diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2011-06-09 13:16:07 -0400 |
|---|---|---|
| committer | Martin Kosek <mkosek@redhat.com> | 2011-06-13 09:51:05 +0200 |
| commit | 7940270b9fbebfa09b25c18198933b6a6b82b1d3 (patch) | |
| tree | 7996dc4d9f9df086cf8e07e93ef940b9c3f0ebbf /install/tools | |
| parent | 6f1b62fb1ad8c4d1639a54874462c9e7204bbf4c (diff) | |
| download | freeipa-7940270b9fbebfa09b25c18198933b6a6b82b1d3.tar.gz freeipa-7940270b9fbebfa09b25c18198933b6a6b82b1d3.tar.xz freeipa-7940270b9fbebfa09b25c18198933b6a6b82b1d3.zip | |
Remove root autobind search restriction, fix upgrade logging & error handling.
There was no point in limiting autobind root to just search cn=config since
it could always just modify its way out of the box, so remove the
restriction.
The upgrade log wasn't being created. Clearing all other loggers before
we calling logging.basicConfig() fixes this.
Add a global exception when performing updates so we can gracefully catch
and log problems without leaving the server in a bad state.
https://fedorahosted.org/freeipa/ticket/1243
https://fedorahosted.org/freeipa/ticket/1254
Diffstat (limited to 'install/tools')
| -rwxr-xr-x | install/tools/ipa-ldap-updater | 21 |
1 files changed, 14 insertions, 7 deletions
diff --git a/install/tools/ipa-ldap-updater b/install/tools/ipa-ldap-updater index ddf222e08..ec57109d3 100755 --- a/install/tools/ipa-ldap-updater +++ b/install/tools/ipa-ldap-updater @@ -78,6 +78,7 @@ def get_dirman_password(): def main(): loglevel = logging.INFO badsyntax = False + upgradefailed = False safe_options, options, args = parse_options() if options.debug: @@ -102,24 +103,26 @@ def main(): if len(args) > 0: files = args + # Clear all existing log handler + loggers = logging.getLogger() + if loggers.handlers: + for handler in loggers.handlers: + loggers.removeHandler(handler) if options.upgrade: if os.getegid() != 0: sys.exit('Upgrade can only be done as root') logging.basicConfig(level=loglevel, - format='%(levelname)s %(message)s', - filename='/var/log/ipaupgrade.log') + format='%(asctime)s %(levelname)s %(message)s', + filename='/var/log/ipaupgrade.log', + filemode='a') logging.debug('%s was invoked with arguments %s and options: %s' % (sys.argv[0], args, safe_options)) realm = krbV.default_context().default_realm upgrade = IPAUpgrade(realm, files, live_run=not options.test) upgrade.create_instance() modified = upgrade.modified badsyntax = upgrade.badsyntax + upgradefailed = upgrade.upgradefailed else: - # Clear all existing log handlers, this is need to log as root - loggers = logging.getLogger() - if loggers.handlers: - for handler in loggers.handlers: - loggers.removeHandler(handler) logging.basicConfig(level=loglevel, format='%(levelname)s %(message)s') ld = LDAPUpdate(dm_password=dirman_password, sub_dict={}, live_run=not options.test, ldapi=options.ldapi) @@ -128,6 +131,10 @@ def main(): modified = ld.update(files) if badsyntax: + print 'Bad syntax detected in upgrade file(s).' + return 1 + elif upgradefailed: + print 'IPA upgrade failed.' return 1 elif modified and options.test: return 2 |