summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMartin Basti <mbasti@redhat.com>2015-03-17 16:11:48 +0100
committerPetr Vobornik <pvoborni@redhat.com>2015-04-14 19:25:47 +0200
commit13c4631813b7e8ac4afc8d5f350ef136c7107d89 (patch)
tree1131128a954c1a8f82c5996d15b2d8b3223e9e0c
parente537fd202e23a507dd0c43d2dfdf88fd6921e183 (diff)
downloadfreeipa-13c4631813b7e8ac4afc8d5f350ef136c7107d89.tar.gz
freeipa-13c4631813b7e8ac4afc8d5f350ef136c7107d89.tar.xz
freeipa-13c4631813b7e8ac4afc8d5f350ef136c7107d89.zip
Server Upgrade: use only LDAPI connection
Use only ldapi connection to execute upgrade https://fedorahosted.org/freeipa/ticket/4904 Reviewed-By: David Kupka <dkupka@redhat.com>
-rw-r--r--install/tools/man/ipa-ldap-updater.19
-rw-r--r--ipaserver/install/ipa_ldap_updater.py33
-rw-r--r--ipaserver/install/ldapupdate.py2
3 files changed, 3 insertions, 41 deletions
diff --git a/install/tools/man/ipa-ldap-updater.1 b/install/tools/man/ipa-ldap-updater.1
index 5ab77e047..83da26d5d 100644
--- a/install/tools/man/ipa-ldap-updater.1
+++ b/install/tools/man/ipa-ldap-updater.1
@@ -81,21 +81,12 @@ Schema files should be in LDIF format, and may only specify attributeTypes and o
\fB\-d\fR, \fB\-\-debug\fR
Enable debug logging when more verbose output is needed
.TP
-\fB\-y\fR
-File containing the Directory Manager password
-.TP
-\fB\-l\fR, \fB\-\-ldapi\fR
-Connect to the LDAP server using the ldapi socket
-.TP
\fB\-p\fR, \fB\-\-plugins\fR
Execute update plugins as well as any update files. There is no way to execute only the plugins.
.TP
\fB\-u\fR, \fB\-\-upgrade\fR
Upgrade an installed server in offline mode (implies \-\-ldapi, \-\-plugins, and \-\-schema)
.TP
-\fB\-W\fR, \fB\-\-password\fR
-Prompt for the Directory Manager password
-.TP
\fB\-s\fR, \fB\-\-schema\fR
Also update the LDAP schema. If no \-\-schema-file is specified, update to the built-in IPA schema.
.TP
diff --git a/ipaserver/install/ipa_ldap_updater.py b/ipaserver/install/ipa_ldap_updater.py
index 3d6c80437..95688c591 100644
--- a/ipaserver/install/ipa_ldap_updater.py
+++ b/ipaserver/install/ipa_ldap_updater.py
@@ -45,12 +45,6 @@ class LDAPUpdater(admintool.AdminTool):
@classmethod
def add_options(cls, parser):
super(LDAPUpdater, cls).add_options(parser, debug_option=True)
-
- parser.add_option("-y", dest="password",
- help="file containing the Directory Manager password")
- parser.add_option("-l", '--ldapi', action="store_true", dest="ldapi",
- default=False,
- help="connect to the LDAP server using the ldapi socket")
parser.add_option("-u", '--upgrade', action="store_true",
dest="upgrade", default=False,
help="upgrade an installed server in offline mode")
@@ -65,9 +59,6 @@ class LDAPUpdater(admintool.AdminTool):
parser.add_option("-S", '--schema-file', action="append",
dest="schema_files",
help="custom schema ldif file to use (implies -s)")
- parser.add_option("-W", '--password', action="store_true",
- dest="ask_password",
- help="prompt for the Directory Manager password")
@classmethod
def get_command_class(cls, options, args):
@@ -96,12 +87,6 @@ class LDAPUpdater(admintool.AdminTool):
print "IPA is not configured on this system."
sys.exit(1)
- if options.password:
- pw = ipautil.template_file(options.password, [])
- self.dirman_password = pw.strip()
- else:
- self.dirman_password = None
-
if options.schema_files or not self.files:
options.update_schema = True
if not options.schema_files:
@@ -171,18 +156,6 @@ class LDAPUpdater_NonUpgrade(LDAPUpdater):
# Can't log to the default file as non-root
self.log_file_name = None
- def ask_for_options(self):
- super(LDAPUpdater_NonUpgrade, self).ask_for_options()
- options = self.options
- if not self.dirman_password:
- if options.ask_password or not options.ldapi:
- password = installutils.read_password("Directory Manager",
- confirm=False, validate=False)
- if password is None:
- raise admintool.ScriptError(
- "Directory Manager password required")
- self.dirman_password = password
-
def run(self):
super(LDAPUpdater_NonUpgrade, self).run()
options = self.options
@@ -192,13 +165,11 @@ class LDAPUpdater_NonUpgrade(LDAPUpdater):
if options.update_schema:
modified = schemaupdate.update_schema(
options.schema_files,
- dm_password=self.dirman_password,
- ldapi=options.ldapi) or modified
+ ldapi=True) or modified
ld = LDAPUpdate(
- dm_password=self.dirman_password,
sub_dict={},
- ldapi=options.ldapi,
+ ldapi=True,
plugins=options.plugins or self.run_plugins)
if not self.files:
diff --git a/ipaserver/install/ldapupdate.py b/ipaserver/install/ldapupdate.py
index 199b23ba8..077de3bd6 100644
--- a/ipaserver/install/ldapupdate.py
+++ b/ipaserver/install/ldapupdate.py
@@ -112,7 +112,7 @@ def safe_output(attr, values):
class LDAPUpdate:
action_keywords = ["default", "add", "remove", "only", "onlyifexist", "deleteentry", "replace", "addifnew", "addifexist"]
- def __init__(self, dm_password, sub_dict={},
+ def __init__(self, dm_password=None, sub_dict={},
online=True, ldapi=False, plugins=False):
'''
:parameters: