From 452ffa143aadba5f16f4fe67720e28852fdf1fb7 Mon Sep 17 00:00:00 2001 From: Martin Kosek Date: Wed, 13 Mar 2013 14:42:12 +0100 Subject: Preserve order of servers in ipa-client-install When multiple servers are passed via --server option, ipadiscovery module changed its order. Make sure that we preserve it. Also make sure that user is always warned when a tested server is not available as then the server will be excluded from the fixed server list. Log messages were made more informative so that user knows which server is actually failing to be verified. https://fedorahosted.org/freeipa/ticket/3418 --- ipa-client/ipaclient/ipadiscovery.py | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) (limited to 'ipa-client/ipaclient') diff --git a/ipa-client/ipaclient/ipadiscovery.py b/ipa-client/ipaclient/ipadiscovery.py index 6ae9616de..9a58b9678 100644 --- a/ipa-client/ipaclient/ipadiscovery.py +++ b/ipa-client/ipaclient/ipadiscovery.py @@ -246,7 +246,7 @@ class IPADiscovery(object): self.realm = ldapret[2] self.server_source = self.realm_source = ( 'Discovered from LDAP DNS records in %s' % self.server) - valid_servers.insert(0, server) + valid_servers.append(server) # verified, we actually talked to the remote server and it # is definetely an IPA server verified_servers = True @@ -256,7 +256,7 @@ class IPADiscovery(object): break elif ldapret[0] == NO_ACCESS_TO_LDAP or ldapret[0] == NO_TLS_LDAP: ldapaccess = False - valid_servers.insert(0, server) + valid_servers.append(server) # we may set verified_servers below, we don't have it yet if autodiscovered: # No need to keep verifying servers if we discovered them @@ -264,11 +264,14 @@ class IPADiscovery(object): break elif ldapret[0] == NOT_IPA_SERVER: root_logger.warn( - '%s (realm %s) is not an IPA server', server, self.realm) + 'Skip %s: not an IPA server', server) elif ldapret[0] == NO_LDAP_SERVER: - root_logger.debug( - 'Unable to verify that %s (realm %s) is an IPA server', - server, self.realm) + root_logger.warn( + 'Skip %s: LDAP server is not responding, unable to verify if ' + 'this is an IPA server', server) + else: + root_logger.warn( + 'Skip %s: cannot verify if this is an IPA server', server) # If one of LDAP servers checked rejects access (maybe anonymous # bind is disabled), assume realm and basedn generated off domain. @@ -396,7 +399,7 @@ class IPADiscovery(object): return [UNKNOWN_ERROR] except errors.DatabaseTimeout: - root_logger.error("LDAP Error: timeout") + root_logger.debug("LDAP Error: timeout") return [NO_LDAP_SERVER] except errors.NetworkError, err: root_logger.debug("LDAP Error: %s" % err.strerror) @@ -405,10 +408,10 @@ class IPADiscovery(object): root_logger.debug("LDAP Error: Anonymous access not allowed") return [NO_ACCESS_TO_LDAP] except errors.DatabaseError, err: - root_logger.error("Error checking LDAP: %s" % err.strerror) + root_logger.debug("Error checking LDAP: %s" % err.strerror) return [UNKNOWN_ERROR] except Exception, err: - root_logger.error("Error checking LDAP: %s" % err) + root_logger.debug("Error checking LDAP: %s" % err) return [UNKNOWN_ERROR] -- cgit