diff options
| author | Martin Babinsky <mbabinsk@redhat.com> | 2015-10-29 14:53:25 +0100 |
|---|---|---|
| committer | Petr Vobornik <pvoborni@redhat.com> | 2015-11-05 17:50:17 +0100 |
| commit | 4d94367006287ed0a04c092a7b86096518cf5b8c (patch) | |
| tree | 0c05cd182caf39df695ee795b309aee7648aca1c | |
| parent | 85253b9c40d2b2734a5ed761f324c6177d1a74bc (diff) | |
| download | freeipa-4d94367006287ed0a04c092a7b86096518cf5b8c.tar.gz freeipa-4d94367006287ed0a04c092a7b86096518cf5b8c.tar.xz freeipa-4d94367006287ed0a04c092a7b86096518cf5b8c.zip | |
ipa-replica-prepare: domain level check improvements
ipa-replica-prepare command is disabled in non-zero domain-level. Instead of
raising and exception with the whole message instructing the user to promote
replicas from enrolled clients in level 1+ topologies, the exception itself
contains only a brief informative message and the rest is logged at error
level.
https://fedorahosted.org/freeipa/ticket/5175
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
| -rw-r--r-- | ipaserver/install/ipa_replica_prepare.py | 21 |
1 files changed, 17 insertions, 4 deletions
diff --git a/ipaserver/install/ipa_replica_prepare.py b/ipaserver/install/ipa_replica_prepare.py index 8998bc094..327deed77 100644 --- a/ipaserver/install/ipa_replica_prepare.py +++ b/ipaserver/install/ipa_replica_prepare.py @@ -175,7 +175,7 @@ class ReplicaPrepare(admintool.AdminTool): api.bootstrap(in_server=True) api.finalize() - self.check_domainlevel(api) + self.check_for_supported_domain_level() if api.env.host == self.replica_fqdn: raise admintool.ScriptError("You can't create a replica on itself") @@ -690,12 +690,25 @@ class ReplicaPrepare(admintool.AdminTool): '-o', ca_file ]) - def check_domainlevel(self, api): + def check_for_supported_domain_level(self): + """ + check if we are in 0-level topology. If not, raise an error pointing + the user to the replica promotion pathway + """ + domain_level = dsinstance.get_domain_level(api) if domain_level > DOMAIN_LEVEL_0: - raise RuntimeError( + self.log.error( UNSUPPORTED_DOMAIN_LEVEL_TEMPLATE.format( command_name=self.command_name, domain_level=DOMAIN_LEVEL_0, - curr_domain_level=domain_level) + curr_domain_level=domain_level + ) + ) + raise errors.InvalidDomainLevelError( + reason="'{command}' is allowed only in domain level " + "{prep_domain_level}".format( + command=self.command_name, + prep_domain_level=DOMAIN_LEVEL_0 + ) ) |