diff options
| author | Martin Babinsky <mbabinsk@redhat.com> | 2016-06-08 18:25:55 +0200 |
|---|---|---|
| committer | Martin Basti <mbasti@redhat.com> | 2016-06-17 18:55:19 +0200 |
| commit | a6eb87bd68295e15ea19f5cb274cffbef5954d04 (patch) | |
| tree | 0fb3ca783ca7e06fa6594954ea4d227c7ac1797d /ipalib | |
| parent | db882ae8d6eba768e08be9317e386f8ab3c8fcf7 (diff) | |
| download | freeipa-a6eb87bd68295e15ea19f5cb274cffbef5954d04.tar.gz freeipa-a6eb87bd68295e15ea19f5cb274cffbef5954d04.tar.xz freeipa-a6eb87bd68295e15ea19f5cb274cffbef5954d04.zip | |
server-del: perform full master removal in managed topology
This patch implements most of the del_master_managed() functionality as a part
of `server-del` command.
`server-del` nows performs these actions:
* check topology connectivity
* check that at least one CA/DNS server and DNSSec masters are left
after removal
* cleanup all LDAP entries/attributes exposing information about the master
* cleanup master DNS records
* remove master and service principals
* remove master entry from LDAP
* check that all segments pointing to the master were removed
`server-del` now accepts the following options:
* `--force`: force master removal even if it doesn't exist
* `--ignore-topology-disconnect`: ignore errors arising from disconnected
topology before and after master removal
* `--ignore-last-of-role`: remove master even if it is last DNS server,
and DNSSec key master. The last CA will *not* be removed regardless of
this option.
https://fedorahosted.org/freeipa/ticket/5588
Reviewed-By: Martin Basti <mbasti@redhat.com>
Diffstat (limited to 'ipalib')
| -rw-r--r-- | ipalib/errors.py | 18 | ||||
| -rw-r--r-- | ipalib/messages.py | 17 |
2 files changed, 34 insertions, 1 deletions
diff --git a/ipalib/errors.py b/ipalib/errors.py index 406a940e5..71c12f9d3 100644 --- a/ipalib/errors.py +++ b/ipalib/errors.py @@ -1379,6 +1379,24 @@ class InvalidDomainLevelError(ExecutionError): errno = 4032 format = _('%(reason)s') + +class ServerRemovalError(ExecutionError): + """ + **4033** Raised when a removal of IPA server from managed topology fails + + For example: + + >>> raise ServerRemovalError(reason='Removal disconnects topology') + Traceback (most recent call last): + ... + ServerRemovalError: Server removal aborted: Removal disconnects topology + + """ + + errno = 4033 + format = _('Server removal aborted: %(reason)s.') + + class BuiltinError(ExecutionError): """ **4100** Base class for builtin execution errors (*4100 - 4199*). diff --git a/ipalib/messages.py b/ipalib/messages.py index 910a93e33..d8cee9e83 100644 --- a/ipalib/messages.py +++ b/ipalib/messages.py @@ -364,7 +364,6 @@ class ResultFormattingError(PublicMessage): **13019** Unable to correctly format some part of the result """ errno = 13019 - type = "warning" class FailedToRemoveHostDNSRecords(PublicMessage): @@ -446,6 +445,22 @@ class LocationWithoutDNSServer(PublicMessage): ) +class ServerRemovalInfo(PublicMessage): + """ + **13027** Informative message printed during removal of IPA server + """ + errno = 13027 + type = "info" + + +class ServerRemovalWarning(PublicMessage): + """ + **13028** Warning raised during removal of IPA server + """ + errno = 13028 + type = "warning" + + def iter_messages(variables, base): """Return a tuple with all subclasses """ |