summaryrefslogtreecommitdiffstats
path: root/ipa-client
diff options
context:
space:
mode:
authorSimo Sorce <ssorce@redhat.com>2008-04-09 15:55:46 -0400
committerSimo Sorce <ssorce@redhat.com>2008-04-09 15:55:46 -0400
commit24a7cf37148f4e7947e918fd35b5744e2e178e72 (patch)
treef4ab04e730fe0abcbf32822cc987f4df5db24590 /ipa-client
parent3e47b4806842d6695e50a9086de28256efa1b855 (diff)
downloadfreeipa-24a7cf37148f4e7947e918fd35b5744e2e178e72.tar.gz
freeipa-24a7cf37148f4e7947e918fd35b5744e2e178e72.tar.xz
freeipa-24a7cf37148f4e7947e918fd35b5744e2e178e72.zip
Fix client discovery and make sure command line options are not overwritten
with discovered options, just verified.
Diffstat (limited to 'ipa-client')
-rw-r--r--ipa-client/ipa-install/ipa-client-install89
1 files changed, 53 insertions, 36 deletions
diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install
index 4be2b9813..976416d48 100644
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -43,6 +43,9 @@ def parse_options():
options, args = parser.parse_args()
+ if (options.server and not options.domain):
+ parser.error("--server cannot be used without providing --domain")
+
return options
def ask_for_confirmation(message):
@@ -110,6 +113,11 @@ def main():
if options.uninstall:
return uninstall(options)
+ cli_domain = None
+ cli_server = None
+ cli_realm = None
+ cli_basedn = None
+
# Create the discovery instance
ds = ipaclient.ipadiscovery.IPADiscovery()
@@ -121,32 +129,38 @@ def main():
if ret == -1 or not ds.getDomainName():
logging.debug("Domain not found")
if options.domain:
- dom = options.domain
+ cli_domain = options.domain
elif options.unattended:
return ret
else:
print "Failed to determine your DNS domain (DNS misconfigured?)"
- dom = ""
- while dom == "":
- dom = raw_input("Please provide your domain name (ex: example.com): ")
- ret = ds.search(domain=dom)
- dom = ds.getDomainName()
+ cli_domain = ""
+ while cli_domain == "":
+ cli_domain = raw_input("Please provide your domain name (ex: example.com): ")
+ ret = ds.search(domain=cli_domain, server=options.server)
+ if not cli_domain:
+ if ds.getDomainName():
+ cli_domain = ds.getDomainName()
+
if ret == -2 or not ds.getServerName():
dnsok = False
logging.debug("IPA Server not found")
if options.server:
- srv = options.server
+ cli_server = options.server
elif options.unattended:
return ret
else:
print "Failed to find the IPA Server (DNS misconfigured?)"
- srv = ""
- while srv == "":
- srv = raw_input("Please provide your server name (ex: ipa.example.com): ")
- ret = ds.search(domain=dom, server=srv)
- srv = ds.getServerName()
+ cli_server = ""
+ while cli_server == "":
+ cli_server = raw_input("Please provide your server name (ex: ipa.example.com): ")
+ ret = ds.search(domain=cli_domain, server=cli_server)
+ if not cli_server:
+ if ds.getServerName():
+ cli_server = ds.getServerName()
+
if ret != 0:
- print "Failed to verify that "+srv+" is an IPA Server."
+ print "Failed to verify that "+cli_server+" is an IPA Server."
print "This may mean that the remote server is not up or is not reachable"
print "due to network or firewall settings."
return ret
@@ -168,10 +182,13 @@ def main():
print "ERROR: The provided realm name: ["+options.realm_name+"] does not match with the discovered one: ["+ds.getRealmName()+"]\n"
return -3
- print "Realm: "+ds.getRealmName()
- print "DNS Domain: "+ds.getDomainName()
- print "IPA Server: "+ds.getServerName()
- print "BaseDN: "+ds.getBaseDN()
+ cli_realm = ds.getRealmName()
+ cli_basedn = ds.getBaseDN()
+
+ print "Realm: "+cli_realm
+ print "DNS Domain: "+cli_domain
+ print "IPA Server: "+cli_server
+ print "BaseDN: "+cli_basedn
print "\n"
if not options.unattended and not ask_for_confirmation("Continue to configure the system with these values?"):
@@ -186,8 +203,8 @@ def main():
{'name':'empty', 'type':'empty'}]
#[defaults]
- defopts = [{'name':'server', 'type':'option', 'value':ds.getServerName()},
- {'name':'realm', 'type':'option', 'value':ds.getRealmName()}]
+ defopts = [{'name':'server', 'type':'option', 'value':cli_server},
+ {'name':'realm', 'type':'option', 'value':cli_realm}]
opts.append({'name':'defaults', 'type':'section', 'value':defopts})
opts.append({'name':'empty', 'type':'empty'})
@@ -203,10 +220,10 @@ def main():
opts = [{'name':'comment', 'type':'comment', 'value':'File modified by ipa-client-install'},
{'name':'empty', 'type':'empty'},
{'name':'ldap_version', 'type':'option', 'value':'3'},
- {'name':'base', 'type':'option', 'value':ds.getBaseDN()},
+ {'name':'base', 'type':'option', 'value':cli_basedn},
{'name':'empty', 'type':'empty'},
- {'name':'nss_base_passwd', 'type':'option', 'value':ds.getBaseDN()+'?sub'},
- {'name':'nss_base_group', 'type':'option', 'value':ds.getBaseDN()+'?sub'},
+ {'name':'nss_base_passwd', 'type':'option', 'value':cli_basedn+'?sub'},
+ {'name':'nss_base_group', 'type':'option', 'value':cli_basedn+'?sub'},
{'name':'nss_schema', 'type':'option', 'value':'rfc2307bis'},
{'name':'nss_map_attribute', 'type':'option', 'value':'uniqueMember member'},
{'name':'nss_initgroups_ignoreusers', 'type':'option', 'value':'root,dirsrv'},
@@ -217,9 +234,9 @@ def main():
{'name':'timelimit', 'type':'option', 'value':'15'},
{'name':'empty', 'type':'empty'}]
if not dnsok or options.force or options.on_master:
- opts.append({'name':'uri', 'type':'option', 'value':'ldap://'+ds.getServerName()})
+ opts.append({'name':'uri', 'type':'option', 'value':'ldap://'+cli_server})
else:
- opts.append({'name':'nss_srv_domain', 'type':'option', 'value':ds.getDomainName()})
+ opts.append({'name':'nss_srv_domain', 'type':'option', 'value':cli_domain})
opts.append({'name':'empty', 'type':'empty'})
try:
@@ -234,7 +251,7 @@ def main():
krbctx = krbV.default_context()
# If we find our domain assume we are properly configured
#(ex. we are configuring the client side of a Master)
- if not options.on_master and (not krbctx.default_realm == ds.getRealmName() or options.force):
+ if not options.on_master and (not krbctx.default_realm == cli_realm or options.force):
#Configure krb5.conf
krbconf = ipaclient.ipachangeconf.IPAChangeConf("IPA Installer")
@@ -247,7 +264,7 @@ def main():
{'name':'empty', 'type':'empty'}]
#[libdefaults]
- libopts = [{'name':'default_realm', 'type':'option', 'value':ds.getRealmName()}]
+ libopts = [{'name':'default_realm', 'type':'option', 'value':cli_realm}]
if dnsok and not options.force:
libopts.append({'name':'dns_lookup_realm', 'type':'option', 'value':'true'})
libopts.append({'name':'dns_lookup_kdc', 'type':'option', 'value':'true'})
@@ -263,16 +280,16 @@ def main():
#the following are necessary only if DNS discovery does not work
if not dnsok or options.force:
#[realms]
- kropts =[{'name':'kdc', 'type':'option', 'value':ds.getServerName()+':88'},
- {'name':'admin_server', 'type':'option', 'value':ds.getServerName()+':749'},
- {'name':'default_domain', 'type':'option', 'value':ds.getDomainName()}]
- ropts = [{'name':ds.getRealmName(), 'type':'subsection', 'value':kropts}]
+ kropts =[{'name':'kdc', 'type':'option', 'value':cli_server+':88'},
+ {'name':'admin_server', 'type':'option', 'value':cli_server+':749'},
+ {'name':'default_domain', 'type':'option', 'value':cli_domain}]
+ ropts = [{'name':cli_realm, 'type':'subsection', 'value':kropts}]
opts.append({'name':'realms', 'type':'section', 'value':ropts})
opts.append({'name':'empty', 'type':'empty'})
#[domain_realm]
- dropts = [{'name':'.'+ds.getDomainName(), 'type':'option', 'value':ds.getRealmName()},
- {'name':ds.getDomainName(), 'type':'option', 'value':ds.getRealmName()}]
+ dropts = [{'name':'.'+cli_domain, 'type':'option', 'value':cli_realm},
+ {'name':cli_domain, 'type':'option', 'value':cli_realm}]
opts.append({'name':'domain_realm', 'type':'section', 'value':dropts})
opts.append({'name':'empty', 'type':'empty'})
@@ -287,7 +304,7 @@ def main():
fstore.backup_file("/etc/krb5.conf")
krbconf.newConf("/etc/krb5.conf", opts);
- print "Configured /etc/krb5.conf for IPA realm " + ds.getRealmName()
+ print "Configured /etc/krb5.conf for IPA realm " + cli_realm
#Modify nsswitch to add nss_ldap
run(["/usr/sbin/authconfig", "--enableldap", "--update"])
@@ -299,9 +316,9 @@ def main():
run(["getent", "passwd", "admin"])
except Exception, e:
print "nss_ldap is not able to use DNS discovery!"
- print "Changing configuration to use hardcoded server name: " + ds.getServerName()
+ print "Changing configuration to use hardcoded server name: " +cli_server
- opts = [{'name':'uri', 'type':'option', 'action':'set', 'value':'ldap://'+ds.getServerName()},
+ opts = [{'name':'uri', 'type':'option', 'action':'set', 'value':'ldap://'+cli_server},
{'name':'empty', 'type':'empty'}]
try:
ldapconf.changeConf("/etc/ldap.conf", opts)
@@ -317,7 +334,7 @@ def main():
if options.ntp_server:
ntp_server = options.ntp_server
else:
- ntp_server = ds.getServerName()
+ ntp_server = cli_server
ipaclient.ntpconf.config_ntp(ntp_server, fstore)
print "NTP enabled"