diff options
author | Martin Kosek <mkosek@redhat.com> | 2013-03-14 09:18:07 +0100 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2013-03-14 09:36:08 +0100 |
commit | af4a1e53f782a977a053bb3b986a712dc5a65fbf (patch) | |
tree | 0ebd5449345550a20a1f8bb4de6cd9c27bb1e830 | |
parent | 46d9ab64a59416a644366b78cd98ecda04c8af2c (diff) | |
download | freeipa.git-af4a1e53f782a977a053bb3b986a712dc5a65fbf.tar.gz freeipa.git-af4a1e53f782a977a053bb3b986a712dc5a65fbf.tar.xz freeipa.git-af4a1e53f782a977a053bb3b986a712dc5a65fbf.zip |
Preserve order of servers in ipa-client-install
When multiple servers are passed via --server option, ipadiscovery
module changed its order. Make sure that we preserve it.
Also make sure that user is always warned when a tested server is
not available as then the server will be excluded from the fixed
server list. Log messages were made more informative so that user
knows which server is actually failing to be verified.
https://fedorahosted.org/freeipa/ticket/3418
-rw-r--r-- | ipa-client/ipaclient/ipadiscovery.py | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/ipa-client/ipaclient/ipadiscovery.py b/ipa-client/ipaclient/ipadiscovery.py index 7fc6aae8..49b6b31f 100644 --- a/ipa-client/ipaclient/ipadiscovery.py +++ b/ipa-client/ipaclient/ipadiscovery.py @@ -248,7 +248,7 @@ class IPADiscovery(object): self.realm = ldapret[2] self.server_source = self.realm_source = ( 'Discovered from LDAP DNS records in %s' % self.server) - valid_servers.insert(0, server) + valid_servers.append(server) # verified, we actually talked to the remote server and it # is definetely an IPA server verified_servers = True @@ -258,7 +258,7 @@ class IPADiscovery(object): break elif ldapret[0] == NO_ACCESS_TO_LDAP or ldapret[0] == NO_TLS_LDAP: ldapaccess = False - valid_servers.insert(0, server) + valid_servers.append(server) # we may set verified_servers below, we don't have it yet if autodiscovered: # No need to keep verifying servers if we discovered them @@ -266,11 +266,14 @@ class IPADiscovery(object): break elif ldapret[0] == NOT_IPA_SERVER: root_logger.warn( - '%s (realm %s) is not an IPA server', server, self.realm) + 'Skip %s: not an IPA server', server) elif ldapret[0] == NO_LDAP_SERVER: - root_logger.debug( - 'Unable to verify that %s (realm %s) is an IPA server', - server, self.realm) + root_logger.warn( + 'Skip %s: LDAP server is not responding, unable to verify if ' + 'this is an IPA server', server) + else: + root_logger.warn( + 'Skip %s: cannot verify if this is an IPA server', server) # If one of LDAP servers checked rejects access (maybe anonymous # bind is disabled), assume realm and basedn generated off domain. @@ -401,7 +404,7 @@ class IPADiscovery(object): root_logger.debug("LDAP server returned UNWILLING_TO_PERFORM. This likely means that minssf is enabled") return [NO_TLS_LDAP] - root_logger.error("LDAP Error: %s: %s" % + root_logger.debug("LDAP Error: %s: %s" % (err.args[0]['desc'], err.args[0].get('info', ''))) return [UNKNOWN_ERROR] |