summaryrefslogtreecommitdiffstats
path: root/install
diff options
context:
space:
mode:
Diffstat (limited to 'install')
-rwxr-xr-xinstall/certmonger/dogtag-ipa-ca-renew-agent-submit6
-rwxr-xr-xinstall/certmonger/ipa-server-guard4
-rwxr-xr-xinstall/tools/ipa-adtrust-install155
-rwxr-xr-xinstall/tools/ipa-compat-manage46
-rwxr-xr-xinstall/tools/ipa-csreplica-manage55
-rwxr-xr-xinstall/tools/ipa-dns-install4
-rwxr-xr-xinstall/tools/ipa-managed-entries38
-rwxr-xr-xinstall/tools/ipa-nis-manage28
-rwxr-xr-xinstall/tools/ipa-replica-conncheck18
-rwxr-xr-xinstall/tools/ipa-replica-manage269
-rwxr-xr-xinstall/tools/ipactl38
11 files changed, 343 insertions, 318 deletions
diff --git a/install/certmonger/dogtag-ipa-ca-renew-agent-submit b/install/certmonger/dogtag-ipa-ca-renew-agent-submit
index c6fb2deb9..9f65b0515 100755
--- a/install/certmonger/dogtag-ipa-ca-renew-agent-submit
+++ b/install/certmonger/dogtag-ipa-ca-renew-agent-submit
@@ -19,6 +19,8 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
+from __future__ import print_function
+
import os
# Prevent garbage from readline on standard output
# (see https://fedorahosted.org/freeipa/ticket/4064)
@@ -456,7 +458,7 @@ def main():
res = call_handler(handler)
for item in res[1:]:
- print item
+ print(item)
return res[0]
finally:
certs.renewal_lock.release()
@@ -466,5 +468,5 @@ try:
sys.exit(main())
except Exception as e:
syslog.syslog(syslog.LOG_ERR, traceback.format_exc())
- print "Internal error"
+ print("Internal error")
sys.exit(UNREACHABLE)
diff --git a/install/certmonger/ipa-server-guard b/install/certmonger/ipa-server-guard
index cd6654a09..7ce3e43fc 100755
--- a/install/certmonger/ipa-server-guard
+++ b/install/certmonger/ipa-server-guard
@@ -19,6 +19,8 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
+from __future__ import print_function
+
import os
# Prevent garbage from readline on standard output
# (see https://fedorahosted.org/freeipa/ticket/4064)
@@ -51,5 +53,5 @@ try:
sys.exit(main())
except Exception as e:
syslog.syslog(syslog.LOG_ERR, traceback.format_exc())
- print "Internal error"
+ print("Internal error")
sys.exit(3)
diff --git a/install/tools/ipa-adtrust-install b/install/tools/ipa-adtrust-install
index 4d0e5707e..9ff1ac9be 100755
--- a/install/tools/ipa-adtrust-install
+++ b/install/tools/ipa-adtrust-install
@@ -21,7 +21,10 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
+from __future__ import print_function
+
import gssapi
+
from ipaserver.install import adtrustinstance
from ipaserver.install.installutils import *
from ipaserver.install import service
@@ -74,22 +77,22 @@ def parse_options():
return safe_options, options
def netbios_name_error(name):
- print "\nIllegal NetBIOS name [%s].\n" % name
- print "Up to 15 characters and only uppercase ASCII letter and digits are allowed."
+ print("\nIllegal NetBIOS name [%s].\n" % name)
+ print("Up to 15 characters and only uppercase ASCII letter and digits are allowed.")
def read_netbios_name(netbios_default):
netbios_name = ""
- print "Enter the NetBIOS name for the IPA domain."
- print "Only up to 15 uppercase ASCII letters and digits are allowed."
- print "Example: EXAMPLE."
- print ""
- print ""
+ print("Enter the NetBIOS name for the IPA domain.")
+ print("Only up to 15 uppercase ASCII letters and digits are allowed.")
+ print("Example: EXAMPLE.")
+ print("")
+ print("")
if not netbios_default:
netbios_default = "EXAMPLE"
while True:
netbios_name = ipautil.user_input("NetBIOS domain name", netbios_default, allow_empty = False)
- print ""
+ print("")
if adtrustinstance.check_netbios_name(netbios_name):
break
@@ -98,9 +101,9 @@ def read_netbios_name(netbios_default):
return netbios_name
def read_admin_password(admin_name):
- print "Configuring cross-realm trusts for IPA server requires password for user '%s'." % (admin_name)
- print "This user is a regular system account used for IPA server administration."
- print ""
+ print("Configuring cross-realm trusts for IPA server requires password for user '%s'." % (admin_name))
+ print("This user is a regular system account used for IPA server administration.")
+ print("")
admin_password = read_password(admin_name, confirm=False, validate=None)
return admin_password
@@ -139,17 +142,17 @@ def set_and_check_netbios_name(netbios_name, unattended):
reset_netbios_name = False
elif cur_netbios_name and cur_netbios_name != netbios_name:
# change the NetBIOS name
- print "Current NetBIOS domain name is %s, new name is %s.\n" % \
- (cur_netbios_name, netbios_name)
- print "Please note that changing the NetBIOS name might " \
- "break existing trust relationships."
+ print("Current NetBIOS domain name is %s, new name is %s.\n" % \
+ (cur_netbios_name, netbios_name))
+ print("Please note that changing the NetBIOS name might " \
+ "break existing trust relationships.")
if unattended:
reset_netbios_name = True
- print "NetBIOS domain name will be changed to %s.\n" % \
- netbios_name
+ print("NetBIOS domain name will be changed to %s.\n" % \
+ netbios_name)
else:
- print "Say 'yes' if the NetBIOS shall be changed and " \
- "'no' if the old one shall be kept."
+ print("Say 'yes' if the NetBIOS shall be changed and " \
+ "'no' if the old one shall be kept.")
reset_netbios_name = ipautil.user_input(
'Do you want to reset the NetBIOS domain name?',
default = False, allow_empty = False)
@@ -164,8 +167,8 @@ def set_and_check_netbios_name(netbios_name, unattended):
if entry is not None:
# Fix existing trust configuration
- print "Trust is configured but no NetBIOS domain name found, " \
- "setting it now."
+ print("Trust is configured but no NetBIOS domain name found, " \
+ "setting it now.")
reset_netbios_name = True
else:
# initial trust configuration
@@ -195,16 +198,16 @@ def ensure_admin_kinit(admin_name, admin_password):
try:
ipautil.run(['kinit', admin_name], stdin=admin_password+'\n')
except ipautil.CalledProcessError as e:
- print "There was error to automatically re-kinit your admin user ticket."
+ print("There was error to automatically re-kinit your admin user ticket.")
return False
return True
def enable_compat_tree():
- print "Do you want to enable support for trusted domains in Schema Compatibility plugin?"
- print "This will allow clients older than SSSD 1.9 and non-Linux clients to work with trusted users."
- print ""
+ print("Do you want to enable support for trusted domains in Schema Compatibility plugin?")
+ print("This will allow clients older than SSSD 1.9 and non-Linux clients to work with trusted users.")
+ print("")
enable_compat = ipautil.user_input("Enable trusted domains support in slapi-nis?", default = False, allow_empty = False)
- print ""
+ print("")
return enable_compat
@@ -215,7 +218,7 @@ def main():
sys.exit("Must be root to setup AD trusts on server")
standard_logging_setup(log_file_name, debug=options.debug, filemode='a')
- print "\nThe log file for this installation can be found in %s" % log_file_name
+ print("\nThe log file for this installation can be found in %s" % log_file_name)
root_logger.debug('%s was invoked with options: %s' % (sys.argv[0], safe_options))
root_logger.debug("missing options might be asked for interactively later\n")
@@ -226,18 +229,18 @@ def main():
global fstore
fstore = sysrestore.FileStore(paths.SYSRESTORE)
- print "=============================================================================="
- print "This program will setup components needed to establish trust to AD domains for"
- print "the FreeIPA Server."
- print ""
- print "This includes:"
- print " * Configure Samba"
- print " * Add trust related objects to FreeIPA LDAP server"
+ print("==============================================================================")
+ print("This program will setup components needed to establish trust to AD domains for")
+ print("the FreeIPA Server.")
+ print("")
+ print("This includes:")
+ print(" * Configure Samba")
+ print(" * Add trust related objects to FreeIPA LDAP server")
#TODO:
#print " * Add a SID to all users and Posix groups"
- print ""
- print "To accept the default shown in brackets, press the Enter key."
- print ""
+ print("")
+ print("To accept the default shown in brackets, press the Enter key.")
+ print("")
# Check if samba packages are installed
if not adtrustinstance.check_inst():
@@ -272,7 +275,7 @@ def main():
if adtrustinstance.ipa_smb_conf_exists():
if not options.unattended:
- print "IPA generated smb.conf detected."
+ print("IPA generated smb.conf detected.")
if not ipautil.user_input("Overwrite smb.conf?",
default = False,
allow_empty = False):
@@ -299,7 +302,7 @@ def main():
if admin_password:
admin_kinited = ensure_admin_kinit(options.admin_name, admin_password)
if not admin_kinited:
- print "Proceeding with credentials that existed before"
+ print("Proceeding with credentials that existed before")
try:
principal = krb_utils.get_principal()
@@ -343,32 +346,32 @@ def main():
# All objects have SIDs assigned
pass
except (errors.DatabaseError, errors.NetworkError) as e:
- print "Could not retrieve a list of objects that need a SID identifier assigned:"
- print unicode(e)
+ print("Could not retrieve a list of objects that need a SID identifier assigned:")
+ print(unicode(e))
else:
object_count = len(entries)
if object_count > 0:
- print ""
- print "WARNING: %d existing users or groups do not have a SID identifier assigned." \
- % len(entries)
- print "Installer can run a task to have ipa-sidgen Directory Server plugin generate"
- print "the SID identifier for all these users. Please note, the in case of a high"
- print "number of users and groups, the operation might lead to high replication"
- print "traffic and performance degradation. Refer to ipa-adtrust-install(1) man page"
- print "for details."
- print ""
+ print("")
+ print("WARNING: %d existing users or groups do not have a SID identifier assigned." \
+ % len(entries))
+ print("Installer can run a task to have ipa-sidgen Directory Server plugin generate")
+ print("the SID identifier for all these users. Please note, the in case of a high")
+ print("number of users and groups, the operation might lead to high replication")
+ print("traffic and performance degradation. Refer to ipa-adtrust-install(1) man page")
+ print("for details.")
+ print("")
if options.unattended:
- print "Unattended mode was selected, installer will NOT run ipa-sidgen task!"
+ print("Unattended mode was selected, installer will NOT run ipa-sidgen task!")
else:
if ipautil.user_input("Do you want to run the ipa-sidgen task?", default=False,
allow_empty=False):
options.add_sids = True
if not options.unattended:
- print ""
- print "The following operations may take some minutes to complete."
- print "Please wait until the prompt is returned."
- print ""
+ print("")
+ print("The following operations may take some minutes to complete.")
+ print("Please wait until the prompt is returned.")
+ print("")
smb = adtrustinstance.ADTRUSTInstance(fstore)
smb.realm = api.env.realm
@@ -399,8 +402,8 @@ def main():
except errors.NotFound:
pass
except (errors.DatabaseError, errors.NetworkError) as e:
- print "Could not retrieve a list of existing IPA masters:"
- print unicode(e)
+ print("Could not retrieve a list of existing IPA masters:")
+ print(unicode(e))
try:
(entries_a, truncated) = smb.admin_conn.find_entries(filter="",
@@ -408,8 +411,8 @@ def main():
except errors.NotFound:
pass
except (errors.DatabaseError, errors.NetworkError) as e:
- print "Could not retrieve a list of adtrust agents:"
- print unicode(e)
+ print("Could not retrieve a list of adtrust agents:")
+ print(unicode(e))
if len(entries_m) > 0:
existing_masters = [x['cn'][0] for x in entries_m]
@@ -427,18 +430,18 @@ def main():
object_count = len(potential_agents)
if object_count > 0:
- print ""
- print "WARNING: %d IPA masters are not yet able to serve information about users from trusted forests." \
- % (object_count)
- print "Installer can add them to the list of IPA masters allowed to access infromation about trusts."
- print "If you choose to do so, you also need to restart LDAP service on those masters."
- print "Refer to ipa-adtrust-install(1) man page for details."
- print ""
+ print("")
+ print("WARNING: %d IPA masters are not yet able to serve information about users from trusted forests." \
+ % (object_count))
+ print("Installer can add them to the list of IPA masters allowed to access infromation about trusts.")
+ print("If you choose to do so, you also need to restart LDAP service on those masters.")
+ print("Refer to ipa-adtrust-install(1) man page for details.")
+ print("")
if options.unattended:
- print "Unattended mode was selected, installer will NOT add other IPA masters to the list of allowed to"
- print "access information about trusted forests!"
+ print("Unattended mode was selected, installer will NOT add other IPA masters to the list of allowed to")
+ print("access information about trusted forests!")
else:
- print "Do you want to allow following IPA masters to serve information about users from trusted forests?"
+ print("Do you want to allow following IPA masters to serve information about users from trusted forests?")
for (name, dn) in potential_agents:
if name == api.env.host:
# Don't add this host here
@@ -453,13 +456,13 @@ def main():
# the principal's proper dn as defined in self.cifs_agent
service.add_principals_to_group(smb.admin_conn, agents_dn, "member",
[x[1] for x in new_agents])
- print """
+ print("""
WARNING: you MUST restart (e.g. ipactl restart) the following IPA masters in order
-to activate them to serve information about users from trusted forests:"""
+to activate them to serve information about users from trusted forests:""")
for x in new_agents:
- print x[0]
+ print(x[0])
- print """
+ print("""
=============================================================================
Setup complete
@@ -475,15 +478,15 @@ You must make sure these network ports are open:
\t * 445: microsoft-ds
=============================================================================
-"""
+""")
if admin_password:
admin_kinited = ensure_admin_kinit(options.admin_name, admin_password)
if not admin_kinited:
- print """
+ print("""
WARNING: you MUST re-kinit admin user before using 'ipa trust-*' commands
family in order to re-generate Kerberos tickets to include AD-specific
-information"""
+information""")
return 0
diff --git a/install/tools/ipa-compat-manage b/install/tools/ipa-compat-manage
index a7477c71c..4d56c61a2 100755
--- a/install/tools/ipa-compat-manage
+++ b/install/tools/ipa-compat-manage
@@ -19,6 +19,8 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
+from __future__ import print_function
+
import sys
from ipaplatform.paths import paths
try:
@@ -31,12 +33,12 @@ try:
from ipapython.ipa_log_manager import *
from ipapython.dn import DN
except ImportError as e:
- print >> sys.stderr, """\
+ print("""\
There was a problem importing one of the required Python modules. The
error was:
%s
-""" % e
+""" % e, file=sys.stderr)
sys.exit(1)
compat_dn = DN(('cn', 'Schema Compatibility'), ('cn', 'plugins'), ('cn', 'config'))
@@ -121,34 +123,34 @@ def main():
try:
entry = get_entry(compat_dn, conn)
if entry is not None and entry.get('nsslapd-pluginenabled', [''])[0].lower() == 'on':
- print "Plugin Enabled"
+ print("Plugin Enabled")
else:
- print "Plugin Disabled"
+ print("Plugin Disabled")
except errors.LDAPError as lde:
- print "An error occurred while talking to the server."
- print lde
+ print("An error occurred while talking to the server.")
+ print(lde)
if args[0] == "enable":
entry = None
try:
entry = get_entry(compat_dn, conn)
if entry is not None and entry.get('nsslapd-pluginenabled', [''])[0].lower() == 'on':
- print "Plugin already Enabled"
+ print("Plugin already Enabled")
retval = 2
else:
- print "Enabling plugin"
+ print("Enabling plugin")
if entry is None:
ld = LDAPUpdate(dm_password=dirman_password, sub_dict={})
if not ld.update(files):
- print "Updating Directory Server failed."
+ print("Updating Directory Server failed.")
retval = 1
else:
entry['nsslapd-pluginenabled'] = ['on']
conn.update_entry(entry)
except errors.ExecutionError as lde:
- print "An error occurred while talking to the server."
- print lde
+ print("An error occurred while talking to the server.")
+ print(lde)
retval = 1
elif args[0] == "disable":
@@ -157,12 +159,12 @@ def main():
entry = get_entry(nis_config_dn, conn)
# We can't disable schema compat if the NIS plugin is enabled
if entry is not None and entry.get('nsslapd-pluginenabled', [''])[0].lower() == 'on':
- print >>sys.stderr, "The NIS plugin is configured, cannot disable compatibility."
- print >>sys.stderr, "Run 'ipa-nis-manage disable' first."
+ print("The NIS plugin is configured, cannot disable compatibility.", file=sys.stderr)
+ print("Run 'ipa-nis-manage disable' first.", file=sys.stderr)
retval = 2
except errors.ExecutionError as lde:
- print "An error occurred while talking to the server."
- print lde
+ print("An error occurred while talking to the server.")
+ print(lde)
retval = 1
if retval == 0:
@@ -170,27 +172,27 @@ def main():
try:
entry = get_entry(compat_dn, conn)
if entry is None or entry.get('nsslapd-pluginenabled', [''])[0].lower() == 'off':
- print "Plugin is already disabled"
+ print("Plugin is already disabled")
retval = 2
else:
- print "Disabling plugin"
+ print("Disabling plugin")
entry['nsslapd-pluginenabled'] = ['off']
conn.update_entry(entry)
except errors.DatabaseError as dbe:
- print "An error occurred while talking to the server."
- print dbe
+ print("An error occurred while talking to the server.")
+ print(dbe)
retval = 1
except errors.ExecutionError as lde:
- print "An error occurred while talking to the server."
- print lde
+ print("An error occurred while talking to the server.")
+ print(lde)
retval = 1
else:
retval = 1
if retval == 0:
- print "This setting will not take effect until you restart Directory Server."
+ print("This setting will not take effect until you restart Directory Server.")
finally:
if conn and conn.isconnected():
diff --git a/install/tools/ipa-csreplica-manage b/install/tools/ipa-csreplica-manage
index 8cf621ec3..202a3cc74 100755
--- a/install/tools/ipa-csreplica-manage
+++ b/install/tools/ipa-csreplica-manage
@@ -19,6 +19,9 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
+
+from __future__ import print_function
+
import sys
import os
@@ -112,7 +115,7 @@ def list_replicas(realm, host, replica, dirman_passwd, verbose):
if not replica:
for k, p in peers.items():
- print '%s: %s' % (k, p[0])
+ print('%s: %s' % (k, p[0]))
return
try:
@@ -123,19 +126,19 @@ def list_replicas(realm, host, replica, dirman_passwd, verbose):
entries = repl.find_replication_agreements()
for entry in entries:
- print '%s' % entry.single_value.get('nsds5replicahost')
+ print('%s' % entry.single_value.get('nsds5replicahost'))
if verbose:
- print " last init status: %s" % entry.single_value.get(
- 'nsds5replicalastinitstatus')
- print " last init ended: %s" % str(
+ print(" last init status: %s" % entry.single_value.get(
+ 'nsds5replicalastinitstatus'))
+ print(" last init ended: %s" % str(
ipautil.parse_generalized_time(
- entry.single_value['nsds5replicalastinitend']))
- print " last update status: %s" % entry.single_value.get(
- 'nsds5replicalastupdatestatus')
- print " last update ended: %s" % str(
+ entry.single_value['nsds5replicalastinitend'])))
+ print(" last update status: %s" % entry.single_value.get(
+ 'nsds5replicalastupdatestatus'))
+ print(" last update ended: %s" % str(
ipautil.parse_generalized_time(
- entry.single_value['nsds5replicalastupdateend']))
+ entry.single_value['nsds5replicalastupdateend'])))
def del_link(realm, replica1, replica2, dirman_passwd, force=False):
@@ -175,13 +178,13 @@ def del_link(realm, replica1, replica2, dirman_passwd, force=False):
# Now that we've confirmed that both hostnames are vaild, make sure
# that we aren't removing the last link from either side.
if not force and len(repl_list) <= 1:
- print "Cannot remove the last replication link of '%s'" % replica2
- print "Please use the 'del' command to remove it from the domain"
+ print("Cannot remove the last replication link of '%s'" % replica2)
+ print("Please use the 'del' command to remove it from the domain")
sys.exit(1)
if not force and len(repl_list1) <= 1:
- print "Cannot remove the last replication link of '%s'" % replica1
- print "Please use the 'del' command to remove it from the domain"
+ print("Cannot remove the last replication link of '%s'" % replica1)
+ print("Please use the 'del' command to remove it from the domain")
sys.exit(1)
# Find the DN of the replication agreement to remove
@@ -196,11 +199,11 @@ def del_link(realm, replica1, replica2, dirman_passwd, force=False):
sys.exit("'%s' has no replication agreement for '%s'" % (replica1, replica2))
except errors.NotFound:
- print "'%s' has no replication agreement for '%s'" % (replica2, replica1)
+ print("'%s' has no replication agreement for '%s'" % (replica2, replica1))
if not force:
return
except Exception as e:
- print "Failed to get data from '%s': %s" % (replica2, e)
+ print("Failed to get data from '%s': %s" % (replica2, e))
if not force:
sys.exit(1)
@@ -210,22 +213,22 @@ def del_link(realm, replica1, replica2, dirman_passwd, force=False):
repl2.delete_agreement(replica1, replica2_dn)
repl2.delete_referral(replica1, repl1.port)
except Exception as e:
- print "Unable to remove agreement on %s: %s" % (replica2, e)
+ print("Unable to remove agreement on %s: %s" % (replica2, e))
failed = True
if failed:
if force:
- print "Forcing removal on '%s'" % replica1
+ print("Forcing removal on '%s'" % replica1)
else:
sys.exit(1)
if not repl2 and force:
- print "Forcing removal on '%s'" % replica1
+ print("Forcing removal on '%s'" % replica1)
repl1.delete_agreement(replica2, replica1_dn)
repl1.delete_referral(replica2, repl2.port)
- print "Deleted replication agreement from '%s' to '%s'" % (replica1, replica2)
+ print("Deleted replication agreement from '%s' to '%s'" % (replica1, replica2))
def del_master(realm, hostname, options):
@@ -250,10 +253,10 @@ def del_master(realm, hostname, options):
options.dirman_passwd)
except Exception as e:
if not options.force:
- print "Unable to delete replica %s: %s" % (hostname, e)
+ print("Unable to delete replica %s: %s" % (hostname, e))
sys.exit(1)
else:
- print "Unable to connect to replica %s, forcing removal" % hostname
+ print("Unable to connect to replica %s, forcing removal" % hostname)
force_del = True
# 4. Get list of agreements.
@@ -286,8 +289,8 @@ def del_master(realm, hostname, options):
bind = bindinstance.BindInstance()
bind.remove_ipa_ca_dns_records(hostname, realm.lower())
except Exception as e:
- print "Failed to cleanup %s DNS entries: %s" % (hostname, e)
- print "You may need to manually remove them from the tree"
+ print("Failed to cleanup %s DNS entries: %s" % (hostname, e))
+ print("You may need to manually remove them from the tree")
def add_link(realm, replica1, replica2, dirman_passwd, options):
try:
@@ -331,7 +334,7 @@ def add_link(realm, replica1, replica2, dirman_passwd, options):
repl1.setup_replication(
replica2, repl2.port, 0, DN(('cn', 'Directory Manager')),
dirman_passwd, is_cs_replica=True, local_port=repl1.port)
- print "Connected '%s' to '%s'" % (replica1, replica2)
+ print("Connected '%s' to '%s'" % (replica1, replica2))
def re_initialize(realm, options):
@@ -387,7 +390,7 @@ def set_renewal_master(realm, replica):
except Exception as e:
sys.exit("Failed to set renewal master to %s: %s" % (replica, e))
- print "%s is now the renewal master" % replica
+ print("%s is now the renewal master" % replica)
def main():
options, args = parse_options()
diff --git a/install/tools/ipa-dns-install b/install/tools/ipa-dns-install
index 34b952859..b6b922e88 100755
--- a/install/tools/ipa-dns-install
+++ b/install/tools/ipa-dns-install
@@ -19,6 +19,8 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
+from __future__ import print_function
+
from optparse import OptionGroup, SUPPRESS_HELP
from ipaserver.install import bindinstance, httpinstance
@@ -102,7 +104,7 @@ def main():
sys.exit("Must be root to setup server")
standard_logging_setup(log_file_name, debug=options.debug, filemode='a')
- print "\nThe log file for this installation can be found in %s" % log_file_name
+ print("\nThe log file for this installation can be found in %s" % log_file_name)
root_logger.debug('%s was invoked with options: %s' % (sys.argv[0], safe_options))
root_logger.debug("missing options might be asked for interactively later\n")
diff --git a/install/tools/ipa-managed-entries b/install/tools/ipa-managed-entries
index 25404060d..6737d6cff 100755
--- a/install/tools/ipa-managed-entries
+++ b/install/tools/ipa-managed-entries
@@ -18,6 +18,8 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
+from __future__ import print_function
+
import re
import sys
from optparse import OptionParser
@@ -117,9 +119,9 @@ def main():
sys.exit("Unable to find managed entries at %s" % managed_entry_definitions_dn)
managed_entries = [entry.single_value['cn'] for entry in entries]
if managed_entries:
- print "Available Managed Entry Definitions:"
+ print("Available Managed Entry Definitions:")
for managed_entry in managed_entries:
- print managed_entry
+ print(managed_entry)
retval = 0
sys.exit()
@@ -141,20 +143,20 @@ def main():
except errors.NotFound:
sys.exit("%s is not a valid Managed Entry" % def_dn)
except errors.ExecutionError as lde:
- print "An error occurred while talking to the server."
- print lde
+ print("An error occurred while talking to the server.")
+ print(lde)
if args[0] == "status":
if not disabled:
- print "Plugin Enabled"
+ print("Plugin Enabled")
else:
- print "Plugin Disabled"
+ print("Plugin Disabled")
return 0
if args[0] == "enable":
try:
if not disabled:
- print "Plugin already Enabled"
+ print("Plugin already Enabled")
retval = 2
else:
# Remove disable_attr from filter
@@ -162,13 +164,13 @@ def main():
#enable_attr = {'originfilter': enable_attr}
entry['originfilter'] = [enable_attr]
conn.update_entry(entry)
- print "Enabling Plugin"
+ print("Enabling Plugin")
retval = 0
except errors.NotFound:
- print "Enabling Plugin"
+ print("Enabling Plugin")
except errors.ExecutionError as lde:
- print "An error occurred while talking to the server."
- print lde
+ print("An error occurred while talking to the server.")
+ print(lde)
retval = 1
elif args[0] == "disable":
@@ -177,7 +179,7 @@ def main():
# disabling.
try:
if disabled:
- print "Plugin already disabled"
+ print("Plugin already disabled")
retval = 2
else:
if org_filter[:2] == '(&' and org_filter[-1] == ')':
@@ -186,17 +188,17 @@ def main():
disable_attr = '(&%s(%s))' % (disable_attr, org_filter)
entry['originfilter'] = [disable_attr]
conn.update_entry(entry)
- print "Disabling Plugin"
+ print("Disabling Plugin")
except errors.NotFound:
- print "Plugin is already disabled"
+ print("Plugin is already disabled")
retval = 2
except errors.DatabaseError as dbe:
- print "An error occurred while talking to the server."
- print dbe
+ print("An error occurred while talking to the server.")
+ print(dbe)
retval = 1
except errors.ExecutionError as lde:
- print "An error occurred while talking to the server."
- print lde
+ print("An error occurred while talking to the server.")
+ print(lde)
retval = 1
else:
diff --git a/install/tools/ipa-nis-manage b/install/tools/ipa-nis-manage
index 4017230aa..ac3c7907b 100755
--- a/install/tools/ipa-nis-manage
+++ b/install/tools/ipa-nis-manage
@@ -19,6 +19,8 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
+from __future__ import print_function
+
import sys
import os
from ipaplatform.paths import paths
@@ -33,12 +35,12 @@ try:
from ipapython.dn import DN
from ipaplatform import services
except ImportError as e:
- print >> sys.stderr, """\
+ print("""\
There was a problem importing one of the required Python modules. The
error was:
%s
-""" % e
+""" % e, file=sys.stderr)
sys.exit(1)
nis_config_dn = DN(('cn', 'NIS Server'), ('cn', 'plugins'), ('cn', 'config'))
@@ -137,8 +139,8 @@ def main():
try:
entry = get_entry(nis_config_dn, conn)
except errors.ExecutionError as lde:
- print "An error occurred while talking to the server."
- print lde
+ print("An error occurred while talking to the server.")
+ print(lde)
retval = 1
# Enable either the portmap or rpcbind service
@@ -153,23 +155,23 @@ def main():
rpcbind.enable()
servicemsg = rpcbind.service_name
except ipautil.CalledProcessError as cpe:
- print "Unable to enable either %s or %s" % (portmap.service_name, rpcbind.service_name)
+ print("Unable to enable either %s or %s" % (portmap.service_name, rpcbind.service_name))
retval = 3
# The cn=config entry for the plugin may already exist but it
# could be turned off, handle both cases.
if entry is None:
- print "Enabling plugin"
+ print("Enabling plugin")
ld = LDAPUpdate(dm_password=dirman_password, sub_dict={}, ldapi=True)
if ld.update(files) != True:
retval = 1
elif entry.get('nsslapd-pluginenabled', [''])[0].lower() == 'off':
- print "Enabling plugin"
+ print("Enabling plugin")
# Already configured, just enable the plugin
entry['nsslapd-pluginenabled'] = ['on']
conn.update_entry(entry)
else:
- print "Plugin already Enabled"
+ print("Plugin already Enabled")
retval = 2
elif args[0] == "disable":
@@ -178,21 +180,21 @@ def main():
entry['nsslapd-pluginenabled'] = ['off']
conn.update_entry(entry)
except (errors.NotFound, errors.EmptyModlist):
- print "Plugin is already disabled"
+ print("Plugin is already disabled")
retval = 2
except errors.LDAPError as lde:
- print "An error occurred while talking to the server."
- print lde
+ print("An error occurred while talking to the server.")
+ print(lde)
retval = 1
else:
retval = 1
if retval == 0:
- print "This setting will not take effect until you restart Directory Server."
+ print("This setting will not take effect until you restart Directory Server.")
if args[0] == "enable":
- print "The %s service may need to be started." % servicemsg
+ print("The %s service may need to be started." % servicemsg)
finally:
if conn and conn.isconnected():
diff --git a/install/tools/ipa-replica-conncheck b/install/tools/ipa-replica-conncheck
index 653dee57a..9050c8e08 100755
--- a/install/tools/ipa-replica-conncheck
+++ b/install/tools/ipa-replica-conncheck
@@ -18,6 +18,8 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
+from __future__ import print_function
+
from ipapython.config import IPAOptionParser
from ipapython import version
from ipapython import ipautil
@@ -54,7 +56,7 @@ class SshExec(object):
def __call__(self, command, verbose=False):
# Bail if ssh is not installed
if self.cmd is None:
- print "WARNING: ssh not installed, skipping ssh test"
+ print("WARNING: ssh not installed, skipping ssh test")
return ('', '', 0)
tmpf = tempfile.NamedTemporaryFile()
@@ -91,7 +93,7 @@ BASE_PORTS = [
def print_info(msg):
if not QUIET:
- print msg
+ print(msg)
def parse_options():
parser = IPAOptionParser(version=version.VERSION)
@@ -285,10 +287,10 @@ def port_check(host, port_list):
print_info(" %s (%d): %s" % (port.description, port.port, result))
if ports_udp_warning:
- print "The following UDP ports could not be verified as open: %s" \
- % ", ".join(str(port.port) for port in ports_udp_warning)
- print "This can happen if they are already bound to an application"
- print "and ipa-replica-conncheck cannot attach own UDP responder."
+ print("The following UDP ports could not be verified as open: %s" \
+ % ", ".join(str(port.port) for port in ports_udp_warning))
+ print("This can happen if they are already bound to an application")
+ print("and ipa-replica-conncheck cannot attach own UDP responder.")
if ports_failed:
msg_ports = []
@@ -394,9 +396,9 @@ def main():
print_info("Check SSH connection to remote master")
stdout, stderr, returncode = ssh('echo OK', verbose=True)
if returncode != 0:
- print 'Could not SSH into remote host. Error output:'
+ print('Could not SSH into remote host. Error output:')
for line in stderr.splitlines():
- print ' %s' % line
+ print(' %s' % line)
raise RuntimeError('Could not SSH to remote host.')
print_info("Execute check on remote master")
diff --git a/install/tools/ipa-replica-manage b/install/tools/ipa-replica-manage
index 9688dc4e7..58b62cdff 100755
--- a/install/tools/ipa-replica-manage
+++ b/install/tools/ipa-replica-manage
@@ -17,6 +17,9 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
+
+from __future__ import print_function
+
import sys
import os
@@ -159,14 +162,14 @@ def list_replicas(realm, host, replica, dirman_passwd, verbose, nolookup=False):
else:
conn.do_sasl_gssapi_bind()
except Exception as e:
- print "Failed to connect to host '%s': %s" % (host, str(e))
+ print("Failed to connect to host '%s': %s" % (host, str(e)))
return
dn = DN(('cn', 'masters'), ('cn', 'ipa'), ('cn', 'etc'), ipautil.realm_to_suffix(realm))
try:
entries = conn.get_entries(dn, conn.SCOPE_ONELEVEL)
except Exception:
- print "Failed to read master data from '%s': %s" % (host, str(e))
+ print("Failed to read master data from '%s': %s" % (host, str(e)))
return
else:
for ent in entries:
@@ -184,7 +187,7 @@ def list_replicas(realm, host, replica, dirman_passwd, verbose, nolookup=False):
if not replica:
for k, p in peers.items():
- print '%s: %s' % (k, p[0])
+ print('%s: %s' % (k, p[0]))
return
# ok we are being ask for info about a specific replica
@@ -195,7 +198,7 @@ def list_replicas(realm, host, replica, dirman_passwd, verbose, nolookup=False):
winsync_peer = p[1]
if not is_replica:
- print "Cannot find %s in public server list" % replica
+ print("Cannot find %s in public server list" % replica)
return
try:
@@ -213,22 +216,22 @@ def list_replicas(realm, host, replica, dirman_passwd, verbose, nolookup=False):
entries = repl.find_replication_agreements()
ent_type = 'replica'
except Exception as e:
- print "Failed to get data from '%s': %s" % (replica, e)
+ print("Failed to get data from '%s': %s" % (replica, e))
return
for entry in entries:
- print '%s: %s' % (entry.single_value.get('nsds5replicahost'), ent_type)
+ print('%s: %s' % (entry.single_value.get('nsds5replicahost'), ent_type))
if verbose:
- print " last init status: %s" % entry.single_value.get(
- 'nsds5replicalastinitstatus')
- print " last init ended: %s" % str(ipautil.parse_generalized_time(
- entry.single_value['nsds5replicalastinitend']))
- print " last update status: %s" % entry.single_value.get(
- 'nsds5replicalastupdatestatus')
- print " last update ended: %s" % str(
+ print(" last init status: %s" % entry.single_value.get(
+ 'nsds5replicalastinitstatus'))
+ print(" last init ended: %s" % str(ipautil.parse_generalized_time(
+ entry.single_value['nsds5replicalastinitend'])))
+ print(" last update status: %s" % entry.single_value.get(
+ 'nsds5replicalastupdatestatus'))
+ print(" last update ended: %s" % str(
ipautil.parse_generalized_time(
- entry.single_value['nsds5replicalastupdateend']))
+ entry.single_value['nsds5replicalastupdateend'])))
def del_link(realm, replica1, replica2, dirman_passwd, force=False):
"""
@@ -253,21 +256,21 @@ def del_link(realm, replica1, replica2, dirman_passwd, force=False):
# the new topology plugin naming convention: <A>-to-<B> instead of
# meTo<B>.
if managed_topology:
- print "'%s' has no winsync replication agreement for '%s'" % (replica1, replica2)
+ print("'%s' has no winsync replication agreement for '%s'" % (replica1, replica2))
exit_on_managed_topology(what)
else:
- print "'%s' has no replication agreement for '%s'" % (replica1, replica2)
+ print("'%s' has no replication agreement for '%s'" % (replica1, replica2))
return False
except Exception as e:
- print "Failed to determine agreement type for '%s': %s" % (replica2, e)
+ print("Failed to determine agreement type for '%s': %s" % (replica2, e))
if type1 == replication.IPA_REPLICA and managed_topology:
exit_on_managed_topology(what)
repl_list = repl1.find_ipa_replication_agreements()
if not force and len(repl_list) <= 1 and type1 == replication.IPA_REPLICA:
- print "Cannot remove the last replication link of '%s'" % replica1
- print "Please use the 'del' command to remove it from the domain"
+ print("Cannot remove the last replication link of '%s'" % replica1)
+ print("Please use the 'del' command to remove it from the domain")
return False
if type1 == replication.IPA_REPLICA:
@@ -276,16 +279,16 @@ def del_link(realm, replica1, replica2, dirman_passwd, force=False):
repl_list = repl2.find_ipa_replication_agreements()
if not force and len(repl_list) <= 1:
- print "Cannot remove the last replication link of '%s'" % replica2
- print "Please use the 'del' command to remove it from the domain"
+ print("Cannot remove the last replication link of '%s'" % replica2)
+ print("Please use the 'del' command to remove it from the domain")
return False
except errors.NotFound:
- print "'%s' has no replication agreement for '%s'" % (replica2, replica1)
+ print("'%s' has no replication agreement for '%s'" % (replica2, replica1))
if not force:
return False
except Exception as e:
- print "Failed to get list of agreements from '%s': %s" % (replica2, e)
+ print("Failed to get list of agreements from '%s': %s" % (replica2, e))
if not force:
return False
@@ -300,28 +303,28 @@ def del_link(realm, replica1, replica2, dirman_passwd, force=False):
(next_start, next_max) = repl2.get_DNA_next_range(repl2.conn.host)
if range_start is not None:
if not store_DNA_range(repl1, range_start, range_max, repl2.conn.host, realm, dirman_passwd):
- print "Unable to save DNA range %d-%d" % (range_start, range_max)
+ print("Unable to save DNA range %d-%d" % (range_start, range_max))
if next_start is not None:
if not store_DNA_range(repl1, next_start, next_max, repl2.conn.host, realm, dirman_passwd):
- print "Unable to save DNA range %d-%d" % (next_start, next_max)
+ print("Unable to save DNA range %d-%d" % (next_start, next_max))
repl2.set_readonly(readonly=False)
repl2.delete_agreement(replica1)
repl2.delete_referral(replica1)
repl2.set_readonly(readonly=False)
except Exception as e:
- print "Unable to remove agreement on %s: %s" % (replica2, e)
+ print("Unable to remove agreement on %s: %s" % (replica2, e))
failed = True
if failed:
if force:
- print "Forcing removal on '%s'" % replica1
- print "Any DNA range on '%s' will be lost" % replica2
+ print("Forcing removal on '%s'" % replica1)
+ print("Any DNA range on '%s' will be lost" % replica2)
else:
return False
if not repl2 and force:
- print "Forcing removal on '%s'" % replica1
- print "Any DNA range on '%s' will be lost" % replica2
+ print("Forcing removal on '%s'" % replica1)
+ print("Any DNA range on '%s' will be lost" % replica2)
repl1.delete_agreement(replica2)
repl1.delete_referral(replica2)
@@ -336,9 +339,9 @@ def del_link(realm, replica1, replica2, dirman_passwd, force=False):
for entry in entries:
repl1.conn.delete_entry(entry)
except Exception as e:
- print "Error deleting winsync replica shared info: %s" % e
+ print("Error deleting winsync replica shared info: %s" % e)
- print "Deleted replication agreement from '%s' to '%s'" % (replica1, replica2)
+ print("Deleted replication agreement from '%s' to '%s'" % (replica1, replica2))
return True
@@ -353,7 +356,7 @@ def get_ruv(realm, host, dirman_passwd, nolookup=False):
try:
thisrepl = replication.ReplicationManager(realm, host, dirman_passwd)
except Exception as e:
- print "Failed to connect to server %s: %s" % (host, e)
+ print("Failed to connect to server %s: %s" % (host, e))
sys.exit(1)
search_filter = '(&(nsuniqueid=ffffffff-ffffffff-ffffffff-ffffffff)(objectclass=nstombstone))'
@@ -362,7 +365,7 @@ def get_ruv(realm, host, dirman_passwd, nolookup=False):
api.env.basedn, thisrepl.conn.SCOPE_SUBTREE, search_filter,
['nsds50ruv'])
except errors.NotFound:
- print "No RUV records found."
+ print("No RUV records found.")
sys.exit(0)
servers = []
@@ -376,7 +379,7 @@ def get_ruv(realm, host, dirman_passwd, nolookup=False):
(scheme, netloc, path, params, query, fragment) = urlparse.urlparse(data.group(2))
servers.append((netloc, rid))
else:
- print "unable to decode: %s" % ruv
+ print("unable to decode: %s" % ruv)
return servers
@@ -388,7 +391,7 @@ def list_ruv(realm, host, dirman_passwd, verbose, nolookup=False):
servers = get_ruv(realm, host, dirman_passwd, nolookup)
for (netloc, rid) in servers:
- print "%s: %s" % (netloc, rid)
+ print("%s: %s" % (netloc, rid))
def get_rid_by_host(realm, sourcehost, host, dirman_passwd, nolookup=False):
"""
@@ -420,18 +423,18 @@ def clean_ruv(realm, ruv, options):
if not found:
sys.exit("Replica ID %s not found" % ruv)
- print "Clean the Replication Update Vector for %s" % hostname
- print
- print "Cleaning the wrong replica ID will cause that server to no"
- print "longer replicate so it may miss updates while the process"
- print "is running. It would need to be re-initialized to maintain"
- print "consistency. Be very careful."
+ print("Clean the Replication Update Vector for %s" % hostname)
+ print()
+ print("Cleaning the wrong replica ID will cause that server to no")
+ print("longer replicate so it may miss updates while the process")
+ print("is running. It would need to be re-initialized to maintain")
+ print("consistency. Be very careful.")
if not options.force and not ipautil.user_input("Continue to clean?", False):
sys.exit("Aborted")
thisrepl = replication.ReplicationManager(realm, options.host,
options.dirman_passwd)
thisrepl.cleanallruv(ruv)
- print "Cleanup task created"
+ print("Cleanup task created")
def abort_clean_ruv(realm, ruv, options):
"""
@@ -466,13 +469,13 @@ def abort_clean_ruv(realm, ruv, options):
if not found:
sys.exit("Replica ID %s not found" % ruv)
- print "Aborting the clean Replication Update Vector task for %s" % hostname
- print
+ print("Aborting the clean Replication Update Vector task for %s" % hostname)
+ print()
thisrepl = replication.ReplicationManager(realm, options.host,
options.dirman_passwd)
thisrepl.abortcleanallruv(ruv, options.force)
- print "Cleanup task stopped"
+ print("Cleanup task stopped")
def list_clean_ruv(realm, host, dirman_passwd, verbose, nolookup=False):
"""
@@ -487,33 +490,33 @@ def list_clean_ruv(realm, host, dirman_passwd, verbose, nolookup=False):
try:
entries = repl.conn.get_entries(dn, repl.conn.SCOPE_ONELEVEL)
except errors.NotFound:
- print "No CLEANALLRUV tasks running"
+ print("No CLEANALLRUV tasks running")
else:
- print "CLEANALLRUV tasks"
+ print("CLEANALLRUV tasks")
for entry in entries:
name = entry.single_value['cn'].replace('clean ', '')
status = entry.single_value.get('nsTaskStatus')
- print "RID %s: %s" % (name, status)
+ print("RID %s: %s" % (name, status))
if verbose:
- print str(dn)
- print entry.single_value.get('nstasklog')
+ print(str(dn))
+ print(entry.single_value.get('nstasklog'))
- print
+ print()
dn = DN(('cn', 'abort cleanallruv'),('cn', 'tasks'), ('cn', 'config'))
try:
entries = repl.conn.get_entries(dn, repl.conn.SCOPE_ONELEVEL)
except errors.NotFound:
- print "No abort CLEANALLRUV tasks running"
+ print("No abort CLEANALLRUV tasks running")
else:
- print "Abort CLEANALLRUV tasks"
+ print("Abort CLEANALLRUV tasks")
for entry in entries:
name = entry.single_value['cn'].replace('abort ', '')
status = entry.single_value.get('nsTaskStatus')
- print "RID %s: %s" % (name, status)
+ print("RID %s: %s" % (name, status))
if verbose:
- print str(dn)
- print entry.single_value.get('nstasklog')
+ print(str(dn))
+ print(entry.single_value.get('nstasklog'))
def check_last_link(delrepl, realm, dirman_passwd, force):
"""
@@ -547,7 +550,7 @@ def check_last_link(delrepl, realm, dirman_passwd, force):
try:
repl = replication.ReplicationManager(realm, replica, dirman_passwd)
except errors.NetworkError:
- print "Unable to validate that '%s' will not be orphaned." % replica
+ print("Unable to validate that '%s' will not be orphaned." % replica)
if not force and not ipautil.user_input("Continue to delete?", False):
sys.exit("Aborted")
@@ -579,9 +582,9 @@ def check_last_link_managed(api, masters, hostname, force):
# check topology before removal
orig_errors = get_topology_connection_errors(graph)
if orig_errors:
- print "Current topology is disconnected:"
- print "Changes are not replicated to all servers and data are probably inconsistent."
- print "You need to add segments to reconnect the topology."
+ print("Current topology is disconnected:")
+ print("Changes are not replicated to all servers and data are probably inconsistent.")
+ print("You need to add segments to reconnect the topology.")
print_connect_errors(orig_errors)
# after removal
@@ -592,25 +595,25 @@ def check_last_link_managed(api, masters, hostname, force):
new_errors = get_topology_connection_errors(graph)
if new_errors:
- print "WARNING: Topology after removal of %s will be disconnected." % hostname
- print "Changes will not be replicated to all servers and data will become inconsistent."
- print "You need to add segments to prevent disconnection of the topology."
- print "Errors in topology after removal:"
+ print("WARNING: Topology after removal of %s will be disconnected." % hostname)
+ print("Changes will not be replicated to all servers and data will become inconsistent.")
+ print("You need to add segments to prevent disconnection of the topology.")
+ print("Errors in topology after removal:")
print_connect_errors(new_errors)
if orig_errors or new_errors:
if not force:
sys.exit("Aborted")
else:
- print "Forcing removal of %s" % hostname
+ print("Forcing removal of %s" % hostname)
return (orig_errors, new_errors)
def print_connect_errors(errors):
for error in errors:
- print "Topology does not allow server %s to replicate with servers:" % error[0]
+ print("Topology does not allow server %s to replicate with servers:" % error[0])
for srv in error[2]:
- print " %s" % srv
+ print(" %s" % srv)
def enforce_host_existence(host, message=None):
if host is not None and not ipautil.host_exists(host):
@@ -647,13 +650,13 @@ def ensure_last_services(conn, hostname, masters, options):
ca_hostname = master_cn
if 'CA' in this_services and not any(['CA' in o for o in other_services]):
- print "Deleting this server is not allowed as it would leave your installation without a CA."
+ print("Deleting this server is not allowed as it would leave your installation without a CA.")
sys.exit(1)
other_dns = True
if 'DNS' in this_services and not any(['DNS' in o for o in other_services]):
other_dns = False
- print "Deleting this server will leave your installation without a DNS."
+ print("Deleting this server will leave your installation without a DNS.")
if not options.force and not ipautil.user_input("Continue to delete?", False):
sys.exit("Deletion aborted")
@@ -662,8 +665,8 @@ def ensure_last_services(conn, hostname, masters, options):
if 'DNS' in this_services and other_dns and not options.force:
dnssec_masters = opendnssecinstance.get_dnssec_key_masters(conn)
if hostname in dnssec_masters:
- print "Replica is active DNSSEC key master. Uninstall could break your DNS system."
- print "Please disable or replace DNSSEC key master first."
+ print("Replica is active DNSSEC key master. Uninstall could break your DNS system.")
+ print("Please disable or replace DNSSEC key master first.")
sys.exit("Deletion aborted")
ca = cainstance.CAInstance(api.env.realm, certs.NSS_DIR)
@@ -688,8 +691,8 @@ def cleanup_server_dns_entries(realm, hostname, suffix, options):
keysyncd = dnskeysyncinstance.DNSKeySyncInstance()
keysyncd.remove_replica_public_keys(hostname)
except Exception as e:
- print "Failed to cleanup %s DNS entries: %s" % (hostname, e)
- print "You may need to manually remove them from the tree"
+ print("Failed to cleanup %s DNS entries: %s" % (hostname, e))
+ print("You may need to manually remove them from the tree")
def del_master(realm, hostname, options):
@@ -706,7 +709,7 @@ def del_master_managed(realm, hostname, options):
hostname_u = unicode(hostname)
if hostname == options.host:
- print "Can't remove itself: %s" % (options.host)
+ print("Can't remove itself: %s" % (options.host))
sys.exit(1)
# 1. Connect to the local server
@@ -714,7 +717,7 @@ def del_master_managed(realm, hostname, options):
thisrepl = replication.ReplicationManager(realm, options.host,
options.dirman_passwd)
except Exception as e:
- print "Failed to connect to server %s: %s" % (options.host, e)
+ print("Failed to connect to server %s: %s" % (options.host, e))
sys.exit(1)
# 2. Get all masters
@@ -735,14 +738,14 @@ def del_master_managed(realm, hostname, options):
try:
api.Command.server_del(hostname_u)
except errors.NotFound:
- print "Server entry already deleted: %s" % (hostname)
+ print("Server entry already deleted: %s" % (hostname))
# 6. Cleanup
try:
thisrepl.replica_cleanup(hostname, realm, force=True)
except Exception as e:
- print "Failed to cleanup %s entries: %s" % (hostname, e)
- print "You may need to manually remove them from the tree"
+ print("Failed to cleanup %s entries: %s" % (hostname, e))
+ print("You may need to manually remove them from the tree")
# 7. Clean RUV for the deleted master
# Wait for topology plugin to delete segments
@@ -757,7 +760,7 @@ def del_master_managed(realm, hostname, options):
# If the server was already deleted, we can expect that all removals
# had been done in previous run and dangling segments were not deleted.
if hostname not in m_cns:
- print "Skipping replication agreement deletion check"
+ print("Skipping replication agreement deletion check")
break
# Relax check if topology was or is disconnected. Disconnected topology
@@ -778,18 +781,18 @@ def del_master_managed(realm, hostname, options):
right = [s for s in right if s['iparepltoposegmentleftnode'][0] in can_contact_me]
if not left and not right:
- print "Agreements deleted"
+ print("Agreements deleted")
break
time.sleep(2)
if i == 2: # taking too long, something is wrong, report
- print "Waiting for removal of replication agreements"
+ print("Waiting for removal of replication agreements")
if i > 90:
- print "Taking too long, skipping"
- print "Following segments were not deleted:"
+ print("Taking too long, skipping")
+ print("Following segments were not deleted:")
for s in left:
- print " %s" % s['cn'][0]
+ print(" %s" % s['cn'][0])
for s in right:
- print " %s" % s['cn'][0]
+ print(" %s" % s['cn'][0])
break
i += 1
@@ -798,7 +801,7 @@ def del_master_managed(realm, hostname, options):
try:
thisrepl.cleanallruv(rid)
except KeyboardInterrupt:
- print "Wait for task interrupted. It will continue to run in the background"
+ print("Wait for task interrupted. It will continue to run in the background")
# 8. And clean up the removed replica DNS entries if any.
cleanup_server_dns_entries(realm, hostname, thisrepl.suffix, options)
@@ -816,7 +819,7 @@ def del_master_direct(realm, hostname, options):
thisrepl = replication.ReplicationManager(realm, options.host,
options.dirman_passwd)
except Exception as e:
- print "Failed to connect to server %s: %s" % (options.host, e)
+ print("Failed to connect to server %s: %s" % (options.host, e))
sys.exit(1)
# 2. Ensure we have an agreement with the master
@@ -829,8 +832,8 @@ def del_master_direct(realm, hostname, options):
removes that master from the list of masters. If the master
were to try to come back online it wouldn't work at all.
"""
- print "Cleaning a master is irreversible."
- print "This should not normally be require, so use cautiously."
+ print("Cleaning a master is irreversible.")
+ print("This should not normally be require, so use cautiously.")
if not ipautil.user_input("Continue to clean master?", False):
sys.exit("Cleanup aborted")
thisrepl.replica_cleanup(hostname, realm, force=True)
@@ -845,12 +848,12 @@ def del_master_direct(realm, hostname, options):
try:
delrepl = replication.ReplicationManager(realm, hostname, options.dirman_passwd)
except Exception as e:
- print "Connection to '%s' failed: %s" % (hostname, e)
+ print("Connection to '%s' failed: %s" % (hostname, e))
if not options.force:
- print "Unable to delete replica '%s'" % hostname
+ print("Unable to delete replica '%s'" % hostname)
sys.exit(1)
else:
- print "Forcing removal of %s" % hostname
+ print("Forcing removal of %s" % hostname)
force_del = True
if force_del:
@@ -877,10 +880,10 @@ def del_master_direct(realm, hostname, options):
replica_names = [options.host]
if not winsync and not options.force:
- print "Deleting a master is irreversible."
- print "To reconnect to the remote master you will need to prepare " \
- "a new replica file"
- print "and re-install."
+ print("Deleting a master is irreversible.")
+ print("To reconnect to the remote master you will need to prepare " \
+ "a new replica file")
+ print("and re-install.")
if not ipautil.user_input("Continue to delete?", False):
sys.exit("Deletion aborted")
@@ -890,9 +893,9 @@ def del_master_direct(realm, hostname, options):
masters = api.Command.server_find('', sizelimit=0)['result']
except Exception as e:
masters = []
- print "Failed to read masters data from '%s': %s" % (
- delrepl.hostname, e)
- print "Skipping calculation to determine if one or more masters would be orphaned."
+ print("Failed to read masters data from '%s': %s" % (
+ delrepl.hostname, e))
+ print("Skipping calculation to determine if one or more masters would be orphaned.")
if not options.force:
sys.exit(1)
@@ -901,15 +904,15 @@ def del_master_direct(realm, hostname, options):
if len(masters) > 2:
orphaned_server = check_last_link(delrepl, realm, options.dirman_passwd, options.force)
if orphaned_server is not None:
- print "Deleting this server will orphan '%s'. " % orphaned_server
- print "You will need to reconfigure your replication topology to delete this server."
+ print("Deleting this server will orphan '%s'. " % orphaned_server)
+ print("You will need to reconfigure your replication topology to delete this server.")
sys.exit(1)
# 4. Check that we are not leaving the installation without CA and/or DNS
# And pick new CA master.
ensure_last_services(thisrepl.conn, hostname, masters, options)
else:
- print "Skipping calculation to determine if one or more masters would be orphaned."
+ print("Skipping calculation to determine if one or more masters would be orphaned.")
# Save the RID value before we start deleting
if repltype == replication.IPA_REPLICA:
@@ -918,28 +921,28 @@ def del_master_direct(realm, hostname, options):
# 4. Remove each agreement
- print "Deleting replication agreements between %s and %s" % (hostname, ', '.join(replica_names))
+ print("Deleting replication agreements between %s and %s" % (hostname, ', '.join(replica_names)))
for r in replica_names:
try:
if not del_link(realm, r, hostname, options.dirman_passwd, force=True):
- print "Unable to remove replication agreement for %s from %s." % (hostname, r)
+ print("Unable to remove replication agreement for %s from %s." % (hostname, r))
except Exception as e:
- print ("There were issues removing a connection for %s "
- "from %s: %s" % (hostname, r, e))
+ print(("There were issues removing a connection for %s "
+ "from %s: %s" % (hostname, r, e)))
# 5. Clean RUV for the deleted master
if repltype == replication.IPA_REPLICA and rid is not None:
try:
thisrepl.cleanallruv(rid)
except KeyboardInterrupt:
- print "Wait for task interrupted. It will continue to run in the background"
+ print("Wait for task interrupted. It will continue to run in the background")
# 6. Finally clean up the removed replica common entries.
try:
thisrepl.replica_cleanup(hostname, realm, force=True)
except Exception as e:
- print "Failed to cleanup %s entries: %s" % (hostname, e)
- print "You may need to manually remove them from the tree"
+ print("Failed to cleanup %s entries: %s" % (hostname, e))
+ print("You may need to manually remove them from the tree")
# 7. And clean up the removed replica DNS entries if any.
cleanup_server_dns_entries(realm, hostname, thisrepl.suffix, options)
@@ -963,10 +966,10 @@ def add_link(realm, replica1, replica2, dirman_passwd, options):
try:
repl = replication.ReplicationManager(realm, replica1, dirman_passwd)
except errors.NotFound:
- print "Cannot find replica '%s'" % replica1
+ print("Cannot find replica '%s'" % replica1)
return
except Exception as e:
- print "Failed to connect to '%s': %s" % (replica1, e)
+ print("Failed to connect to '%s': %s" % (replica1, e))
return
# See if we already have an agreement with this host
@@ -985,20 +988,20 @@ def add_link(realm, replica1, replica2, dirman_passwd, options):
ds = dsinstance.DsInstance(realm_name = realm,
dm_password = dirman_passwd)
if not ds.add_ca_cert(options.cacert):
- print "Could not load the required CA certificate file [%s]" % options.cacert
+ print("Could not load the required CA certificate file [%s]" % options.cacert)
return
else:
- print "Added CA certificate %s to certificate database for %s" % (options.cacert, replica1)
+ print("Added CA certificate %s to certificate database for %s" % (options.cacert, replica1))
# need to wait until cacert is installed as that command may restart
# the directory server and kill the connection
try:
repl1 = replication.ReplicationManager(realm, replica1, dirman_passwd)
except errors.NotFound:
- print "Cannot find replica '%s'" % replica1
+ print("Cannot find replica '%s'" % replica1)
return
except Exception as e:
- print "Failed to connect to '%s': %s" % (replica1, e)
+ print("Failed to connect to '%s': %s" % (replica1, e))
return
if options.winsync:
@@ -1040,7 +1043,7 @@ def add_link(realm, replica1, replica2, dirman_passwd, options):
sys.exit("Connection to %s unsuccessful." % replica2)
repl1.setup_gssapi_replication(replica2, DN(('cn', 'Directory Manager')), dirman_passwd)
- print "Connected '%s' to '%s'" % (replica1, replica2)
+ print("Connected '%s' to '%s'" % (replica1, replica2))
def re_initialize(realm, thishost, fromhost, dirman_passwd, nolookup=False):
@@ -1132,28 +1135,28 @@ def show_DNA_ranges(hostname, master, realm, dirman_passwd, nextrange=False,
try:
repl2 = replication.ReplicationManager(realm, remote, dirman_passwd)
except Exception as e:
- print "%s: Connection failed: %s" % (remote, e)
+ print("%s: Connection failed: %s" % (remote, e))
continue
if not nextrange:
try:
(start, max) = repl2.get_DNA_range(remote)
except errors.NotFound:
- print "%s: No permission to read DNA configuration" % remote
+ print("%s: No permission to read DNA configuration" % remote)
continue
if start is None:
- print "%s: No range set" % remote
+ print("%s: No range set" % remote)
else:
- print "%s: %s-%s" % (remote, start, max)
+ print("%s: %s-%s" % (remote, start, max))
else:
try:
(next_start, next_max) = repl2.get_DNA_next_range(remote)
except errors.NotFound:
- print "%s: No permission to read DNA configuration" % remote
+ print("%s: No permission to read DNA configuration" % remote)
continue
if next_start is None:
- print "%s: No on-deck range set" % remote
+ print("%s: No on-deck range set" % remote)
else:
- print "%s: %s-%s" % (remote, next_start, next_max)
+ print("%s: %s-%s" % (remote, next_start, next_max))
return False
@@ -1188,14 +1191,14 @@ def store_DNA_range(repl, range_start, range_max, deleted_master, realm,
try:
repl2 = replication.ReplicationManager(realm, candidate, dirman_passwd)
except Exception as e:
- print "Connection failed: %s" % e
+ print("Connection failed: %s" % e)
continue
(next_start, next_max) = repl2.get_DNA_next_range(candidate)
if next_start is None:
try:
return repl2.save_DNA_next_range(range_start, range_max)
except Exception as e:
- print '%s: %s' % (candidate, e)
+ print('%s: %s' % (candidate, e))
return False
@@ -1280,13 +1283,13 @@ def set_DNA_range(hostname, range, realm, dirman_passwd, next_range=False,
try:
repl2 = replication.ReplicationManager(realm, master, dirman_passwd)
except Exception as e:
- print "Connection to %s failed: %s" % (master, e)
- print "Overlap not checked."
+ print("Connection to %s failed: %s" % (master, e))
+ print("Overlap not checked.")
continue
try:
(entry_start, entry_max) = repl2.get_DNA_range(master)
except errors.NotFound:
- print "%s: No permission to read DNA configuration" % master
+ print("%s: No permission to read DNA configuration" % master)
continue
if (entry_start is not None and
range_intersection(entry_start, entry_max,
@@ -1418,13 +1421,13 @@ def main():
del_master(realm, args[1], options)
elif args[0] == "re-initialize":
if not options.fromhost:
- print "re-initialize requires the option --from <host name>"
+ print("re-initialize requires the option --from <host name>")
sys.exit(1)
re_initialize(realm, host, options.fromhost, dirman_passwd,
options.nolookup)
elif args[0] == "force-sync":
if not options.fromhost:
- print "force-sync requires the option --from <host name>"
+ print("force-sync requires the option --from <host name>")
sys.exit(1)
force_sync(realm, host, options.fromhost, options.dirman_passwd,
options.nolookup)
@@ -1481,8 +1484,8 @@ except SystemExit as e:
except RuntimeError as e:
sys.exit(e)
except socket.timeout:
- print "Connection timed out."
+ print("Connection timed out.")
sys.exit(1)
except Exception as e:
- print "unexpected error: %s" % str(e)
+ print("unexpected error: %s" % str(e))
sys.exit(1)
diff --git a/install/tools/ipactl b/install/tools/ipactl
index 5782d4c42..c01804397 100755
--- a/install/tools/ipactl
+++ b/install/tools/ipactl
@@ -18,6 +18,8 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
+from __future__ import print_function
+
import sys
import os
import json
@@ -87,7 +89,7 @@ def get_capture_output(service, debug):
tons and tons of information.
"""
if service == 'dirsrv' and not debug and is_dirsrv_debugging_enabled():
- print ' debugging enabled, suppressing output.'
+ print(' debugging enabled, suppressing output.')
return True
else:
return False
@@ -254,7 +256,7 @@ def ipa_start(options):
if not options.skip_version_check:
version_check()
else:
- print "Skipping version check"
+ print("Skipping version check")
if os.path.isfile(tasks.get_svc_list_file()):
emit_err("Existing service file detected!")
@@ -268,7 +270,7 @@ def ipa_start(options):
dirsrv = services.knownservices.dirsrv
try:
- print "Starting Directory Service"
+ print("Starting Directory Service")
dirsrv.start(capture_output=get_capture_output('dirsrv', options.debug))
except Exception as e:
raise IpactlError("Failed to start Directory Service: " + str(e))
@@ -297,7 +299,7 @@ def ipa_start(options):
for svc in svc_list:
svchandle = services.service(svc)
try:
- print "Starting %s Service" % svc
+ print("Starting %s Service" % svc)
svchandle.start(capture_output=get_capture_output(svc, options.debug))
except Exception:
emit_err("Failed to start %s Service" % svc)
@@ -336,13 +338,13 @@ def ipa_stop(options):
for svc in reversed(svc_list):
svchandle = services.service(svc)
try:
- print "Stopping %s Service" % svc
+ print("Stopping %s Service" % svc)
svchandle.stop(capture_output=False)
except:
emit_err("Failed to stop %s Service" % svc)
try:
- print "Stopping Directory Service"
+ print("Stopping Directory Service")
dirsrv.stop(capture_output=False)
except:
raise IpactlError("Failed to stop Directory Service")
@@ -358,14 +360,14 @@ def ipa_restart(options):
if not options.skip_version_check:
version_check()
else:
- print "Skipping version check"
+ print("Skipping version check")
dirsrv = services.knownservices.dirsrv
new_svc_list = []
dirsrv_restart = True
if not dirsrv.is_running():
try:
- print "Starting Directory Service"
+ print("Starting Directory Service")
dirsrv.start(capture_output=get_capture_output('dirsrv', options.debug))
dirsrv_restart = False
except Exception as e:
@@ -414,14 +416,14 @@ def ipa_restart(options):
for svc in reversed(old_svc_list):
svchandle = services.service(svc)
try:
- print "Stopping %s Service" % svc
+ print("Stopping %s Service" % svc)
svchandle.stop(capture_output=False)
except:
emit_err("Failed to stop %s Service" % svc)
try:
if dirsrv_restart:
- print "Restarting Directory Service"
+ print("Restarting Directory Service")
dirsrv.restart(capture_output=get_capture_output('dirsrv', options.debug))
except Exception as e:
emit_err("Failed to restart Directory Service: " + str(e))
@@ -439,7 +441,7 @@ def ipa_restart(options):
for svc in svc_list:
svchandle = services.service(svc)
try:
- print "Restarting %s Service" % svc
+ print("Restarting %s Service" % svc)
svchandle.restart(capture_output=get_capture_output(svc, options.debug))
except Exception:
emit_err("Failed to restart %s Service" % svc)
@@ -461,7 +463,7 @@ def ipa_restart(options):
for svc in new_svc_list:
svchandle = services.service(svc)
try:
- print "Starting %s Service" % svc
+ print("Starting %s Service" % svc)
svchandle.start(capture_output=get_capture_output(svc, options.debug))
except Exception:
emit_err("Failed to start %s Service" % svc)
@@ -496,12 +498,12 @@ def ipa_status(options):
dirsrv = services.knownservices.dirsrv
try:
if dirsrv.is_running():
- print "Directory Service: RUNNING"
+ print("Directory Service: RUNNING")
else:
- print "Directory Service: STOPPED"
+ print("Directory Service: STOPPED")
if len(svc_list) == 0:
- print ("Directory Service must be running in order to " +
- "obtain status of other services")
+ print(("Directory Service must be running in order to " +
+ "obtain status of other services"))
except:
raise IpactlError("Failed to get Directory Service status")
@@ -513,9 +515,9 @@ def ipa_status(options):
svchandle = services.service(svc)
try:
if svchandle.is_running():
- print "%s Service: RUNNING" % svc
+ print("%s Service: RUNNING" % svc)
else:
- print "%s Service: STOPPED" % svc
+ print("%s Service: STOPPED" % svc)
except:
emit_err("Failed to get %s Service status" % svc)
generated by cgit (git 2.34.1) at 2024-06-23 20:24:46 +0000