diff options
Diffstat (limited to 'ipaserver')
-rw-r--r-- | ipaserver/advise/base.py | 19 | ||||
-rw-r--r-- | ipaserver/install/adtrustinstance.py | 8 | ||||
-rw-r--r-- | ipaserver/install/bindinstance.py | 32 | ||||
-rw-r--r-- | ipaserver/install/ca.py | 18 | ||||
-rw-r--r-- | ipaserver/install/cainstance.py | 10 | ||||
-rw-r--r-- | ipaserver/install/dns.py | 102 | ||||
-rw-r--r-- | ipaserver/install/dnskeysyncinstance.py | 6 | ||||
-rw-r--r-- | ipaserver/install/dsinstance.py | 6 | ||||
-rw-r--r-- | ipaserver/install/httpinstance.py | 6 | ||||
-rw-r--r-- | ipaserver/install/installutils.py | 79 | ||||
-rw-r--r-- | ipaserver/install/ipa_cacert_manage.py | 20 | ||||
-rw-r--r-- | ipaserver/install/ipa_kra_install.py | 4 | ||||
-rw-r--r-- | ipaserver/install/ipa_ldap_updater.py | 4 | ||||
-rw-r--r-- | ipaserver/install/ipa_replica_prepare.py | 3 | ||||
-rw-r--r-- | ipaserver/install/krbinstance.py | 3 | ||||
-rw-r--r-- | ipaserver/install/replication.py | 54 | ||||
-rw-r--r-- | ipaserver/install/server/install.py | 222 | ||||
-rw-r--r-- | ipaserver/install/server/replicainstall.py | 42 | ||||
-rw-r--r-- | ipaserver/install/server/upgrade.py | 6 |
19 files changed, 340 insertions, 304 deletions
diff --git a/ipaserver/advise/base.py b/ipaserver/advise/base.py index 467203f54..f7f2ad821 100644 --- a/ipaserver/advise/base.py +++ b/ipaserver/advise/base.py @@ -17,12 +17,15 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. # +from __future__ import print_function + import os +from textwrap import wrap + from ipalib import api from ipalib.plugable import Plugin, API from ipalib.errors import ValidationError from ipapython import admintool -from textwrap import wrap from ipapython.ipa_log_manager import log_mgr @@ -174,11 +177,11 @@ class IpaAdvise(admintool.AdminTool): wrapped_description = wrap(description, 80 - len(prefix)) # Print the first line with the prefix (keyword) - print prefix + wrapped_description[0] + print(prefix + wrapped_description[0]) # Print the rest wrapped behind the colon for line in wrapped_description[1:]: - print "{off}{line}".format(off=' ' * len(prefix), line=line) + print("{off}{line}".format(off=' ' * len(prefix), line=line)) def print_header(self, header, print_shell=False): header_size = len(header) @@ -186,14 +189,14 @@ class IpaAdvise(admintool.AdminTool): prefix = '' if print_shell: prefix = '# ' - print '#!/bin/sh' + print('#!/bin/sh') # Do not print out empty header if header_size > 0: - print(prefix + '-' * 70) + print((prefix + '-' * 70)) for line in wrap(header, 70): - print(prefix + line) - print(prefix + '-' * 70) + print((prefix + line)) + print((prefix + '-' * 70)) def print_advice(self, keyword): advice = getattr(advise_api.Advice, keyword, None) @@ -224,7 +227,7 @@ class IpaAdvise(admintool.AdminTool): advice.get_info() api.Backend.rpcclient.disconnect() for line in advice.log.content: - print line + print(line) def run(self): super(IpaAdvise, self).run() diff --git a/ipaserver/install/adtrustinstance.py b/ipaserver/install/adtrustinstance.py index 1f39dc732..08b652a10 100644 --- a/ipaserver/install/adtrustinstance.py +++ b/ipaserver/install/adtrustinstance.py @@ -17,6 +17,8 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. # +from __future__ import print_function + import os import errno import ldap @@ -59,9 +61,9 @@ SELINUX_BOOLEAN_SETTINGS = {'samba_portmapper': 'on'} def check_inst(): for smbfile in [paths.SMBD, paths.NET]: if not os.path.exists(smbfile): - print "%s was not found on this system" % smbfile - print "Please install the 'samba' packages and " \ - "start the installation again" + print("%s was not found on this system" % smbfile) + print("Please install the 'samba' packages and " \ + "start the installation again") return False #TODO: Add check for needed samba4 libraries diff --git a/ipaserver/install/bindinstance.py b/ipaserver/install/bindinstance.py index 0201bbe0c..c52b1c0d6 100644 --- a/ipaserver/install/bindinstance.py +++ b/ipaserver/install/bindinstance.py @@ -17,6 +17,8 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. # +from __future__ import print_function + import tempfile import os import pwd @@ -289,7 +291,7 @@ def read_reverse_zone(default, ip_address): if verify_reverse_zone(zone, ip_address): break else: - print "Invalid reverse zone %s for IP address %s" % (zone, ip_address) + print("Invalid reverse zone %s for IP address %s" % (zone, ip_address)) return normalize_zone(zone) @@ -447,7 +449,7 @@ def check_reverse_zones(ip_addresses, reverse_zones, options, unattended, search return ret_reverse_zones def check_forwarders(dns_forwarders, logger): - print "Checking DNS forwarders, please wait ..." + print("Checking DNS forwarders, please wait ...") forwarders_dnssec_valid = True for forwarder in dns_forwarders: logger.debug("Checking DNS server: %s", forwarder) @@ -459,17 +461,17 @@ def check_forwarders(dns_forwarders, logger): forwarder, e) logger.warning("Please fix forwarder configuration to enable DNSSEC support.\n" "(For BIND 9 add directive \"dnssec-enable yes;\" to \"options {}\")") - print "DNS server %s: %s" % (forwarder, e) - print "Please fix forwarder configuration to enable DNSSEC support." - print "(For BIND 9 add directive \"dnssec-enable yes;\" to \"options {}\")" + print("DNS server %s: %s" % (forwarder, e)) + print("Please fix forwarder configuration to enable DNSSEC support.") + print("(For BIND 9 add directive \"dnssec-enable yes;\" to \"options {}\")") except EDNS0UnsupportedError as e: forwarders_dnssec_valid = False logger.warning("DNS server %s does not support ENDS0 " "(RFC 6891): %s", forwarder, e) logger.warning("Please fix forwarder configuration. " "DNSSEC support cannot be enabled without EDNS0") - print ("WARNING: DNS server %s does not support EDNS0 " - "(RFC 6891): %s" % (forwarder, e)) + print(("WARNING: DNS server %s does not support EDNS0 " + "(RFC 6891): %s" % (forwarder, e))) except UnresolvableRecordError as e: logger.error("DNS server %s: %s", forwarder, e) raise RuntimeError("DNS server %s: %s" % (forwarder, e)) @@ -602,7 +604,7 @@ class BindInstance(service.Service): [bind_fd, bind_name] = tempfile.mkstemp(".db","sample.zone.") os.write(bind_fd, bind_txt) os.close(bind_fd) - print "Sample zone file for bind has been created in "+bind_name + print("Sample zone file for bind has been created in "+bind_name) def create_instance(self): @@ -658,7 +660,7 @@ class BindInstance(service.Service): self.restart() except Exception as e: root_logger.error("Named service failed to start (%s)", e) - print "named service failed to start" + print("named service failed to start") def __enable(self): if self.get_state("enabled") is None: @@ -1155,14 +1157,14 @@ class BindInstance(service.Service): param in api.Object['dnsconfig'].params) if not global_conf_set: - print "Global DNS configuration in LDAP server is empty" - print "You can use 'dnsconfig-mod' command to set global DNS options that" - print "would override settings in local named.conf files" + print("Global DNS configuration in LDAP server is empty") + print("You can use 'dnsconfig-mod' command to set global DNS options that") + print("would override settings in local named.conf files") return - print "Global DNS configuration in LDAP server is not empty" - print "The following configuration options override local settings in named.conf:" - print "" + print("Global DNS configuration in LDAP server is not empty") + print("The following configuration options override local settings in named.conf:") + print("") textui = ipalib.cli.textui(api) api.Command.dnsconfig_show.output_for_cli(textui, result, None, reverse=False) diff --git a/ipaserver/install/ca.py b/ipaserver/install/ca.py index 557efedf7..7e08b5ac0 100644 --- a/ipaserver/install/ca.py +++ b/ipaserver/install/ca.py @@ -2,6 +2,8 @@ # Copyright (C) 2015 FreeIPA Contributors see COPYING for license # +from __future__ import print_function + import sys import os.path @@ -30,7 +32,7 @@ def install_check(standalone, replica_config, options): sys.exit('A selfsign CA can not be added') if not ipautil.file_exists(replica_config.dir + "/cacert.p12"): - print 'CA cannot be installed in CA-less setup.' + print('CA cannot be installed in CA-less setup.') sys.exit(1) if standalone and not options.skip_conncheck: @@ -73,9 +75,9 @@ def install_check(standalone, replica_config, options): "--external-cert-file.") sys.exit(1) if ipautil.file_exists(paths.ROOT_IPA_CSR): - print("CA CSR file %s already exists.\nIn order to continue " + print(("CA CSR file %s already exists.\nIn order to continue " "remove the file and run the installer again." % - paths.ROOT_IPA_CSR) + paths.ROOT_IPA_CSR)) sys.exit(1) if not options.external_cert_files: @@ -94,8 +96,8 @@ def install_check(standalone, replica_config, options): if nickname in (certdb.get_ca_nickname(realm_name), 'ipaCert', 'Signing-Cert'): - print ("Certificate with nickname %s is present in %s, " - "cannot continue." % (nickname, db.secdir)) + print(("Certificate with nickname %s is present in %s, " + "cannot continue." % (nickname, db.secdir))) sys.exit(1) cert = db.get_cert_from_db(nickname) @@ -105,8 +107,8 @@ def install_check(standalone, replica_config, options): if subject in (DN('CN=Certificate Authority', subject_base), DN('CN=IPA RA', subject_base), DN('CN=Object Signing Cert', subject_base)): - print ("Certificate with subject %s is present in %s, " - "cannot continue." % (subject, db.secdir)) + print(("Certificate with subject %s is present in %s, " + "cannot continue." % (subject, db.secdir))) sys.exit(1) @@ -249,7 +251,7 @@ def install_step_1(standalone, replica_config, options): with open(paths.IPA_DEFAULT_CONF, 'w') as f: parser.write(f) except IOError as e: - print "Failed to update /etc/ipa/default.conf" + print("Failed to update /etc/ipa/default.conf") root_logger.error(str(e)) sys.exit(1) diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py index c8b834f78..da1c72acb 100644 --- a/ipaserver/install/cainstance.py +++ b/ipaserver/install/cainstance.py @@ -19,6 +19,8 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. # +from __future__ import print_function + import array import base64 import binascii @@ -616,8 +618,8 @@ class CAInstance(DogtagInstance): os.remove(cfg_file) if self.external == 1: - print "The next step is to get %s signed by your CA and re-run %s as:" % (self.csr_file, sys.argv[0]) - print "%s --external-cert-file=/path/to/signed_certificate --external-cert-file=/path/to/external_ca_certificate" % sys.argv[0] + print("The next step is to get %s signed by your CA and re-run %s as:" % (self.csr_file, sys.argv[0])) + print("%s --external-cert-file=/path/to/signed_certificate --external-cert-file=/path/to/external_ca_certificate" % sys.argv[0]) sys.exit(0) else: shutil.move(paths.CA_BACKUP_KEYS_P12, @@ -756,8 +758,8 @@ class CAInstance(DogtagInstance): self.handle_setup_error(e) if self.external == 1: - print "The next step is to get %s signed by your CA and re-run %s as:" % (self.csr_file, sys.argv[0]) - print "%s --external-cert-file=/path/to/signed_certificate --external-cert-file=/path/to/external_ca_certificate" % sys.argv[0] + print("The next step is to get %s signed by your CA and re-run %s as:" % (self.csr_file, sys.argv[0])) + print("%s --external-cert-file=/path/to/signed_certificate --external-cert-file=/path/to/external_ca_certificate" % sys.argv[0]) sys.exit(0) # pkisilent makes a copy of the CA PKCS#12 file for us but gives diff --git a/ipaserver/install/dns.py b/ipaserver/install/dns.py index 9430d1899..1c31f0c66 100644 --- a/ipaserver/install/dns.py +++ b/ipaserver/install/dns.py @@ -2,6 +2,8 @@ # Copyright (C) 2015 FreeIPA Contributors see COPYING for license # +from __future__ import print_function + import sys from subprocess import CalledProcessError @@ -102,37 +104,37 @@ def install_check(standalone, replica, options, hostname): constants.IPA_DNS_PACKAGE_NAME) if standalone: - print "==============================================================================" - print "This program will setup DNS for the FreeIPA Server." - print "" - print "This includes:" - print " * Configure DNS (bind)" - print " * Configure SoftHSM (required by DNSSEC)" - print " * Configure ipa-dnskeysyncd (required by DNSSEC)" + print("==============================================================================") + print("This program will setup DNS for the FreeIPA Server.") + print("") + print("This includes:") + print(" * Configure DNS (bind)") + print(" * Configure SoftHSM (required by DNSSEC)") + print(" * Configure ipa-dnskeysyncd (required by DNSSEC)") if options.dnssec_master: - print " * Configure ipa-ods-exporter (required by DNSSEC key master)" - print " * Configure OpenDNSSEC (required by DNSSEC key master)" - print " * Generate DNSSEC master key (required by DNSSEC key master)" + print(" * Configure ipa-ods-exporter (required by DNSSEC key master)") + print(" * Configure OpenDNSSEC (required by DNSSEC key master)") + print(" * Generate DNSSEC master key (required by DNSSEC key master)") elif options.disable_dnssec_master: - print " * Unconfigure ipa-ods-exporter" - print " * Unconfigure OpenDNSSEC" - print "" - print "No new zones will be signed without DNSSEC key master IPA server." - print "" - print ("Please copy file from %s after uninstallation. This file is needed " - "on new DNSSEC key " % paths.IPA_KASP_DB_BACKUP) - print "master server" - print "" - print "NOTE: DNSSEC zone signing is not enabled by default" - print "" + print(" * Unconfigure ipa-ods-exporter") + print(" * Unconfigure OpenDNSSEC") + print("") + print("No new zones will be signed without DNSSEC key master IPA server.") + print("") + print(("Please copy file from %s after uninstallation. This file is needed " + "on new DNSSEC key " % paths.IPA_KASP_DB_BACKUP)) + print("master server") + print("") + print("NOTE: DNSSEC zone signing is not enabled by default") + print("") if options.dnssec_master: - print "DNSSEC support is experimental!" - print "" - print "Plan carefully, replacing DNSSEC key master is not recommended" - print "" - print "" - print "To accept the default shown in brackets, press the Enter key." - print "" + print("DNSSEC support is experimental!") + print("") + print("Plan carefully, replacing DNSSEC key master is not recommended") + print("") + print("") + print("To accept the default shown in brackets, press the Enter key.") + print("") if (options.dnssec_master and not options.unattended and not ipautil.user_input( @@ -177,7 +179,7 @@ def install_check(standalone, replica, options, hostname): dnssec_masters = ods.get_masters() # we can reinstall current server if it is dnssec master if dnssec_masters and api.env.host not in dnssec_masters: - print "DNSSEC key master(s):", u','.join(dnssec_masters) + print("DNSSEC key master(s):", u','.join(dnssec_masters)) sys.exit("Only one DNSSEC key master is supported in current " "version.") @@ -242,7 +244,7 @@ def install_check(standalone, replica, options, hostname): if (not bindinstance.check_forwarders(dns_forwarders, root_logger) and not options.no_dnssec_validation): options.no_dnssec_validation = True - print "WARNING: DNSSEC validation will be disabled" + print("WARNING: DNSSEC validation will be disabled") root_logger.debug("will use dns_forwarders: %s\n", dns_forwarders) @@ -262,7 +264,7 @@ def install_check(standalone, replica, options, hostname): ) if reverse_zones: - print "Using reverse zone(s) %s" % ', '.join(reverse_zones) + print("Using reverse zone(s) %s" % ', '.join(reverse_zones)) def install(standalone, replica, options): @@ -287,10 +289,10 @@ def install(standalone, replica, options): ca_configured=options.setup_ca) if standalone and not options.unattended: - print "" - print "The following operations may take some minutes to complete." - print "Please wait until the prompt is returned." - print "" + print("") + print("The following operations may take some minutes to complete.") + print("Please wait until the prompt is returned.") + print("") bind.create_instance() @@ -312,33 +314,33 @@ def install(standalone, replica, options): bind.start_named() if standalone: - print "==============================================================================" - print "Setup complete" - print "" + print("==============================================================================") + print("Setup complete") + print("") bind.check_global_configuration() - print "" - print "" - print "\tYou must make sure these network ports are open:" - print "\t\tTCP Ports:" - print "\t\t * 53: bind" - print "\t\tUDP Ports:" - print "\t\t * 53: bind" + print("") + print("") + print("\tYou must make sure these network ports are open:") + print("\t\tTCP Ports:") + print("\t\t * 53: bind") + print("\t\tUDP Ports:") + print("\t\t * 53: bind") elif not standalone and replica: - print "" + print("") bind.check_global_configuration() - print "" + print("") def uninstall_check(options): # test if server is DNSSEC key master masters = opendnssecinstance.get_dnssec_key_masters(api.Backend.ldap2) if api.env.host in masters: - print "This server is active DNSSEC key master. Uninstall could break your DNS system." + print("This server is active DNSSEC key master. Uninstall could break your DNS system.") if not (options.unattended or user_input( "Are you sure you want to continue with the uninstall " "procedure?", False)): - print "" - print "Aborting uninstall operation." + print("") + print("Aborting uninstall operation.") sys.exit(1) diff --git a/ipaserver/install/dnskeysyncinstance.py b/ipaserver/install/dnskeysyncinstance.py index 4b84eddf6..482250fee 100644 --- a/ipaserver/install/dnskeysyncinstance.py +++ b/ipaserver/install/dnskeysyncinstance.py @@ -2,6 +2,8 @@ # Copyright (C) 2014 FreeIPA Contributors see COPYING for license # +from __future__ import print_function + import os import pwd import grp @@ -111,7 +113,7 @@ class DNSKeySyncInstance(service.Service): ldap.delete_entry(entry) def start_dnskeysyncd(self): - print "Restarting ipa-dnskeysyncd" + print("Restarting ipa-dnskeysyncd") self.__start() def create_instance(self, fqdn, realm_name): @@ -464,7 +466,7 @@ class DNSKeySyncInstance(service.Service): try: self.restart() except Exception as e: - print "Failed to start ipa-dnskeysyncd" + print("Failed to start ipa-dnskeysyncd") self.logger.debug("Failed to start ipa-dnskeysyncd: %s", e) diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py index 819b6ccd0..312188273 100644 --- a/ipaserver/install/dsinstance.py +++ b/ipaserver/install/dsinstance.py @@ -18,6 +18,8 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. # +from __future__ import print_function + import shutil import pwd import sys @@ -506,7 +508,7 @@ class DsInstance(service.Service): self.__restart_instance() root_logger.debug("done restarting ds instance") except ipautil.CalledProcessError as e: - print "failed to restart ds instance", e + print("failed to restart ds instance", e) root_logger.debug("failed to restart ds instance %s" % e) inf_fd.close() os.remove(paths.DIRSRV_BOOT_LDIF) @@ -832,7 +834,7 @@ class DsInstance(service.Service): ipautil.run(args, env=env) root_logger.debug("ldappasswd done") except ipautil.CalledProcessError as e: - print "Unable to set admin password", e + print("Unable to set admin password", e) root_logger.debug("Unable to set admin password %s" % e) finally: diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py index 196efb05e..9354a22f5 100644 --- a/ipaserver/install/httpinstance.py +++ b/ipaserver/install/httpinstance.py @@ -17,6 +17,8 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. # +from __future__ import print_function + import os import os.path import tempfile @@ -213,7 +215,7 @@ class HTTPInstance(service.Service): def __set_mod_nss_port(self): self.fstore.backup_file(paths.HTTPD_NSS_CONF) if installutils.update_file(paths.HTTPD_NSS_CONF, '8443', '443') != 0: - print "Updating port in %s failed." % paths.HTTPD_NSS_CONF + print("Updating port in %s failed." % paths.HTTPD_NSS_CONF) def __set_mod_nss_nickname(self, nickname): installutils.set_directive(paths.HTTPD_NSS_CONF, 'NSSNickname', nickname) @@ -231,7 +233,7 @@ class HTTPInstance(service.Service): def __add_include(self): """This should run after __set_mod_nss_port so is already backed up""" if installutils.update_file(paths.HTTPD_NSS_CONF, '</VirtualHost>', 'Include conf.d/ipa-rewrite.conf\n</VirtualHost>') != 0: - print "Adding Include conf.d/ipa-rewrite to %s failed." % paths.HTTPD_NSS_CONF + print("Adding Include conf.d/ipa-rewrite to %s failed." % paths.HTTPD_NSS_CONF) def configure_certmonger_renewal_guard(self): certmonger = services.knownservices.certmonger diff --git a/ipaserver/install/installutils.py b/ipaserver/install/installutils.py index 61bb552de..cdb081f6e 100644 --- a/ipaserver/install/installutils.py +++ b/ipaserver/install/installutils.py @@ -18,6 +18,7 @@ # from __future__ import absolute_import +from __future__ import print_function import socket import getpass @@ -161,7 +162,7 @@ def verify_fqdn(host_name, no_host_dns=False, local_hostname=True): root_logger.debug('socket.gethostbyaddr() error: %d: %s' % (e.errno, e.strerror)) if no_host_dns: - print "Warning: skipping DNS resolution of host", host_name + print("Warning: skipping DNS resolution of host", host_name) return try: @@ -239,7 +240,7 @@ def record_in_hosts(ip, host_name=None, conf_file=paths.HOSTS): return None return (hosts_ip, names) except IndexError: - print "Warning: Erroneous line '%s' in %s" % (line, conf_file) + print("Warning: Erroneous line '%s' in %s" % (line, conf_file)) continue return None @@ -257,7 +258,7 @@ def read_ip_address(host_name, fstore): try: ip_parsed = ipautil.CheckedIPAddress(ip, match_local=True) except Exception as e: - print "Error: Invalid IP Address %s: %s" % (ip, e) + print("Error: Invalid IP Address %s: %s" % (ip, e)) continue else: break @@ -266,7 +267,7 @@ def read_ip_address(host_name, fstore): def read_ip_addresses(host_name, fstore): ips = [] - print "Enter the IP address to use, or press Enter to finish." + print("Enter the IP address to use, or press Enter to finish.") while True: ip = ipautil.user_input("Please provide the IP address to be used for this host name", allow_empty = True) if not ip: @@ -274,7 +275,7 @@ def read_ip_addresses(host_name, fstore): try: ip_parsed = ipautil.CheckedIPAddress(ip, match_local=True) except Exception as e: - print "Error: Invalid IP Address %s: %s" % (ip, e) + print("Error: Invalid IP Address %s: %s" % (ip, e)) continue ips.append(ip_parsed) @@ -292,15 +293,15 @@ def read_dns_forwarders(): try: ip_parsed = ipautil.CheckedIPAddress(ip, parse_netmask=False) except Exception as e: - print "Error: Invalid IP Address %s: %s" % (ip, e) - print "DNS forwarder %s not added." % ip + print("Error: Invalid IP Address %s: %s" % (ip, e)) + print("DNS forwarder %s not added." % ip) continue - print "DNS forwarder %s added. You may add another." % ip + print("DNS forwarder %s added. You may add another." % ip) addrs.append(str(ip_parsed)) if not addrs: - print "No DNS forwarders configured" + print("No DNS forwarders configured") return addrs @@ -334,7 +335,7 @@ def read_password(user, confirm=True, validate=True, retry=True, validator=_read try: validator(pwd) except ValueError as e: - print str(e) + print(str(e)) pwd = None continue if not confirm: @@ -342,15 +343,15 @@ def read_password(user, confirm=True, validate=True, retry=True, validator=_read continue pwd_confirm = get_password("Password (confirm): ") if pwd != pwd_confirm: - print "Password mismatch!" - print "" + print("Password mismatch!") + print("") pwd = None else: correct = True except EOFError: return None finally: - print "" + print("") return pwd def update_file(filename, orig, subst): @@ -367,7 +368,7 @@ def update_file(filename, orig, subst): os.chown(filename, st.st_uid, st.st_gid) # reset perms return 0 else: - print "File %s doesn't exist." % filename + print("File %s doesn't exist." % filename) return 1 def set_directive(filename, directive, value, quotes=True, separator=' '): @@ -475,12 +476,12 @@ def get_server_ip_address(host_name, fstore, unattended, setup_dns, ip_addresses try: hostaddr = resolve_host(host_name) except HostnameLocalhost: - print >> sys.stderr, "The hostname resolves to the localhost address (127.0.0.1/::1)" - print >> sys.stderr, "Please change your /etc/hosts file so that the hostname" - print >> sys.stderr, "resolves to the ip address of your network interface." - print >> sys.stderr, "The KDC service does not listen on localhost" - print >> sys.stderr, "" - print >> sys.stderr, "Please fix your /etc/hosts file and restart the setup program" + print("The hostname resolves to the localhost address (127.0.0.1/::1)", file=sys.stderr) + print("Please change your /etc/hosts file so that the hostname", file=sys.stderr) + print("resolves to the ip address of your network interface.", file=sys.stderr) + print("The KDC service does not listen on localhost", file=sys.stderr) + print("", file=sys.stderr) + print("Please fix your /etc/hosts file and restart the setup program", file=sys.stderr) sys.exit(1) ip_add_to_hosts = False @@ -505,16 +506,16 @@ def get_server_ip_address(host_name, fstore, unattended, setup_dns, ip_addresses if set(ip_addresses) <= set(ips): ips = ip_addresses else: - print >>sys.stderr, "Error: the hostname resolves to IP address(es) that are different" - print >>sys.stderr, "from those provided on the command line. Please fix your DNS" - print >>sys.stderr, "or /etc/hosts file and restart the installation." - print >>sys.stderr, "Provided but not resolved address(es): %s" % \ - ", ".join(str(ip) for ip in (set(ip_addresses) - set(ips))) + print("Error: the hostname resolves to IP address(es) that are different", file=sys.stderr) + print("from those provided on the command line. Please fix your DNS", file=sys.stderr) + print("or /etc/hosts file and restart the installation.", file=sys.stderr) + print("Provided but not resolved address(es): %s" % \ + ", ".join(str(ip) for ip in (set(ip_addresses) - set(ips))), file=sys.stderr) sys.exit(1) ip_add_to_hosts = True if not ips: - print >> sys.stderr, "No usable IP address provided nor resolved." + print("No usable IP address provided nor resolved.", file=sys.stderr) sys.exit(1) for ip_address in ips: @@ -523,18 +524,18 @@ def get_server_ip_address(host_name, fstore, unattended, setup_dns, ip_addresses if hosts_record is None: if ip_add_to_hosts or setup_dns: - print "Adding ["+str(ip_address)+" "+host_name+"] to your /etc/hosts file" + print("Adding ["+str(ip_address)+" "+host_name+"] to your /etc/hosts file") fstore.backup_file(paths.HOSTS) add_record_to_hosts(str(ip_address), host_name) else: primary_host = hosts_record[1][0] if primary_host != host_name: - print >>sys.stderr, "Error: there is already a record in /etc/hosts for IP address %s:" \ - % ip_address - print >>sys.stderr, hosts_record[0], " ".join(hosts_record[1]) - print >>sys.stderr, "Chosen hostname %s does not match configured canonical hostname %s" \ - % (host_name, primary_host) - print >>sys.stderr, "Please fix your /etc/hosts file and restart the installation." + print("Error: there is already a record in /etc/hosts for IP address %s:" \ + % ip_address, file=sys.stderr) + print(hosts_record[0], " ".join(hosts_record[1]), file=sys.stderr) + print("Chosen hostname %s does not match configured canonical hostname %s" \ + % (host_name, primary_host), file=sys.stderr) + print("Please fix your /etc/hosts file and restart the installation.", file=sys.stderr) sys.exit(1) return ips @@ -597,8 +598,8 @@ def create_replica_config(dirman_password, filename, options): top_dir, dir = expand_replica_info(filename, dirman_password) except Exception as e: root_logger.error("Failed to decrypt or open the replica file.") - print "ERROR: Failed to decrypt or open the replica file." - print "Verify you entered the correct Directory Manager password." + print("ERROR: Failed to decrypt or open the replica file.") + print("Verify you entered the correct Directory Manager password.") sys.exit(1) config = ReplicaConfig(top_dir) read_replica_info(dir, config) @@ -618,7 +619,7 @@ def create_replica_config(dirman_password, filename, options): sys.exit(1) if config.host_name != host: try: - print "This replica was created for '%s' but this machine is named '%s'" % (config.host_name, host) + print("This replica was created for '%s' but this machine is named '%s'" % (config.host_name, host)) if not ipautil.user_input("This may cause problems. Continue?", False): root_logger.debug( "Replica was created for %s but machine is named %s " @@ -626,7 +627,7 @@ def create_replica_config(dirman_password, filename, options): config.host_name, host) sys.exit(0) config.host_name = host - print "" + print("") except KeyboardInterrupt: root_logger.debug("Keyboard Interrupt") sys.exit(0) @@ -734,7 +735,7 @@ def run_script(main_function, operation_name, log_file_name=None, root_logger.debug('The %s command failed, exception: %s: %s', operation_name, type(e).__name__, e) if fail_message and not isinstance(e, SystemExit): - print fail_message + print(fail_message) raise else: if return_value: @@ -748,7 +749,7 @@ def run_script(main_function, operation_name, log_file_name=None, except BaseException as error: message, exitcode = handle_error(error, log_file_name) if message: - print >> sys.stderr, message + print(message, file=sys.stderr) sys.exit(exitcode) diff --git a/ipaserver/install/ipa_cacert_manage.py b/ipaserver/install/ipa_cacert_manage.py index c991cafa1..a2242fd3d 100644 --- a/ipaserver/install/ipa_cacert_manage.py +++ b/ipaserver/install/ipa_cacert_manage.py @@ -17,6 +17,8 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. # +from __future__ import print_function + import os import time from optparse import OptionGroup @@ -178,7 +180,7 @@ class CACertManage(admintool.AdminTool): return self.renew_external_step_1(ca) def renew_self_signed(self, ca): - print "Renewing CA certificate, please wait" + print("Renewing CA certificate, please wait") try: ca.set_renewal_master() @@ -187,21 +189,21 @@ class CACertManage(admintool.AdminTool): self.resubmit_request(ca, 'caCACert') - print "CA certificate successfully renewed" + print("CA certificate successfully renewed") def renew_external_step_1(self, ca): - print "Exporting CA certificate signing request, please wait" + print("Exporting CA certificate signing request, please wait") self.resubmit_request(ca, 'ipaCSRExport') - print("The next step is to get %s signed by your CA and re-run " - "ipa-cacert-manage as:" % paths.IPA_CA_CSR) + print(("The next step is to get %s signed by your CA and re-run " + "ipa-cacert-manage as:" % paths.IPA_CA_CSR)) print("ipa-cacert-manage renew " "--external-cert-file=/path/to/signed_certificate " "--external-cert-file=/path/to/external_ca_certificate") def renew_external_step_2(self, ca, old_cert): - print "Importing the renewed CA certificate, please wait" + print("Importing the renewed CA certificate, please wait") options = self.options cert_file, ca_file = installutils.load_external_cert( @@ -297,7 +299,7 @@ class CACertManage(admintool.AdminTool): self.resubmit_request(ca, 'ipaRetrieval') - print "CA certificate successfully renewed" + print("CA certificate successfully renewed") def resubmit_request(self, ca, profile): timeout = api.env.startup_timeout + 60 @@ -320,7 +322,7 @@ class CACertManage(admintool.AdminTool): certmonger.modify(self.request_id, profile='ipaCACertRenewal') def install(self): - print "Installing CA certificate, please wait" + print("Installing CA certificate, please wait") options = self.options cert_filename = self.args[1] @@ -366,4 +368,4 @@ class CACertManage(admintool.AdminTool): raise admintool.ScriptError( "Failed to install the certificate: %s" % e) - print "CA certificate successfully installed" + print("CA certificate successfully installed") diff --git a/ipaserver/install/ipa_kra_install.py b/ipaserver/install/ipa_kra_install.py index d75a24273..ef2b2f985 100644 --- a/ipaserver/install/ipa_kra_install.py +++ b/ipaserver/install/ipa_kra_install.py @@ -18,6 +18,8 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. # +from __future__ import print_function + from textwrap import dedent from ipalib import api from ipaplatform import services @@ -156,7 +158,7 @@ class KRAInstaller(KRAInstall): def _run(self): super(KRAInstaller, self).run() - print dedent(self.INSTALLER_START_MESSAGE) + print(dedent(self.INSTALLER_START_MESSAGE)) if not self.installing_replica: replica_config = None diff --git a/ipaserver/install/ipa_ldap_updater.py b/ipaserver/install/ipa_ldap_updater.py index 8321c20a3..062bd5a43 100644 --- a/ipaserver/install/ipa_ldap_updater.py +++ b/ipaserver/install/ipa_ldap_updater.py @@ -23,6 +23,8 @@ # TODO # save undo files? +from __future__ import print_function + import os import sys @@ -75,7 +77,7 @@ class LDAPUpdater(admintool.AdminTool): try: installutils.check_server_configuration() except RuntimeError as e: - print unicode(e) + print(unicode(e)) sys.exit(1) def setup_logging(self): diff --git a/ipaserver/install/ipa_replica_prepare.py b/ipaserver/install/ipa_replica_prepare.py index b33bff631..cd780d74c 100644 --- a/ipaserver/install/ipa_replica_prepare.py +++ b/ipaserver/install/ipa_replica_prepare.py @@ -19,6 +19,7 @@ # from __future__ import absolute_import +from __future__ import print_function import os import shutil @@ -545,7 +546,7 @@ class ReplicaPrepare(admintool.AdminTool): self.log.info('Waiting for %s A or AAAA record to be resolvable', replica_fqdn) - print 'This can be safely interrupted (Ctrl+C)' + print('This can be safely interrupted (Ctrl+C)') try: while not self.check_dns(replica_fqdn): diff --git a/ipaserver/install/krbinstance.py b/ipaserver/install/krbinstance.py index 5670cc264..864615d96 100644 --- a/ipaserver/install/krbinstance.py +++ b/ipaserver/install/krbinstance.py @@ -18,6 +18,7 @@ # from __future__ import absolute_import +from __future__ import print_function import shutil import fileinput @@ -276,7 +277,7 @@ class KrbInstance(service.Service): try: ipautil.run(args, nolog=(self.master_password,), stdin=''.join(dialogue)) except ipautil.CalledProcessError as e: - print "Failed to initialize the realm container" + print("Failed to initialize the realm container") def __configure_instance(self): self.__template_file(paths.KRB5KDC_KDC_CONF, chmod=None) diff --git a/ipaserver/install/replication.py b/ipaserver/install/replication.py index 78b75503d..aa2edd172 100644 --- a/ipaserver/install/replication.py +++ b/ipaserver/install/replication.py @@ -17,6 +17,8 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. # +from __future__ import print_function + import time import datetime import sys @@ -69,7 +71,7 @@ def replica_conn_check(master_host, host_name, realm, check_ca, Does not return a value, will sys.exit() on failure. """ - print "Run connection check to master" + print("Run connection check to master") args = [paths.IPA_REPLICA_CONNCHECK, "--master", master_host, "--auto-master-check", "--realm", realm, "--principal", "admin", @@ -90,7 +92,7 @@ def replica_conn_check(master_host, host_name, realm, check_ca, "\nPlease fix your network settings according to error messages above." + "\nIf the check results are not valid it can be skipped with --skip-conncheck parameter.") else: - print "Connection check OK" + print("Connection check OK") def enable_replication_version_checking(hostname, realm, dirman_passwd): """ @@ -158,7 +160,7 @@ def wait_for_entry(connection, entry, timeout=7200, attr='', quiet=True): except errors.NotFound: pass # no entry yet except Exception as e: # badness - print "\nError reading entry", dn, e + print("\nError reading entry", dn, e) break if not entry: if not quiet: @@ -167,11 +169,11 @@ def wait_for_entry(connection, entry, timeout=7200, attr='', quiet=True): time.sleep(1) if not entry and int(time.time()) > timeout: - print "\nwait_for_entry timeout for %s for %s" % (connection, dn) + print("\nwait_for_entry timeout for %s for %s" % (connection, dn)) elif entry and not quiet: - print "\nThe waited for entry is:", entry + print("\nThe waited for entry is:", entry) elif not entry: - print "\nError: could not read entry %s from %s" % (dn, connection) + print("\nError: could not read entry %s from %s" % (dn, connection)) class ReplicationManager(object): @@ -501,7 +503,7 @@ class ReplicationManager(object): except errors.DuplicateEntry: benum += 1 except errors.ExecutionError as e: - print "Could not add backend entry " + dn, e + print("Could not add backend entry " + dn, e) raise return cn @@ -556,13 +558,13 @@ class ReplicationManager(object): def add_passsync_user(self, conn, password): pass_dn = DN(('uid', 'passsync'), ('cn', 'sysaccounts'), ('cn', 'etc'), self.suffix) - print "The user for the Windows PassSync service is %s" % pass_dn + print("The user for the Windows PassSync service is %s" % pass_dn) try: conn.get_entry(pass_dn) - print "Windows PassSync system account exists, not resetting password" + print("Windows PassSync system account exists, not resetting password") except errors.NotFound: # The user doesn't exist, add it - print "Adding Windows PassSync system account" + print("Adding Windows PassSync system account") entry = conn.make_entry( pass_dn, objectclass=["account", "simplesecurityobject"], @@ -855,7 +857,7 @@ class ReplicationManager(object): 'nsds5ReplicaLastInitEnd'] entry = conn.get_entry(agmtdn, attrlist) if not entry: - print "Error reading status from agreement", agmtdn + print("Error reading status from agreement", agmtdn) hasError = 1 else: refresh = entry.single_value.get('nsds5BeginReplicaRefresh') @@ -863,18 +865,18 @@ class ReplicationManager(object): status = entry.single_value.get('nsds5ReplicaLastInitStatus') if not refresh: # done - check status if not status: - print "No status yet" + print("No status yet") elif status.find("replica busy") > -1: - print "[%s] reports: Replica Busy! Status: [%s]" % (conn.host, status) + print("[%s] reports: Replica Busy! Status: [%s]" % (conn.host, status)) done = True hasError = 2 elif status.find("Total update succeeded") > -1: - print "\nUpdate succeeded" + print("\nUpdate succeeded") done = True elif inprogress.lower() == 'true': - print "\nUpdate in progress yet not in progress" + print("\nUpdate in progress yet not in progress") else: - print "\n[%s] reports: Update failed! Status: [%s]" % (conn.host, status) + print("\n[%s] reports: Update failed! Status: [%s]" % (conn.host, status)) hasError = 1 done = True else: @@ -895,7 +897,7 @@ class ReplicationManager(object): 'nsds5ReplicaLastUpdateEnd'] entry = conn.get_entry(agmtdn, attrlist) if not entry: - print "Error reading status from agreement", agmtdn + print("Error reading status from agreement", agmtdn) hasError = 1 else: inprogress = entry.single_value.get('nsds5replicaUpdateInProgress') @@ -930,7 +932,7 @@ class ReplicationManager(object): while not done and not haserror: time.sleep(1) # give it a few seconds to get going done, haserror = self.check_repl_init(conn, agmtdn, start) - print "" + print("") return haserror def wait_for_repl_update(self, conn, agmtdn, maxtries=600): @@ -942,12 +944,12 @@ class ReplicationManager(object): done, haserror, error_message = self.check_repl_update(conn, agmtdn) maxtries -= 1 if maxtries == 0: # too many tries - print "Error: timeout: could not determine agreement status: please check your directory server logs for possible errors" + print("Error: timeout: could not determine agreement status: please check your directory server logs for possible errors") haserror = 1 return haserror, error_message def start_replication(self, conn, hostname=None, master=None): - print "Starting replication, please wait until this has completed." + print("Starting replication, please wait until this has completed.") if hostname == None: hostname = self.conn.host cn, dn = self.agreement_dn(hostname, master) @@ -1443,11 +1445,11 @@ class ReplicationManager(object): try: self.conn.add_entry(e) except errors.DuplicateEntry: - print "CLEANALLRUV task for replica id %d already exists." % replicaId + print("CLEANALLRUV task for replica id %d already exists." % replicaId) else: - print "Background task created to clean replication data. This may take a while." + print("Background task created to clean replication data. This may take a while.") - print "This may be safely interrupted with Ctrl+C" + print("This may be safely interrupted with Ctrl+C") wait_for_task(self.conn, dn) @@ -1471,11 +1473,11 @@ class ReplicationManager(object): try: self.conn.add_entry(e) except errors.DuplicateEntry: - print "An abort CLEANALLRUV task for replica id %d already exists." % replicaId + print("An abort CLEANALLRUV task for replica id %d already exists." % replicaId) else: - print "Background task created. This may take a while." + print("Background task created. This may take a while.") - print "This may be safely interrupted with Ctrl+C" + print("This may be safely interrupted with Ctrl+C") wait_for_task(self.conn, dn) diff --git a/ipaserver/install/server/install.py b/ipaserver/install/server/install.py index 3feaf8fce..dfaf67d0d 100644 --- a/ipaserver/install/server/install.py +++ b/ipaserver/install/server/install.py @@ -2,6 +2,8 @@ # Copyright (C) 2015 FreeIPA Contributors see COPYING for license # +from __future__ import print_function + import os import pickle import pwd @@ -150,35 +152,35 @@ def write_cache(options): def read_host_name(host_default, no_host_dns=False): host_name = "" - print "Enter the fully qualified domain name of the computer" - print "on which you're setting up server software. Using the form" - print "<hostname>.<domainname>" - print "Example: master.example.com." - print "" - print "" + print("Enter the fully qualified domain name of the computer") + print("on which you're setting up server software. Using the form") + print("<hostname>.<domainname>") + print("Example: master.example.com.") + print("") + print("") if host_default == "": host_default = "master.example.com" host_name = user_input("Server host name", host_default, allow_empty=False) - print "" + print("") verify_fqdn(host_name, no_host_dns) return host_name def read_domain_name(domain_name, unattended): - print "The domain name has been determined based on the host name." - print "" + print("The domain name has been determined based on the host name.") + print("") if not unattended: domain_name = str(user_input("Please confirm the domain name", domain_name)) - print "" + print("") return domain_name def read_realm_name(domain_name, unattended): - print "The kerberos protocol requires a Realm name to be defined." - print "This is typically the domain name converted to uppercase." - print "" + print("The kerberos protocol requires a Realm name to be defined.") + print("This is typically the domain name converted to uppercase.") + print("") if unattended: return domain_name.upper() @@ -186,27 +188,27 @@ def read_realm_name(domain_name, unattended): domain_name.upper())) upper_dom = realm_name.upper() if upper_dom != realm_name: - print "An upper-case realm name is required." + print("An upper-case realm name is required.") if not user_input("Do you want to use " + upper_dom + " as realm name?", True): - print "" - print "An upper-case realm name is required. Unable to continue." + print("") + print("An upper-case realm name is required. Unable to continue.") sys.exit(1) else: realm_name = upper_dom - print "" + print("") return realm_name def read_dm_password(): - print "Certain directory server operations require an administrative user." + print("Certain directory server operations require an administrative user.") print("This user is referred to as the Directory Manager and has full " "access") print("to the Directory for system management tasks and will be added to " "the") - print "instance of directory server created for IPA." - print "The password must be at least 8 characters long." - print "" + print("instance of directory server created for IPA.") + print("The password must be at least 8 characters long.") + print("") # TODO: provide the option of generating a random password dm_password = read_password("Directory Manager", validator=validate_dm_password) @@ -214,10 +216,10 @@ def read_dm_password(): def read_admin_password(): - print "The IPA server requires an administrative user, named 'admin'." + print("The IPA server requires an administrative user, named 'admin'.") print("This user is a regular system account used for IPA server " "administration.") - print "" + print("") # TODO: provide the option of generating a random password admin_password = read_password("IPA admin", validator=validate_admin_password) @@ -227,12 +229,12 @@ def read_admin_password(): def check_dirsrv(unattended): (ds_unsecure, ds_secure) = dsinstance.check_ports() if not ds_unsecure or not ds_secure: - print "IPA requires ports 389 and 636 for the Directory Server." - print "These are currently in use:" + print("IPA requires ports 389 and 636 for the Directory Server.") + print("These are currently in use:") if not ds_unsecure: - print "\t389" + print("\t389") if not ds_secure: - print "\t636" + print("\t636") sys.exit(1) @@ -264,9 +266,9 @@ def common_cleanup(func): success = True except KeyboardInterrupt: ds = installer._ds - print "\nCleaning up..." + print("\nCleaning up...") if ds: - print "Removing configuration for %s instance" % ds.serverid + print("Removing configuration for %s instance" % ds.serverid) ds.stop() if ds.serverid: try: @@ -310,7 +312,7 @@ def install_check(installer): "KDC master password of sufficient strength is autogenerated " "during IPA server installation and should not be set " "manually.") - print textwrap.fill(msg, width=79, replace_whitespace=False) + print(textwrap.fill(msg, width=79, replace_whitespace=False)) installer._installation_cleanup = True @@ -368,31 +370,31 @@ def install_check(installer): print("=======================================" "=======================================") - print "This program will set up the FreeIPA Server." - print "" - print "This includes:" + print("This program will set up the FreeIPA Server.") + print("") + print("This includes:") if setup_ca: print(" * Configure a stand-alone CA (dogtag) for certificate " "management") if setup_kra: - print " * Configure a stand-alone KRA (dogtag) for key storage" + print(" * Configure a stand-alone KRA (dogtag) for key storage") if not options.no_ntp: - print " * Configure the Network Time Daemon (ntpd)" - print " * Create and configure an instance of Directory Server" - print " * Create and configure a Kerberos Key Distribution Center (KDC)" - print " * Configure Apache (httpd)" + print(" * Configure the Network Time Daemon (ntpd)") + print(" * Create and configure an instance of Directory Server") + print(" * Create and configure a Kerberos Key Distribution Center (KDC)") + print(" * Configure Apache (httpd)") if options.setup_dns: - print " * Configure DNS (bind)" + print(" * Configure DNS (bind)") if not options.no_pkinit: - print " * Configure the KDC to enable PKINIT" + print(" * Configure the KDC to enable PKINIT") if options.no_ntp: - print "" - print "Excluded by options:" - print " * Configure the Network Time Daemon (ntpd)" + print("") + print("Excluded by options:") + print(" * Configure the Network Time Daemon (ntpd)") if installer.interactive: - print "" - print "To accept the default shown in brackets, press the Enter key." - print "" + print("") + print("To accept the default shown in brackets, press the Enter key.") + print("") if not options.external_cert_files: # Make sure the 389-ds ports are available @@ -402,10 +404,10 @@ def install_check(installer): try: ipaclient.ntpconf.check_timedate_services() except ipaclient.ntpconf.NTPConflictingService as e: - print("WARNING: conflicting time&date synchronization service '%s'" - " will be disabled" % e.conflicting_service) - print "in favor of ntpd" - print "" + print(("WARNING: conflicting time&date synchronization service '%s'" + " will be disabled" % e.conflicting_service)) + print("in favor of ntpd") + print("") except ipaclient.ntpconf.NTPConfigurationError: pass @@ -417,7 +419,7 @@ def install_check(installer): if ipautil.user_input("Do you want to configure integrated DNS " "(BIND)?", False): options.setup_dns = True - print "" + print("") # check bind packages are installed if options.setup_dns: @@ -449,13 +451,13 @@ def install_check(installer): system_hostname = get_fqdn() if host_name != system_hostname: - print >>sys.stderr - print >>sys.stderr, ("Warning: hostname %s does not match system " - "hostname %s." % (host_name, system_hostname)) - print >>sys.stderr, ("System hostname will be updated during the " - "installation process") - print >>sys.stderr, "to prevent service failures." - print >>sys.stderr + print(file=sys.stderr) + print(("Warning: hostname %s does not match system " + "hostname %s." % (host_name, system_hostname)), file=sys.stderr) + print(("System hostname will be updated during the " + "installation process"), file=sys.stderr) + print("to prevent service failures.", file=sys.stderr) + print(file=sys.stderr) if not options.domain_name: domain_name = read_domain_name(host_name[host_name.find(".")+1:], @@ -601,7 +603,7 @@ def install_check(installer): try: kra.install_check(api, None, options) except RuntimeError as e: - print str(e) + print(str(e)) sys.exit(1) if options.setup_dns: @@ -612,25 +614,25 @@ def install_check(installer): not installer.interactive, False, options.ip_addresses) - print - print "The IPA Master Server will be configured with:" - print "Hostname: %s" % host_name - print "IP address(es): %s" % ", ".join(str(ip) for ip in ip_addresses) - print "Domain name: %s" % domain_name - print "Realm name: %s" % realm_name - print + print() + print("The IPA Master Server will be configured with:") + print("Hostname: %s" % host_name) + print("IP address(es): %s" % ", ".join(str(ip) for ip in ip_addresses)) + print("Domain name: %s" % domain_name) + print("Realm name: %s" % realm_name) + print() if options.setup_dns: - print "BIND DNS server will be configured to serve IPA domain with:" - print "Forwarders: %s" % ( + print("BIND DNS server will be configured to serve IPA domain with:") + print("Forwarders: %s" % ( "No forwarders" if not dns.dns_forwarders else ", ".join([str(ip) for ip in dns.dns_forwarders]) - ) - print "Reverse zone(s): %s" % ( + )) + print("Reverse zone(s): %s" % ( "No reverse zone" if options.no_reverse or not dns.reverse_zones else ", ".join(str(rz) for rz in dns.reverse_zones) - ) - print + )) + print() # If domain name and realm does not match, IPA server will not be able # to estabilish trust with Active Directory. Print big fat warning. @@ -700,10 +702,10 @@ def install(installer): installer._installation_cleanup = False if installer.interactive: - print "" - print "The following operations may take some minutes to complete." - print "Please wait until the prompt is returned." - print "" + print("") + print("The following operations may take some minutes to complete.") + print("Please wait until the prompt is returned.") + print("") system_hostname = get_fqdn() if host_name != system_hostname: @@ -891,45 +893,45 @@ def install(installer): print("=======================================" "=======================================") - print "Setup complete" - print "" - print "Next steps:" - print "\t1. You must make sure these network ports are open:" - print "\t\tTCP Ports:" - print "\t\t * 80, 443: HTTP/HTTPS" - print "\t\t * 389, 636: LDAP/LDAPS" - print "\t\t * 88, 464: kerberos" + print("Setup complete") + print("") + print("Next steps:") + print("\t1. You must make sure these network ports are open:") + print("\t\tTCP Ports:") + print("\t\t * 80, 443: HTTP/HTTPS") + print("\t\t * 389, 636: LDAP/LDAPS") + print("\t\t * 88, 464: kerberos") if options.setup_dns: - print "\t\t * 53: bind" - print "\t\tUDP Ports:" - print "\t\t * 88, 464: kerberos" + print("\t\t * 53: bind") + print("\t\tUDP Ports:") + print("\t\t * 88, 464: kerberos") if options.setup_dns: - print "\t\t * 53: bind" + print("\t\t * 53: bind") if not options.no_ntp: - print "\t\t * 123: ntp" - print "" + print("\t\t * 123: ntp") + print("") print("\t2. You can now obtain a kerberos ticket using the command: " "'kinit admin'") print("\t This ticket will allow you to use the IPA tools (e.g., ipa " "user-add)") - print "\t and the web user interface." + print("\t and the web user interface.") if not services.knownservices.ntpd.is_running(): - print "\t3. Kerberos requires time synchronization between clients" + print("\t3. Kerberos requires time synchronization between clients") print("\t and servers for correct operation. You should consider " "enabling ntpd.") - print "" + print("") if setup_ca: - print("Be sure to back up the CA certificates stored in " + - paths.CACERT_P12) + print(("Be sure to back up the CA certificates stored in " + + paths.CACERT_P12)) if setup_kra: - print "and the KRA certificates stored in " + paths.KRACERT_P12 + print("and the KRA certificates stored in " + paths.KRACERT_P12) print("These files are required to create replicas. The password for " "these") - print "files is the Directory Manager password" + print("files is the Directory Manager password") else: - print "In order for Firefox autoconfiguration to work you will need to" + print("In order for Firefox autoconfiguration to work you will need to") print("use a SSL signing certificate. See the IPA documentation for " "more details.") @@ -948,7 +950,7 @@ def uninstall_check(installer): "KDC master password of sufficient strength is autogenerated " "during IPA server installation and should not be set " "manually.") - print textwrap.fill(msg, width=79, replace_whitespace=False) + print(textwrap.fill(msg, width=79, replace_whitespace=False)) installer._installation_cleanup = False @@ -972,8 +974,8 @@ def uninstall_check(installer): "and configuration!\n") if not user_input("Are you sure you want to continue with the " "uninstall procedure?", False): - print "" - print "Aborting uninstall operation." + print("") + print("Aborting uninstall operation.") sys.exit(1) try: @@ -988,7 +990,7 @@ def uninstall_check(installer): "information about replication agreements. Uninstallation " "will continue despite the possible existing replication " "agreements.\n\n") - print textwrap.fill(msg, width=80, replace_whitespace=False) + print(textwrap.fill(msg, width=80, replace_whitespace=False)) else: api.Backend.ldap2.connect(autobind=True) dns.uninstall_check(options) @@ -1012,13 +1014,13 @@ def uninstall_check(installer): other_masters) ) cmd = "$ ipa-replica-manage del %s\n" % api.env.host - print textwrap.fill(msg, width=80, replace_whitespace=False) - print cmd + print(textwrap.fill(msg, width=80, replace_whitespace=False)) + print(cmd) if (installer.interactive and not user_input("Are you sure you want to continue with the " "uninstall procedure?", False)): - print "" - print "Aborting uninstall operation." + print("") + print("Aborting uninstall operation.") sys.exit(1) installer._fstore = fstore @@ -1032,7 +1034,7 @@ def uninstall(installer): rv = 0 - print "Shutting down all IPA services" + print("Shutting down all IPA services") try: (stdout, stderr, rc) = run([paths.IPACTL, "stop"], raiseonerr=False) except Exception as e: @@ -1041,7 +1043,7 @@ def uninstall(installer): # Need to get dogtag info before /etc/ipa/default.conf is removed dogtag_constants = dogtag.configured_constants() - print "Removing IPA client configuration" + print("Removing IPA client configuration") try: (stdout, stderr, rc) = run([paths.IPA_CLIENT_INSTALL, "--on-master", "--unattended", "--uninstall"], @@ -1051,8 +1053,8 @@ def uninstall(installer): raise RuntimeError(stdout) except Exception as e: rv = 1 - print "Uninstall of client side components failed!" - print "ipa-client-install returned: " + str(e) + print("Uninstall of client side components failed!") + print("ipa-client-install returned: " + str(e)) ntpinstance.NTPInstance(fstore).uninstall() diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py index 664a0baa0..bd78c75d0 100644 --- a/ipaserver/install/server/replicainstall.py +++ b/ipaserver/install/server/replicainstall.py @@ -2,6 +2,8 @@ # Copyright (C) 2015 FreeIPA Contributors see COPYING for license # +from __future__ import print_function + import dns.exception as dnsexception import dns.name as dnsname import dns.resolver as dnsresolver @@ -107,7 +109,7 @@ def install_ca_cert(ldap, base_dn, realm, cafile): os.chmod(constants.CACERT, 0o444) except Exception as e: - print "error copying files: " + str(e) + print("error copying files: " + str(e)) sys.exit(1) @@ -138,7 +140,7 @@ def install_http(config, auto_redirect): shutil.copy(config.dir + "/configure.jar", paths.CONFIGURE_JAR) except Exception as e: - print "error copying files: " + str(e) + print("error copying files: " + str(e)) sys.exit(1) http.setup_firefox_extension(config.realm_name, config.domain_name) @@ -180,12 +182,12 @@ def install_dns_records(config, options, remote_api): def check_dirsrv(): (ds_unsecure, ds_secure) = dsinstance.check_ports() if not ds_unsecure or not ds_secure: - print "IPA requires ports 389 and 636 for the Directory Server." - print "These are currently in use:" + print("IPA requires ports 389 and 636 for the Directory Server.") + print("These are currently in use:") if not ds_unsecure: - print "\t389" + print("\t389") if not ds_secure: - print "\t636" + print("\t636") sys.exit(1) @@ -334,10 +336,10 @@ def install_check(installer): try: ipaclient.ntpconf.check_timedate_services() except ipaclient.ntpconf.NTPConflictingService as e: - print("WARNING: conflicting time&date synchronization service '%s'" - " will" % e.conflicting_service) - print "be disabled in favor of ntpd" - print "" + print(("WARNING: conflicting time&date synchronization service '%s'" + " will" % e.conflicting_service)) + print("be disabled in favor of ntpd") + print("") except ipaclient.ntpconf.NTPConfigurationError: pass @@ -416,9 +418,9 @@ def install_check(installer): 'host already exists.') print('A replication agreement for this host already exists. ' 'It needs to be removed.') - print "Run this on the master that generated the info file:" - print(" %% ipa-replica-manage del %s --force" % - config.host_name) + print("Run this on the master that generated the info file:") + print((" %% ipa-replica-manage del %s --force" % + config.host_name)) sys.exit(3) # Detect the current domain level @@ -455,10 +457,10 @@ def install_check(installer): else: root_logger.info('Error: Host %s already exists on the master ' 'server.' % config.host_name) - print('The host %s already exists on the master server.' % - config.host_name) - print "You should remove it before proceeding:" - print " %% ipa host-del %s" % config.host_name + print(('The host %s already exists on the master server.' % + config.host_name)) + print("You should remove it before proceeding:") + print(" %% ipa host-del %s" % config.host_name) sys.exit(3) dns_masters = remote_api.Object['dnsrecord'].get_dns_masters() @@ -486,7 +488,7 @@ def install_check(installer): try: kra.install_check(remote_api, config, options) except RuntimeError as e: - print str(e) + print(str(e)) sys.exit(1) except errors.ACIError: sys.exit("\nThe password provided is incorrect for LDAP server " @@ -629,8 +631,8 @@ def install(installer): args.append("--mkhomedir") ipautil.run(args) except Exception as e: - print "Configuration of client side components failed!" - print "ipa-client-install returned: " + str(e) + print("Configuration of client side components failed!") + print("ipa-client-install returned: " + str(e)) raise RuntimeError("Failed to configure the client") ds.replica_populate() diff --git a/ipaserver/install/server/upgrade.py b/ipaserver/install/server/upgrade.py index cb92250e4..093aee878 100644 --- a/ipaserver/install/server/upgrade.py +++ b/ipaserver/install/server/upgrade.py @@ -2,6 +2,8 @@ # Copyright (C) 2015 FreeIPA Contributors see COPYING for license # +from __future__ import print_function + import re import os import shutil @@ -1540,7 +1542,7 @@ def upgrade_check(options): try: installutils.check_server_configuration() except RuntimeError as e: - print unicode(e) + print(unicode(e)) sys.exit(1) if not services.knownservices.certmonger.is_running(): @@ -1587,7 +1589,7 @@ def upgrade(): # store new data version after upgrade installutils.store_version() - print 'Upgrading IPA services' + print('Upgrading IPA services') root_logger.info('Upgrading the configuration of the IPA services') upgrade_configuration() root_logger.info('The IPA services were upgraded') |