diff options
author | David Kupka <dkupka@redhat.com> | 2014-10-10 12:14:32 +0200 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2014-10-10 12:15:30 +0200 |
commit | b89c184ad5522d26282801495cffd50a1dcbc2c0 (patch) | |
tree | 3064326ee69c62989bb24fc5adb952b60006869e | |
parent | 018772e11df07e41b787ed9a4b5db8a45c1b229e (diff) | |
download | freeipa-b89c184ad5522d26282801495cffd50a1dcbc2c0.tar.gz freeipa-b89c184ad5522d26282801495cffd50a1dcbc2c0.tar.xz freeipa-b89c184ad5522d26282801495cffd50a1dcbc2c0.zip |
Check that port 8443 is available when installing PKI.
https://fedorahosted.org/freeipa/ticket/4564
Reviewed-By: Martin Kosek <mkosek@redhat.com>
-rwxr-xr-x | install/tools/ipa-ca-install | 7 | ||||
-rwxr-xr-x | install/tools/ipa-replica-install | 5 | ||||
-rwxr-xr-x | install/tools/ipa-server-install | 5 | ||||
-rw-r--r-- | ipaserver/install/cainstance.py | 8 |
4 files changed, 25 insertions, 0 deletions
diff --git a/install/tools/ipa-ca-install b/install/tools/ipa-ca-install index 3c9307edf..96cf85f3b 100755 --- a/install/tools/ipa-ca-install +++ b/install/tools/ipa-ca-install @@ -75,6 +75,11 @@ def parse_options(): def get_dirman_password(): return installutils.read_password("Directory Manager (existing master)", confirm=False, validate=False) +def check_ca(): + if not cainstance.check_port(): + print "IPA requires port 8443 for PKI but it is currently in use." + sys.exit(1) + def install_dns_records(config, options): if not bindinstance.dns_container_exists(config.master_host_name, @@ -177,6 +182,8 @@ def main(): else: cainstance.replica_ca_install_check(config) + check_ca() + # Configure the CA if necessary CA = cainstance.install_replica_ca(config, postinstall=True) diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install index 621127558..0b8f8826e 100755 --- a/install/tools/ipa-replica-install +++ b/install/tools/ipa-replica-install @@ -484,6 +484,11 @@ def main(): check_dirsrv() + if options.setup_ca: + if not cainstance.check_port(): + print "IPA requires port 8443 for PKI but it is currently in use." + sys.exit("Aborting installation") + if options.conf_ntp: try: ipaclient.ntpconf.check_timedate_services() diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install index 89dd2ad36..beb5cfe1a 100755 --- a/install/tools/ipa-server-install +++ b/install/tools/ipa-server-install @@ -803,6 +803,11 @@ def main(): # Make sure the 389-ds ports are available check_dirsrv(options.unattended) + if setup_ca: + if not cainstance.check_port(): + print "IPA requires port 8443 for PKI but it is currently in use." + sys.exit("Aborting installation") + if options.conf_ntp: try: ipaclient.ntpconf.check_timedate_services() diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py index 209c9eb15..978b98a58 100644 --- a/ipaserver/install/cainstance.py +++ b/ipaserver/install/cainstance.py @@ -105,6 +105,14 @@ def check_inst(): return True +def check_port(): + """ + Check that dogtag port (8443) is available. + + Returns True when the port is free, False if it's taken. + """ + return not ipautil.host_port_open(None, 8443) + def get_preop_pin(instance_root, instance_name): # Only used for Dogtag 9 preop_pin = None |