - restore_context(dirsrv_systemd) + selinux.restore_context(dirsrv_systemd) ipautil.run(["/bin/systemctl", "--system", "daemon-reload"],raiseonerr=False) def restart(self, instance_name="", capture_output=True, wait=True): @@ -139,7 +118,6 @@ class Fedora16SSHService(Fedora16Service): def get_config_dir(self, instance_name=""): return '/etc/ssh' - class Fedora16CAService(Fedora16Service): def __wait_until_running(self): # We must not wait for the httpd proxy if httpd is not set up yet. @@ -179,7 +157,6 @@ class Fedora16CAService(Fedora16Service): if wait: self.__wait_until_running() - # Redirect directory server service through special sub-class due to its # special handling of instances def f16_service(name): @@ -200,15 +177,3 @@ class Fedora16Services(base.KnownServices): services[s] = f16_service(s) # Call base class constructor. This will lock services to read-only super(Fedora16Services, self).__init__(services) - -def restore_context(filepath, restorecon='/usr/sbin/restorecon'): - return redhat.restore_context(filepath, restorecon) - -def check_selinux_status(restorecon='/usr/sbin/restorecon'): - return redhat.check_selinux_status(restorecon) - -authconfig = redhat.authconfig -service = f16_service -knownservices = Fedora16Services() -backup_and_replace_hostname = redhat.backup_and_replace_hostname -restore_network_configuration = redhat.restore_network_configuration diff --git a/ipapython/platform/fedora18.py b/ipapython/platform/fedora18/__init__.py index d12bdcad..d12bdcad 100644 --- a/ipapython/platform/fedora18.py +++ b/ipapython/platform/fedora18/__init__.py diff --git a/ipapython/platform/redhat.py b/ipapython/platform/redhat/__init__.py index 274062e4..f7680e7e 100644 --- a/ipapython/platform/redhat.py +++ b/ipapython/platform/redhat/__init__.py @@ -18,19 +18,15 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. # -import tempfile -import re import os -import stat -import sys import socket import stat -import time +import sys from ipapython import ipautil from ipapython.platform import base -from ipapython.ipa_log_manager import root_logger -from ipalib import api +from ipapython.platform.redhat.auth import RedHatAuthConfig +from ipapython.platform.redhat.service import redhat_service, RedHatServices # All what we allow exporting directly from this module # Everything else is made available through these symbols when they are @@ -57,130 +53,6 @@ __all__ = ['authconfig', 'service', 'knownservices', # Just copy a referential list of timedate services timedate_services = list(base.timedate_services) -class RedHatService(base.PlatformService): - def __wait_for_open_ports(self, instance_name=""): - """ - If this is a service we need to wait for do so. - """ - ports = None - if instance_name in base.wellknownports: - ports = base.wellknownports[instance_name] - else: - if self.service_name in base.wellknownports: - ports = base.wellknownports[self.service_name] - if ports: - ipautil.wait_for_open_ports('localhost', ports, api.env.startup_timeout) - - def stop(self, instance_name="", capture_output=True): - ipautil.run(["/sbin/service", self.service_name, "stop", instance_name], capture_output=capture_output) - super(RedHatService, self).stop(instance_name) - - def start(self, instance_name="", capture_output=True, wait=True): - ipautil.run(["/sbin/service", self.service_name, "start", instance_name], capture_output=capture_output) - if wait and self.is_running(instance_name): - self.__wait_for_open_ports(instance_name) - super(RedHatService, self).start(instance_name) - - def restart(self, instance_name="", capture_output=True, wait=True): - ipautil.run(["/sbin/service", self.service_name, "restart", instance_name], capture_output=capture_output) - if wait and self.is_running(instance_name): - self.__wait_for_open_ports(instance_name) - - def is_running(self, instance_name=""): - ret = True - try: - (sout,serr,rcode) = ipautil.run(["/sbin/service", self.service_name, "status", instance_name]) - if sout.find("is stopped") >= 0: - ret = False - except ipautil.CalledProcessError: - ret = False - return ret - - def is_installed(self): - installed = True - try: - ipautil.run(["/sbin/service", self.service_name, "status"]) - except ipautil.CalledProcessError, e: - if e.returncode == 1: - # service is not installed or there is other serious issue - installed = False - return installed - - def is_enabled(self, instance_name=""): - (stdout, stderr, returncode) = ipautil.run(["/sbin/chkconfig", self.service_name],raiseonerr=False) - return (returncode == 0) - - def enable(self, instance_name=""): - ipautil.run(["/sbin/chkconfig", self.service_name, "on"]) - - def disable(self, instance_name=""): - ipautil.run(["/sbin/chkconfig", self.service_name, "off"]) - - def install(self, instance_name=""): - ipautil.run(["/sbin/chkconfig", "--add", self.service_name]) - - def remove(self, instance_name=""): - ipautil.run(["/sbin/chkconfig", "--del", self.service_name]) - -class RedHatSSHService(RedHatService): - def get_config_dir(self, instance_name=""): - return '/etc/ssh' - -class RedHatHTTPDService(RedHatService): - def restart(self, instance_name="", capture_output=True, wait=True): - try: - super(RedHatHTTPDService, self).restart(instance_name, capture_output, wait) - except ipautil.CalledProcessError: - # http may have issues with binding to ports, try to fallback - # https://bugzilla.redhat.com/show_bug.cgi?id=845405 - root_logger.debug("%s restart failed, try to stop&start again", self.service_name) - time.sleep(5) - self.stop(instance_name, capture_output) - time.sleep(5) - self.start(instance_name, capture_output, wait) - -class RedHatAuthConfig(base.AuthConfig): - """ - AuthConfig class implements system-independent interface to configure - system authentication resources. In Red Hat-produced systems this is done with - authconfig(8) utility. - """ - def __build_args(self): - args = [] - for (option, value) in self.parameters.items(): - if type(value) is bool: - if value: - args.append("--enable%s" % (option)) - else: - args.append("--disable%s" % (option)) - elif type(value) in (tuple, list): - args.append("--%s" % (option)) - args.append("%s" % (value[0])) - elif value is None: - args.append("--%s" % (option)) - else: - args.append("--%s%s" % (option,value)) - return args - - def execute(self): - args = self.__build_args() - ipautil.run(["/usr/sbin/authconfig"]+args) - -def redhat_service(name): - if name == 'sshd': - return RedHatSSHService(name) - elif name == 'httpd': - return RedHatHTTPDService(name) - return RedHatService(name) - -class RedHatServices(base.KnownServices): - def __init__(self): - services = dict() - for s in base.wellknownservices: - services[s] = redhat_service(s) - # Call base class constructor. This will lock services to read-only - super(RedHatServices, self).__init__(services) - authconfig = RedHatAuthConfig service = redhat_service knownservices = RedHatServices() @@ -232,11 +104,6 @@ def backup_and_replace_hostname(fstore, statestore, hostname): else: statestore.backup_state('network', 'hostname', old_hostname) -def restore_network_configuration(fstore, statestore): - filepath = '/etc/sysconfig/network' - if fstore.has_file(filepath): - fstore.restore_file(filepath) - def check_selinux_status(restorecon='/sbin/restorecon'): """ We don't have a specific package requirement for policycoreutils @@ -259,3 +126,8 @@ def check_selinux_status(restorecon='/sbin/restorecon'): if not os.path.exists(restorecon): raise RuntimeError('SELinux is enabled but %s does not exist.\nInstall the policycoreutils package and start the installation again.' % restorecon) + +def restore_network_configuration(fstore, statestore): + filepath = '/etc/sysconfig/network' + if fstore.has_file(filepath): + fstore.restore_file(filepath) diff --git a/ipapython/platform/redhat/auth.py b/ipapython/platform/redhat/auth.py new file mode 100644 index 00000000..93c3c5e9 --- /dev/null +++ b/ipapython/platform/redhat/auth.py @@ -0,0 +1,49 @@ +# Authors: Simo Sorce <ssorce@redhat.com> +# Alexander Bokovoy <abokovoy@redhat.com> +# +# Copyright (C) 2007-2011 Red Hat +# see file 'COPYING' for use and warranty information +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +from ipapython import ipautil +from ipapython.platform import base + +class RedHatAuthConfig(base.AuthConfig): + """ + AuthConfig class implements system-independent interface to configure + system authentication resources. In Red Hat-produced systems this is done with + authconfig(8) utility. + """ + def __build_args(self): + args = [] + for (option, value) in self.parameters.items(): + if type(value) is bool: + if value: + args.append("--enable%s" % (option)) + else: + args.append("--disable%s" % (option)) + elif type(value) in (tuple, list): + args.append("--%s" % (option)) + args.append("%s" % (value[0])) + elif value is None: + args.append("--%s" % (option)) + else: + args.append("--%s%s" % (option,value)) + return args + + def execute(self): + args = self.__build_args() + ipautil.run(["/usr/sbin/authconfig"]+args) diff --git a/ipapython/platform/redhat/service.py b/ipapython/platform/redhat/service.py new file mode 100644 index 00000000..61511b48 --- /dev/null +++ b/ipapython/platform/redhat/service.py @@ -0,0 +1,123 @@ +# Authors: Simo Sorce <ssorce@redhat.com> +# Alexander Bokovoy <abokovoy@redhat.com> +# +# Copyright (C) 2007-2011 Red Hat +# see file 'COPYING' for use and warranty information +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +import time + +from ipapython import ipautil +from ipapython.ipa_log_manager import root_logger +from ipapython.platform import base +from ipalib import api + +class RedHatService(base.PlatformService): + def __wait_for_open_ports(self, instance_name=""): + """ + If this is a service we need to wait for do so. + """ + ports = None + if instance_name in base.wellknownports: + ports = base.wellknownports[instance_name] + else: + if self.service_name in base.wellknownports: + ports = base.wellknownports[self.service_name] + if ports: + ipautil.wait_for_open_ports('localhost', ports, api.env.startup_timeout) + + def stop(self, instance_name="", capture_output=True): + ipautil.run(["/sbin/service", self.service_name, "stop", instance_name], capture_output=capture_output) + super(RedHatService, self).stop(instance_name) + + def start(self, instance_name="", capture_output=True, wait=True): + ipautil.run(["/sbin/service", self.service_name, "start", instance_name], capture_output=capture_output) + if wait and self.is_running(instance_name): + self.__wait_for_open_ports(instance_name) + super(RedHatService, self).start(instance_name) + + def restart(self, instance_name="", capture_output=True, wait=True): + ipautil.run(["/sbin/service", self.service_name, "restart", instance_name], capture_output=capture_output) + if wait and self.is_running(instance_name): + self.__wait_for_open_ports(instance_name) + + def is_running(self, instance_name=""): + ret = True + try: + (sout,serr,rcode) = ipautil.run(["/sbin/service", self.service_name, "status", instance_name]) + if sout.find("is stopped") >= 0: + ret = False + except ipautil.CalledProcessError: + ret = False + return ret + + def is_installed(self): + installed = True + try: + ipautil.run(["/sbin/service", self.service_name, "status"]) + except ipautil.CalledProcessError, e: + if e.returncode == 1: + # service is not installed or there is other serious issue + installed = False + return installed + + def is_enabled(self, instance_name=""): + (stdout, stderr, returncode) = ipautil.run(["/sbin/chkconfig", self.service_name],raiseonerr=False) + return (returncode == 0) + + def enable(self, instance_name=""): + ipautil.run(["/sbin/chkconfig", self.service_name, "on"]) + + def disable(self, instance_name=""): + ipautil.run(["/sbin/chkconfig", self.service_name, "off"]) + + def install(self, instance_name=""): + ipautil.run(["/sbin/chkconfig", "--add", self.service_name]) + + def remove(self, instance_name=""): + ipautil.run(["/sbin/chkconfig", "--del", self.service_name]) + +class RedHatSSHService(RedHatService): + def get_config_dir(self, instance_name=""): + return '/etc/ssh' + +class RedHatHTTPDService(RedHatService): + def restart(self, instance_name="", capture_output=True, wait=True): + try: + super(RedHatHTTPDService, self).restart(instance_name, capture_output, wait) + except ipautil.CalledProcessError: + # http may have issues with binding to ports, try to fallback + # https://bugzilla.redhat.com/show_bug.cgi?id=845405 + root_logger.debug("%s restart failed, try to stop&start again", self.service_name) + time.sleep(5) + self.stop(instance_name, capture_output) + time.sleep(5) + self.start(instance_name, capture_output, wait) + +def redhat_service(name): + if name == 'sshd': + return RedHatSSHService(name) + elif name == 'httpd': + return RedHatHTTPDService(name) + return RedHatService(name) + +class RedHatServices(base.KnownServices): + def __init__(self): + services = dict() + for s in base.wellknownservices: + services[s] = redhat_service(s) + # Call base class constructor. This will lock services to read-only + super(RedHatServices, self).__init__(services) diff --git a/ipapython/setup.py.in b/ipapython/setup.py.in index df1cacf8..d3bbcaf1 100644 --- a/ipapython/setup.py.in +++ b/ipapython/setup.py.in @@ -65,7 +65,12 @@ def setup_package(): classifiers=filter(None, CLASSIFIERS.split('\n')), platforms = ["Linux", "Solaris", "Unix"], package_dir = {'ipapython': ''}, - packages = [ "ipapython", "ipapython.platform" ], + packages = [ "ipapython", + "ipapython.platform", + "ipapython.platform.base", + "ipapython.platform.fedora16", + "ipapython.platform.fedora18", + "ipapython.platform.redhat" ], ) finally: del sys.path[0] |