diff options
author | Ana Krivokapic <akrivoka@redhat.com> | 2013-09-02 10:56:19 +0200 |
---|---|---|
committer | Petr Viktorin <pviktori@redhat.com> | 2013-09-02 16:28:37 +0200 |
commit | de7b1f86dc5bc120e570a99e722a06865cad3fdd (patch) | |
tree | fde689c6d427c4c94d507d315d11ecfec505f8fb /ipaserver/install/dsinstance.py | |
parent | f40cb4c031b21940309ff1fbbf6b4f64aa5a6c39 (diff) | |
download | freeipa.git-de7b1f86dc5bc120e570a99e722a06865cad3fdd.tar.gz freeipa.git-de7b1f86dc5bc120e570a99e722a06865cad3fdd.tar.xz freeipa.git-de7b1f86dc5bc120e570a99e722a06865cad3fdd.zip |
Create DS user and group during ipa-restore
ipa-restore would fail if DS user did not exist. Check for presence of DS
user and group and create them if needed.
https://fedorahosted.org/freeipa/ticket/3856
Diffstat (limited to 'ipaserver/install/dsinstance.py')
-rw-r--r-- | ipaserver/install/dsinstance.py | 66 |
1 files changed, 48 insertions, 18 deletions
diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py index f543efad..06f9e3a4 100644 --- a/ipaserver/install/dsinstance.py +++ b/ipaserver/install/dsinstance.py @@ -27,6 +27,7 @@ import time import tempfile import base64 import stat +import grp from ipapython.ipa_log_manager import * from ipapython import ipautil, sysrestore, ipaldap @@ -130,6 +131,52 @@ def check_ports(): def is_ds_running(server_id=''): return ipaservices.knownservices.dirsrv.is_running(instance_name=server_id) + +def create_ds_user(): + """ + Create DS user if it doesn't exist yet. + """ + try: + pwd.getpwnam(DS_USER) + root_logger.debug('DS user %s exists', DS_USER) + except KeyError: + root_logger.debug('Adding DS user %s', DS_USER) + args = [ + '/usr/sbin/useradd', + '-g', DS_GROUP, + '-c', 'DS System User', + '-d', '/var/lib/dirsrv', + '-s', '/sbin/nologin', + '-M', '-r', DS_USER + ] + try: + ipautil.run(args) + root_logger.debug('Done adding DS user') + except ipautil.CalledProcessError, e: + root_logger.critical('Failed to add DS user: %s', e) + + +def create_ds_group(): + """ + Create DS group if it doesn't exist yet. + Returns True if the group already exists. + """ + try: + grp.getgrnam(DS_GROUP) + root_logger.debug('DS group %s exists', DS_GROUP) + group_exists = True + except KeyError: + group_exists = False + root_logger.debug('Adding DS group %s', DS_GROUP) + args = ['/usr/sbin/groupadd', '-r', DS_GROUP] + try: + ipautil.run(args) + root_logger.debug('Done adding DS group') + except ipautil.CalledProcessError, e: + root_logger.critical('Failed to add DS group: %s', e) + + return group_exists + INF_TEMPLATE = """ [General] FullMachineName= $FQDN @@ -194,7 +241,7 @@ class DsInstance(service.Service): def __common_setup(self, enable_ssl=False): - self.step("creating directory server user", self.__create_ds_user) + self.step("creating directory server user", create_ds_user) self.step("creating directory server instance", self.__create_instance) self.step("adding default schema", self.__add_default_schemas) self.step("enabling memberof plugin", self.__add_memberof_module) @@ -346,23 +393,6 @@ class DsInstance(service.Service): IDRANGE_SIZE=idrange_size ) - def __create_ds_user(self): - try: - pwd.getpwnam(DS_USER) - root_logger.debug("ds user %s exists" % DS_USER) - except KeyError: - root_logger.debug("adding ds user %s" % DS_USER) - args = ["/usr/sbin/useradd", "-g", DS_GROUP, - "-c", "DS System User", - "-d", "/var/lib/dirsrv", - "-s", "/sbin/nologin", - "-M", "-r", DS_USER] - try: - ipautil.run(args) - root_logger.debug("done adding user") - except ipautil.CalledProcessError, e: - root_logger.critical("failed to add user %s" % e) - def __create_instance(self): pent = pwd.getpwnam(DS_USER) |