diff options
author | Simo Sorce <ssorce@redhat.com> | 2008-04-09 15:55:46 -0400 |
---|---|---|
committer | Simo Sorce <ssorce@redhat.com> | 2008-04-09 15:55:46 -0400 |
commit | 24a7cf37148f4e7947e918fd35b5744e2e178e72 (patch) | |
tree | f4ab04e730fe0abcbf32822cc987f4df5db24590 /ipa-client | |
parent | 3e47b4806842d6695e50a9086de28256efa1b855 (diff) | |
download | freeipa-24a7cf37148f4e7947e918fd35b5744e2e178e72.tar.gz freeipa-24a7cf37148f4e7947e918fd35b5744e2e178e72.tar.xz freeipa-24a7cf37148f4e7947e918fd35b5744e2e178e72.zip |
Fix client discovery and make sure command line options are not overwritten
with discovered options, just verified.
Diffstat (limited to 'ipa-client')
-rw-r--r-- | ipa-client/ipa-install/ipa-client-install | 89 |
1 files changed, 53 insertions, 36 deletions
diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install index 4be2b9813..976416d48 100644 --- a/ipa-client/ipa-install/ipa-client-install +++ b/ipa-client/ipa-install/ipa-client-install @@ -43,6 +43,9 @@ def parse_options(): options, args = parser.parse_args() + if (options.server and not options.domain): + parser.error("--server cannot be used without providing --domain") + return options def ask_for_confirmation(message): @@ -110,6 +113,11 @@ def main(): if options.uninstall: return uninstall(options) + cli_domain = None + cli_server = None + cli_realm = None + cli_basedn = None + # Create the discovery instance ds = ipaclient.ipadiscovery.IPADiscovery() @@ -121,32 +129,38 @@ def main(): if ret == -1 or not ds.getDomainName(): logging.debug("Domain not found") if options.domain: - dom = options.domain + cli_domain = options.domain elif options.unattended: return ret else: print "Failed to determine your DNS domain (DNS misconfigured?)" - dom = "" - while dom == "": - dom = raw_input("Please provide your domain name (ex: example.com): ") - ret = ds.search(domain=dom) - dom = ds.getDomainName() + cli_domain = "" + while cli_domain == "": + cli_domain = raw_input("Please provide your domain name (ex: example.com): ") + ret = ds.search(domain=cli_domain, server=options.server) + if not cli_domain: + if ds.getDomainName(): + cli_domain = ds.getDomainName() + if ret == -2 or not ds.getServerName(): dnsok = False logging.debug("IPA Server not found") if options.server: - srv = options.server + cli_server = options.server elif options.unattended: return ret else: print "Failed to find the IPA Server (DNS misconfigured?)" - srv = "" - while srv == "": - srv = raw_input("Please provide your server name (ex: ipa.example.com): ") - ret = ds.search(domain=dom, server=srv) - srv = ds.getServerName() + cli_server = "" + while cli_server == "": + cli_server = raw_input("Please provide your server name (ex: ipa.example.com): ") + ret = ds.search(domain=cli_domain, server=cli_server) + if not cli_server: + if ds.getServerName(): + cli_server = ds.getServerName() + if ret != 0: - print "Failed to verify that "+srv+" is an IPA Server." + print "Failed to verify that "+cli_server+" is an IPA Server." print "This may mean that the remote server is not up or is not reachable" print "due to network or firewall settings." return ret @@ -168,10 +182,13 @@ def main(): print "ERROR: The provided realm name: ["+options.realm_name+"] does not match with the discovered one: ["+ds.getRealmName()+"]\n" return -3 - print "Realm: "+ds.getRealmName() - print "DNS Domain: "+ds.getDomainName() - print "IPA Server: "+ds.getServerName() - print "BaseDN: "+ds.getBaseDN() + cli_realm = ds.getRealmName() + cli_basedn = ds.getBaseDN() + + print "Realm: "+cli_realm + print "DNS Domain: "+cli_domain + print "IPA Server: "+cli_server + print "BaseDN: "+cli_basedn print "\n" if not options.unattended and not ask_for_confirmation("Continue to configure the system with these values?"): @@ -186,8 +203,8 @@ def main(): {'name':'empty', 'type':'empty'}] #[defaults] - defopts = [{'name':'server', 'type':'option', 'value':ds.getServerName()}, - {'name':'realm', 'type':'option', 'value':ds.getRealmName()}] + defopts = [{'name':'server', 'type':'option', 'value':cli_server}, + {'name':'realm', 'type':'option', 'value':cli_realm}] opts.append({'name':'defaults', 'type':'section', 'value':defopts}) opts.append({'name':'empty', 'type':'empty'}) @@ -203,10 +220,10 @@ def main(): opts = [{'name':'comment', 'type':'comment', 'value':'File modified by ipa-client-install'}, {'name':'empty', 'type':'empty'}, {'name':'ldap_version', 'type':'option', 'value':'3'}, - {'name':'base', 'type':'option', 'value':ds.getBaseDN()}, + {'name':'base', 'type':'option', 'value':cli_basedn}, {'name':'empty', 'type':'empty'}, - {'name':'nss_base_passwd', 'type':'option', 'value':ds.getBaseDN()+'?sub'}, - {'name':'nss_base_group', 'type':'option', 'value':ds.getBaseDN()+'?sub'}, + {'name':'nss_base_passwd', 'type':'option', 'value':cli_basedn+'?sub'}, + {'name':'nss_base_group', 'type':'option', 'value':cli_basedn+'?sub'}, {'name':'nss_schema', 'type':'option', 'value':'rfc2307bis'}, {'name':'nss_map_attribute', 'type':'option', 'value':'uniqueMember member'}, {'name':'nss_initgroups_ignoreusers', 'type':'option', 'value':'root,dirsrv'}, @@ -217,9 +234,9 @@ def main(): {'name':'timelimit', 'type':'option', 'value':'15'}, {'name':'empty', 'type':'empty'}] if not dnsok or options.force or options.on_master: - opts.append({'name':'uri', 'type':'option', 'value':'ldap://'+ds.getServerName()}) + opts.append({'name':'uri', 'type':'option', 'value':'ldap://'+cli_server}) else: - opts.append({'name':'nss_srv_domain', 'type':'option', 'value':ds.getDomainName()}) + opts.append({'name':'nss_srv_domain', 'type':'option', 'value':cli_domain}) opts.append({'name':'empty', 'type':'empty'}) try: @@ -234,7 +251,7 @@ def main(): krbctx = krbV.default_context() # If we find our domain assume we are properly configured #(ex. we are configuring the client side of a Master) - if not options.on_master and (not krbctx.default_realm == ds.getRealmName() or options.force): + if not options.on_master and (not krbctx.default_realm == cli_realm or options.force): #Configure krb5.conf krbconf = ipaclient.ipachangeconf.IPAChangeConf("IPA Installer") @@ -247,7 +264,7 @@ def main(): {'name':'empty', 'type':'empty'}] #[libdefaults] - libopts = [{'name':'default_realm', 'type':'option', 'value':ds.getRealmName()}] + libopts = [{'name':'default_realm', 'type':'option', 'value':cli_realm}] if dnsok and not options.force: libopts.append({'name':'dns_lookup_realm', 'type':'option', 'value':'true'}) libopts.append({'name':'dns_lookup_kdc', 'type':'option', 'value':'true'}) @@ -263,16 +280,16 @@ def main(): #the following are necessary only if DNS discovery does not work if not dnsok or options.force: #[realms] - kropts =[{'name':'kdc', 'type':'option', 'value':ds.getServerName()+':88'}, - {'name':'admin_server', 'type':'option', 'value':ds.getServerName()+':749'}, - {'name':'default_domain', 'type':'option', 'value':ds.getDomainName()}] - ropts = [{'name':ds.getRealmName(), 'type':'subsection', 'value':kropts}] + kropts =[{'name':'kdc', 'type':'option', 'value':cli_server+':88'}, + {'name':'admin_server', 'type':'option', 'value':cli_server+':749'}, + {'name':'default_domain', 'type':'option', 'value':cli_domain}] + ropts = [{'name':cli_realm, 'type':'subsection', 'value':kropts}] opts.append({'name':'realms', 'type':'section', 'value':ropts}) opts.append({'name':'empty', 'type':'empty'}) #[domain_realm] - dropts = [{'name':'.'+ds.getDomainName(), 'type':'option', 'value':ds.getRealmName()}, - {'name':ds.getDomainName(), 'type':'option', 'value':ds.getRealmName()}] + dropts = [{'name':'.'+cli_domain, 'type':'option', 'value':cli_realm}, + {'name':cli_domain, 'type':'option', 'value':cli_realm}] opts.append({'name':'domain_realm', 'type':'section', 'value':dropts}) opts.append({'name':'empty', 'type':'empty'}) @@ -287,7 +304,7 @@ def main(): fstore.backup_file("/etc/krb5.conf") krbconf.newConf("/etc/krb5.conf", opts); - print "Configured /etc/krb5.conf for IPA realm " + ds.getRealmName() + print "Configured /etc/krb5.conf for IPA realm " + cli_realm #Modify nsswitch to add nss_ldap run(["/usr/sbin/authconfig", "--enableldap", "--update"]) @@ -299,9 +316,9 @@ def main(): run(["getent", "passwd", "admin"]) except Exception, e: print "nss_ldap is not able to use DNS discovery!" - print "Changing configuration to use hardcoded server name: " + ds.getServerName() + print "Changing configuration to use hardcoded server name: " +cli_server - opts = [{'name':'uri', 'type':'option', 'action':'set', 'value':'ldap://'+ds.getServerName()}, + opts = [{'name':'uri', 'type':'option', 'action':'set', 'value':'ldap://'+cli_server}, {'name':'empty', 'type':'empty'}] try: ldapconf.changeConf("/etc/ldap.conf", opts) @@ -317,7 +334,7 @@ def main(): if options.ntp_server: ntp_server = options.ntp_server else: - ntp_server = ds.getServerName() + ntp_server = cli_server ipaclient.ntpconf.config_ntp(ntp_server, fstore) print "NTP enabled" |