diff options
| author | Martin Basti <mbasti@redhat.com> | 2014-08-28 19:27:44 +0200 |
|---|---|---|
| committer | Martin Kosek <mkosek@redhat.com> | 2014-09-26 13:36:04 +0200 |
| commit | 66ce71f17a689bcad03022e3df6bbdf0fada2ab8 (patch) | |
| tree | cb441ba2bf02ed9ba4248cc9c54ee629adaf84ca | |
| parent | 29ba9d9d26b92498902d40d71adae193308b5c92 (diff) | |
| download | freeipa-66ce71f17a689bcad03022e3df6bbdf0fada2ab8.tar.gz freeipa-66ce71f17a689bcad03022e3df6bbdf0fada2ab8.tar.xz freeipa-66ce71f17a689bcad03022e3df6bbdf0fada2ab8.zip | |
LDAP disable service
This patch allows to disable service in LDAP (ipactl will not start it)
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
| -rw-r--r-- | ipaserver/install/service.py | 67 |
1 files changed, 66 insertions, 1 deletions
diff --git a/ipaserver/install/service.py b/ipaserver/install/service.py index 8fb802099..d095fe041 100644 --- a/ipaserver/install/service.py +++ b/ipaserver/install/service.py @@ -392,6 +392,32 @@ class Service(object): self.ldap_connect() entry_name = DN(('cn', name), ('cn', fqdn), ('cn', 'masters'), ('cn', 'ipa'), ('cn', 'etc'), ldap_suffix) + + # enable disabled service + try: + entry = self.admin_conn.get_entry(entry_name, ['ipaConfigString']) + except errors.NotFound: + pass + else: + if any(u'enabledservice' == val.lower() + for val in entry.get('ipaConfigString', [])): + root_logger.debug("service %s startup entry already enabled", name) + return + + entry.setdefault('ipaConfigString', []).append(u'enabledService') + + try: + self.admin_conn.update_entry(entry) + except errors.EmptyModlist: + root_logger.debug("service %s startup entry already enabled", name) + return + except: + root_logger.debug("failed to enable service %s startup entry", name) + raise + + root_logger.debug("service %s startup entry enabled", name) + return + order = SERVICE_LIST[name][1] entry = self.admin_conn.make_entry( entry_name, @@ -404,9 +430,48 @@ class Service(object): try: self.admin_conn.add_entry(entry) except (errors.DuplicateEntry), e: - root_logger.debug("failed to add %s Service startup entry" % name) + root_logger.debug("failed to add service %s startup entry", name) raise e + def ldap_disable(self, name, fqdn, ldap_suffix): + assert isinstance(ldap_suffix, DN) + if not self.admin_conn: + self.ldap_connect() + + entry_dn = DN(('cn', name), ('cn', fqdn), ('cn', 'masters'), + ('cn', 'ipa'), ('cn', 'etc'), ldap_suffix) + search_kw = {'ipaConfigString': u'enabledService'} + filter = self.admin_conn.make_filter(search_kw) + try: + entries, truncated = self.admin_conn.find_entries( + filter=filter, + attrs_list=['ipaConfigString'], + base_dn=entry_dn, + scope=self.admin_conn.SCOPE_BASE) + except errors.NotFound: + root_logger.debug("service %s startup entry already disabled", name) + return + + assert len(entries) == 1 # only one entry is expected + entry = entries[0] + + # case insensitive + for value in entry.get('ipaConfigString', []): + if value.lower() == u'enabledservice': + entry['ipaConfigString'].remove(value) + break + + try: + self.admin_conn.update_entry(entry) + except errors.EmptyModlist: + pass + except: + root_logger.debug("failed to disable service %s startup entry", name) + raise + + root_logger.debug("service %s startup entry disabled", name) + + class SimpleServiceInstance(Service): def create_instance(self, gensvc_name=None, fqdn=None, dm_password=None, ldap_suffix=None, realm=None): self.gensvc_name = gensvc_name |