diff options
| author | Martin Basti <mbasti@redhat.com> | 2015-03-17 16:11:48 +0100 |
|---|---|---|
| committer | Petr Vobornik <pvoborni@redhat.com> | 2015-04-14 19:25:47 +0200 |
| commit | 13c4631813b7e8ac4afc8d5f350ef136c7107d89 (patch) | |
| tree | 1131128a954c1a8f82c5996d15b2d8b3223e9e0c | |
| parent | e537fd202e23a507dd0c43d2dfdf88fd6921e183 (diff) | |
| download | freeipa-13c4631813b7e8ac4afc8d5f350ef136c7107d89.tar.gz freeipa-13c4631813b7e8ac4afc8d5f350ef136c7107d89.tar.xz freeipa-13c4631813b7e8ac4afc8d5f350ef136c7107d89.zip | |
Server Upgrade: use only LDAPI connection
Use only ldapi connection to execute upgrade
https://fedorahosted.org/freeipa/ticket/4904
Reviewed-By: David Kupka <dkupka@redhat.com>
| -rw-r--r-- | install/tools/man/ipa-ldap-updater.1 | 9 | ||||
| -rw-r--r-- | ipaserver/install/ipa_ldap_updater.py | 33 | ||||
| -rw-r--r-- | ipaserver/install/ldapupdate.py | 2 |
3 files changed, 3 insertions, 41 deletions
diff --git a/install/tools/man/ipa-ldap-updater.1 b/install/tools/man/ipa-ldap-updater.1 index 5ab77e047..83da26d5d 100644 --- a/install/tools/man/ipa-ldap-updater.1 +++ b/install/tools/man/ipa-ldap-updater.1 @@ -81,21 +81,12 @@ Schema files should be in LDIF format, and may only specify attributeTypes and o \fB\-d\fR, \fB\-\-debug\fR Enable debug logging when more verbose output is needed .TP -\fB\-y\fR -File containing the Directory Manager password -.TP -\fB\-l\fR, \fB\-\-ldapi\fR -Connect to the LDAP server using the ldapi socket -.TP \fB\-p\fR, \fB\-\-plugins\fR Execute update plugins as well as any update files. There is no way to execute only the plugins. .TP \fB\-u\fR, \fB\-\-upgrade\fR Upgrade an installed server in offline mode (implies \-\-ldapi, \-\-plugins, and \-\-schema) .TP -\fB\-W\fR, \fB\-\-password\fR -Prompt for the Directory Manager password -.TP \fB\-s\fR, \fB\-\-schema\fR Also update the LDAP schema. If no \-\-schema-file is specified, update to the built-in IPA schema. .TP diff --git a/ipaserver/install/ipa_ldap_updater.py b/ipaserver/install/ipa_ldap_updater.py index 3d6c80437..95688c591 100644 --- a/ipaserver/install/ipa_ldap_updater.py +++ b/ipaserver/install/ipa_ldap_updater.py @@ -45,12 +45,6 @@ class LDAPUpdater(admintool.AdminTool): @classmethod def add_options(cls, parser): super(LDAPUpdater, cls).add_options(parser, debug_option=True) - - parser.add_option("-y", dest="password", - help="file containing the Directory Manager password") - parser.add_option("-l", '--ldapi', action="store_true", dest="ldapi", - default=False, - help="connect to the LDAP server using the ldapi socket") parser.add_option("-u", '--upgrade', action="store_true", dest="upgrade", default=False, help="upgrade an installed server in offline mode") @@ -65,9 +59,6 @@ class LDAPUpdater(admintool.AdminTool): parser.add_option("-S", '--schema-file', action="append", dest="schema_files", help="custom schema ldif file to use (implies -s)") - parser.add_option("-W", '--password', action="store_true", - dest="ask_password", - help="prompt for the Directory Manager password") @classmethod def get_command_class(cls, options, args): @@ -96,12 +87,6 @@ class LDAPUpdater(admintool.AdminTool): print "IPA is not configured on this system." sys.exit(1) - if options.password: - pw = ipautil.template_file(options.password, []) - self.dirman_password = pw.strip() - else: - self.dirman_password = None - if options.schema_files or not self.files: options.update_schema = True if not options.schema_files: @@ -171,18 +156,6 @@ class LDAPUpdater_NonUpgrade(LDAPUpdater): # Can't log to the default file as non-root self.log_file_name = None - def ask_for_options(self): - super(LDAPUpdater_NonUpgrade, self).ask_for_options() - options = self.options - if not self.dirman_password: - if options.ask_password or not options.ldapi: - password = installutils.read_password("Directory Manager", - confirm=False, validate=False) - if password is None: - raise admintool.ScriptError( - "Directory Manager password required") - self.dirman_password = password - def run(self): super(LDAPUpdater_NonUpgrade, self).run() options = self.options @@ -192,13 +165,11 @@ class LDAPUpdater_NonUpgrade(LDAPUpdater): if options.update_schema: modified = schemaupdate.update_schema( options.schema_files, - dm_password=self.dirman_password, - ldapi=options.ldapi) or modified + ldapi=True) or modified ld = LDAPUpdate( - dm_password=self.dirman_password, sub_dict={}, - ldapi=options.ldapi, + ldapi=True, plugins=options.plugins or self.run_plugins) if not self.files: diff --git a/ipaserver/install/ldapupdate.py b/ipaserver/install/ldapupdate.py index 199b23ba8..077de3bd6 100644 --- a/ipaserver/install/ldapupdate.py +++ b/ipaserver/install/ldapupdate.py @@ -112,7 +112,7 @@ def safe_output(attr, values): class LDAPUpdate: action_keywords = ["default", "add", "remove", "only", "onlyifexist", "deleteentry", "replace", "addifnew", "addifexist"] - def __init__(self, dm_password, sub_dict={}, + def __init__(self, dm_password=None, sub_dict={}, online=True, ldapi=False, plugins=False): ''' :parameters: |