Check that port 8443 is available when installing PKI.

https://fedorahosted.org/freeipa/ticket/4564 Reviewed-By: Martin Kosek <mkosek@redhat.com>
author: David Kupka <dkupka@redhat.com> 2014-10-10 12:14:32 +0200
committer: Martin Kosek <mkosek@redhat.com> 2014-10-10 12:15:30 +0200
commit: b89c184ad5522d26282801495cffd50a1dcbc2c0 (patch)
tree: 3064326ee69c62989bb24fc5adb952b60006869e
parent: 018772e11df07e41b787ed9a4b5db8a45c1b229e (diff)
download: freeipa-b89c184ad5522d26282801495cffd50a1dcbc2c0.tar.gz
freeipa-b89c184ad5522d26282801495cffd50a1dcbc2c0.tar.xz
freeipa-b89c184ad5522d26282801495cffd50a1dcbc2c0.zip
4 files changed, 25 insertions, 0 deletions
diff --git a/install/tools/ipa-ca-install b/install/tools/ipa-ca-install
index 3c9307edf..96cf85f3b 100755
--- a/install/tools/ipa-ca-install
+++ b/install/tools/ipa-ca-install
@@ -75,6 +75,11 @@ def parse_options():
 def get_dirman_password():
     return installutils.read_password("Directory Manager (existing master)", confirm=False, validate=False)
 
+def check_ca():
+    if not cainstance.check_port():
+        print "IPA requires port 8443 for PKI but it is currently in use."
+        sys.exit(1)
+
 def install_dns_records(config, options):
 
     if not bindinstance.dns_container_exists(config.master_host_name,
@@ -177,6 +182,8 @@ def main():
     else:
         cainstance.replica_ca_install_check(config)
 
+    check_ca()
+
     # Configure the CA if necessary
     CA = cainstance.install_replica_ca(config, postinstall=True)
 
diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install
index 621127558..0b8f8826e 100755
--- a/install/tools/ipa-replica-install
+++ b/install/tools/ipa-replica-install
@@ -484,6 +484,11 @@ def main():
 
     check_dirsrv()
 
+    if options.setup_ca:
+        if not cainstance.check_port():
+            print "IPA requires port 8443 for PKI but it is currently in use."
+            sys.exit("Aborting installation")
+
     if options.conf_ntp:
         try:
             ipaclient.ntpconf.check_timedate_services()
diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install
index 89dd2ad36..beb5cfe1a 100755
--- a/install/tools/ipa-server-install
+++ b/install/tools/ipa-server-install
@@ -803,6 +803,11 @@ def main():
         # Make sure the 389-ds ports are available
         check_dirsrv(options.unattended)
 
+    if setup_ca:
+        if not cainstance.check_port():
+            print "IPA requires port 8443 for PKI but it is currently in use."
+            sys.exit("Aborting installation")
+
     if options.conf_ntp:
         try:
             ipaclient.ntpconf.check_timedate_services()
diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py
index 209c9eb15..978b98a58 100644
--- a/ipaserver/install/cainstance.py
+++ b/ipaserver/install/cainstance.py
@@ -105,6 +105,14 @@ def check_inst():
 
     return True
 
+def check_port():
+    """
+    Check that dogtag port (8443) is available.
+
+    Returns True when the port is free, False if it's taken.
+    """
+    return not ipautil.host_port_open(None, 8443)
+
 def get_preop_pin(instance_root, instance_name):
     # Only used for Dogtag 9
     preop_pin = None
author	David Kupka <dkupka@redhat.com>	2014-10-10 12:14:32 +0200
committer	Martin Kosek <mkosek@redhat.com>	2014-10-10 12:15:30 +0200
commit	b89c184ad5522d26282801495cffd50a1dcbc2c0 (patch)
tree	3064326ee69c62989bb24fc5adb952b60006869e
parent	018772e11df07e41b787ed9a4b5db8a45c1b229e (diff)
download	freeipa-b89c184ad5522d26282801495cffd50a1dcbc2c0.tar.gz freeipa-b89c184ad5522d26282801495cffd50a1dcbc2c0.tar.xz freeipa-b89c184ad5522d26282801495cffd50a1dcbc2c0.zip