diff options
author | Jan Cholasta <jcholast@redhat.com> | 2016-06-29 14:16:42 +0200 |
---|---|---|
committer | Jan Cholasta <jcholast@redhat.com> | 2016-06-30 11:54:47 +0200 |
commit | 99339bf7892fcc1201e06e6a8105b0bb4681c4f4 (patch) | |
tree | 6499cbbf7963fc5e0e06628cd867ef7cdc157cf3 | |
parent | ce93b091d2ffbafedc721551f437631eed0e5a86 (diff) | |
download | freeipa-99339bf7892fcc1201e06e6a8105b0bb4681c4f4.tar.gz freeipa-99339bf7892fcc1201e06e6a8105b0bb4681c4f4.tar.xz freeipa-99339bf7892fcc1201e06e6a8105b0bb4681c4f4.zip |
replica install: don't allow install against a newer server
If the version of the remote server is higher than the local version, don't
allow installing a replica of it.
https://fedorahosted.org/freeipa/ticket/5983
Reviewed-By: Petr Spacek <pspacek@redhat.com>
-rw-r--r-- | ipaserver/install/server/replicainstall.py | 28 |
1 files changed, 26 insertions, 2 deletions
diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py index 9e5bc0aa8..e6e43024d 100644 --- a/ipaserver/install/server/replicainstall.py +++ b/ipaserver/install/server/replicainstall.py @@ -5,6 +5,7 @@ from __future__ import print_function import collections +from distutils.version import LooseVersion import dns.exception as dnsexception import dns.name as dnsname import dns.resolver as dnsresolver @@ -25,7 +26,7 @@ from ipapython.ipa_log_manager import root_logger from ipaplatform import services from ipaplatform.tasks import tasks from ipaplatform.paths import paths -from ipalib import api, certstore, constants, create_api, errors, x509 +from ipalib import api, certstore, constants, create_api, errors, rpc, x509 import ipaclient.ipachangeconf import ipaclient.ntpconf from ipaserver.install import ( @@ -478,6 +479,24 @@ def promote_openldap_conf(hostname, master): root_logger.info("Failed to update {}: {}".format(ldap_conf, e)) +def check_remote_version(api): + client = rpc.jsonclient(api) + client.finalize() + + client.connect() + try: + env = client.forward(u'env', u'version')['result'] + finally: + client.disconnect() + + remote_version = env['version'] + version = api.env.version + if LooseVersion(remote_version) > LooseVersion(version): + raise RuntimeError( + "Cannot install replica of a server of higher version ({}) than" + "the local version ({})".format(remote_version, version)) + + @common_cleanup def install_check(installer): options = installer @@ -1094,10 +1113,15 @@ def promote_check(installer): "the client and try again.") ldapuri = 'ldaps://%s' % ipautil.format_netloc(config.master_host_name) + xmlrpc_uri = 'https://{}/ipa/xml'.format( + ipautil.format_netloc(config.master_host_name)) remote_api = create_api(mode=None) remote_api.bootstrap(in_server=True, context='installer', - ldap_uri=ldapuri) + ldap_uri=ldapuri, xmlrpc_uri=xmlrpc_uri) remote_api.finalize() + + check_remote_version(remote_api) + conn = remote_api.Backend.ldap2 replman = None try: |