Set explicit confdir option for global contexts

Some API contexts are used to modify global state (e.g. files in /etc and /var). These contexts do not support confdir overrides. Initialize the API with an explicit confdir argument to paths.ETC_IPA. The special contexts are: * backup * cli_installer * installer * ipctl * renew * restore * server * updates The patch also corrects the context of the ipa-httpd-kdcproxy script to 'server'. https://fedorahosted.org/freeipa/ticket/6389 Signed-off-by: Christian Heimes <cheimes@redhat.com> Reviewed-By: Jan Cholasta <jcholast@redhat.com>
author: Christian Heimes <cheimes@redhat.com> 2016-11-28 16:24:33 +0100
committer: Jan Cholasta <jcholast@redhat.com> 2016-12-02 09:14:35 +0100
commit: 1e6a204b4372bbbfb722a00370a5ce4e34406b9f (patch)
tree: b8deef8cc3b4f04990f5d305eafdeff14d5d8928 /install/tools
parent: 98f0077360884da6df31b351caaed7510dec94de (diff)
download: freeipa-1e6a204b4372bbbfb722a00370a5ce4e34406b9f.tar.gz
freeipa-1e6a204b4372bbbfb722a00370a5ce4e34406b9f.tar.xz
freeipa-1e6a204b4372bbbfb722a00370a5ce4e34406b9f.zip
9 files changed, 30 insertions, 17 deletions
diff --git a/install/tools/ipa-adtrust-install b/install/tools/ipa-adtrust-install
index 918b23850..8d927f10e 100755
--- a/install/tools/ipa-adtrust-install
+++ b/install/tools/ipa-adtrust-install
@@ -263,11 +263,12 @@ def main():
         sys.exit("Aborting installation.")
 
     # Initialize the ipalib api
-    cfg = dict(
+    api.bootstrap(
         in_server=True,
         debug=options.debug,
+        context='install',
+        confdir=paths.ETC_IPA
     )
-    api.bootstrap(**cfg)
     api.finalize()
 
     # If domain name and realm does not match, IPA server will not be able
diff --git a/install/tools/ipa-ca-install b/install/tools/ipa-ca-install
index bf817c7f1..88939f9db 100755
--- a/install/tools/ipa-ca-install
+++ b/install/tools/ipa-ca-install
@@ -261,7 +261,10 @@ def main():
 
     # override ra_plugin setting read from default.conf so that we have
     # functional dogtag backend plugins during CA install
-    api.bootstrap(in_server=True, ra_plugin='dogtag')
+    api.bootstrap(
+        context='install', confdir=paths.ETC_IPA,
+        in_server=True, ra_plugin='dogtag'
+    )
     api.finalize()
     api.Backend.ldap2.connect()
 
diff --git a/install/tools/ipa-csreplica-manage b/install/tools/ipa-csreplica-manage
index 6a3b8693c..f494380e6 100755
--- a/install/tools/ipa-csreplica-manage
+++ b/install/tools/ipa-csreplica-manage
@@ -408,14 +408,13 @@ def main():
 
     # Just initialize the environment. This is so the installer can have
     # access to the plugin environment
-    api_env = {'in_server' : True,
-               'verbose'   : options.verbose,
-              }
-
+    api_env = {}
     if os.getegid() != 0:
         api_env['log'] = None # turn off logging for non-root
 
-    api.bootstrap(**api_env)
+    api.bootstrap(
+        context='cli', in_server=True, verbose=options.verbose, **api_env
+    )
     api.finalize()
 
     dirman_passwd = None
diff --git a/install/tools/ipa-dns-install b/install/tools/ipa-dns-install
index 699749d08..5bd0ba6d7 100755
--- a/install/tools/ipa-dns-install
+++ b/install/tools/ipa-dns-install
@@ -132,11 +132,10 @@ def main():
     installutils.check_server_configuration()
 
     # Initialize the ipalib api
-    cfg = dict(
-        in_server=True,
-        debug=options.debug,
+    api.bootstrap(
+        context='install', confdir=paths.ETC_IPA,
+        in_server=True, debug=options.debug,
     )
-    api.bootstrap(**cfg)
     api.finalize()
     api.Backend.ldap2.connect()
 
diff --git a/install/tools/ipa-httpd-kdcproxy b/install/tools/ipa-httpd-kdcproxy
index 329565c2b..bb2949be8 100755
--- a/install/tools/ipa-httpd-kdcproxy
+++ b/install/tools/ipa-httpd-kdcproxy
@@ -184,7 +184,8 @@ class KDCProxyConfig(object):
 def main(debug=DEBUG, time_limit=TIME_LIMIT):
     # initialize API without file logging
     if not api.isdone('bootstrap'):
-        api.bootstrap(context='ipa-httpd-kdcproxy', log=None, debug=debug)
+        api.bootstrap(context='server', confdir=paths.ETC_IPA,
+                      log=None, debug=debug)
         standard_logging_setup(verbose=True, debug=debug)
 
     try:
diff --git a/install/tools/ipa-nis-manage b/install/tools/ipa-nis-manage
index 21ff18334..c44b0f9ed 100755
--- a/install/tools/ipa-nis-manage
+++ b/install/tools/ipa-nis-manage
@@ -113,7 +113,9 @@ def main():
     if not dirman_password:
         sys.exit("No password supplied")
 
-    api.bootstrap(context='cli', debug=options.debug, in_server=True)
+    api.bootstrap(
+        context='cli', confdir=paths.ETC_IPA,
+        debug=options.debug, in_server=True)
     api.finalize()
     api.Backend.ldap2.connect(bind_pw=dirman_password)
 
diff --git a/install/tools/ipa-replica-conncheck b/install/tools/ipa-replica-conncheck
index 2413754e5..121f06844 100755
--- a/install/tools/ipa-replica-conncheck
+++ b/install/tools/ipa-replica-conncheck
@@ -554,7 +554,9 @@ def main():
                     else:
                         nss_dir = None
 
-                    api.bootstrap(context='client', xmlrpc_uri=xmlrpc_uri,
+                    api.bootstrap(context='client',
+                                  confdir=paths.ETC_IPA,
+                                  xmlrpc_uri=xmlrpc_uri,
                                   nss_dir=nss_db.secdir)
                     api.finalize()
                     try:
diff --git a/install/tools/ipa-replica-manage b/install/tools/ipa-replica-manage
index 1ee7301e6..56cb90bea 100755
--- a/install/tools/ipa-replica-manage
+++ b/install/tools/ipa-replica-manage
@@ -1508,7 +1508,10 @@ def main(options, args):
     if os.getegid() != 0:
         api_env['log'] = None # turn off logging for non-root
 
-    api.bootstrap(**api_env)
+    api.bootstrap(
+        context='cli', confdir=paths.ETC_IPA,
+        in_server=True, verbose=options.verbose
+    )
     api.finalize()
 
     dirman_passwd = None
diff --git a/install/tools/ipactl b/install/tools/ipactl
index ce4fe0254..db8ff6249 100755
--- a/install/tools/ipactl
+++ b/install/tools/ipactl
@@ -560,7 +560,10 @@ def main():
         else:
             raise e
 
-    api.bootstrap(in_server=True, context='ipactl', debug=options.debug)
+    api.bootstrap(in_server=True,
+                  context='ipactl',
+                  confdir=paths.ETC_IPA,
+                  debug=options.debug)
     api.finalize()
 
     if '.' not in api.env.host:
author	Christian Heimes <cheimes@redhat.com>	2016-11-28 16:24:33 +0100
committer	Jan Cholasta <jcholast@redhat.com>	2016-12-02 09:14:35 +0100
commit	1e6a204b4372bbbfb722a00370a5ce4e34406b9f (patch)
tree	b8deef8cc3b4f04990f5d305eafdeff14d5d8928 /install/tools
parent	98f0077360884da6df31b351caaed7510dec94de (diff)
download	freeipa-1e6a204b4372bbbfb722a00370a5ce4e34406b9f.tar.gz freeipa-1e6a204b4372bbbfb722a00370a5ce4e34406b9f.tar.xz freeipa-1e6a204b4372bbbfb722a00370a5ce4e34406b9f.zip