summaryrefslogtreecommitdiffstats
path: root/ipalib
diff options
context:
space:
mode:
authorJan Cholasta <jcholast@redhat.com>2015-12-09 08:18:21 +0100
committerTomas Babej <tbabej@redhat.com>2015-12-11 18:44:13 +0100
commit8d7f67e08c8320712321501451e4a444b89a4423 (patch)
treeced31cce2bf2c83a8d1e3106d6b72f8b5c9bff80 /ipalib
parent00f591d4e93cfe1f6f020a1c708a3d90b5b34288 (diff)
downloadfreeipa-8d7f67e08c8320712321501451e4a444b89a4423.tar.gz
freeipa-8d7f67e08c8320712321501451e4a444b89a4423.tar.xz
freeipa-8d7f67e08c8320712321501451e4a444b89a4423.zip
replica install: add remote connection check over API
Add server_conncheck command which calls ipa-replica-conncheck --replica over oddjob. https://fedorahosted.org/freeipa/ticket/5497 Reviewed-By: Martin Babinsky <mbabinsk@redhat.com> Reviewed-By: Tomas Babej <tbabej@redhat.com>
Diffstat (limited to 'ipalib')
-rw-r--r--ipalib/messages.py10
-rw-r--r--ipalib/plugins/server.py70
2 files changed, 79 insertions, 1 deletions
diff --git a/ipalib/messages.py b/ipalib/messages.py
index 44fee6d15..078e13f59 100644
--- a/ipalib/messages.py
+++ b/ipalib/messages.py
@@ -321,6 +321,16 @@ class CommandDeprecatedWarning(PublicMessage):
format = _(u"'%(command)s' is deprecated. %(additional_info)s")
+class ExternalCommandOutput(PublicMessage):
+ """
+ **13016** Line of output from an external command.
+ """
+
+ errno = 13016
+ type = "info"
+ format = _("%(line)s")
+
+
def iter_messages(variables, base):
"""Return a tuple with all subclasses
"""
diff --git a/ipalib/plugins/server.py b/ipalib/plugins/server.py
index 8284a5805..6286c5959 100644
--- a/ipalib/plugins/server.py
+++ b/ipalib/plugins/server.py
@@ -5,11 +5,15 @@
import string
import os
-from ipalib import api
+import dbus
+import dbus.mainloop.glib
+
+from ipalib import api, crud, errors, messages
from ipalib import Int, Str
from ipalib.plugable import Registry
from ipalib.plugins.baseldap import *
from ipalib.plugins import baseldap
+from ipalib.request import context
from ipalib import _, ngettext
__doc__ = _("""
@@ -188,3 +192,67 @@ class server_del(LDAPDelete):
__doc__ = _('Delete IPA server.')
NO_CLI = True
msg_summary = _('Deleted IPA server "%(value)s"')
+
+
+@register()
+class server_conncheck(crud.PKQuery):
+ __doc__ = _("Check connection to remote IPA server.")
+
+ NO_CLI = True
+
+ takes_args = (
+ Str(
+ 'remote_cn',
+ cli_name='remote_name',
+ label=_('Remote server name'),
+ doc=_('Remote IPA server hostname'),
+ ),
+ )
+
+ has_output = output.standard_value
+
+ def execute(self, *keys, **options):
+ # the server must be the local host
+ if keys[-2] != api.env.host:
+ raise errors.ValidationError(
+ name='cn', error=_("must be \"%s\"") % api.env.host)
+
+ # the server entry must exist
+ try:
+ self.obj.get_dn_if_exists(*keys[:-1])
+ except errors.NotFound:
+ self.obj.handle_not_found(keys[-2])
+
+ # the user must have the Replication Administrators privilege
+ privilege = u'Replication Administrators'
+ privilege_dn = self.api.Object.privilege.get_dn(privilege)
+ ldap = self.obj.backend
+ filter = ldap.make_filter(
+ {'krbprincipalname': context.principal, 'memberof': privilege_dn},
+ rules=ldap.MATCH_ALL)
+ try:
+ ldap.find_entries(base_dn=self.api.env.basedn, filter=filter)
+ except errors.NotFound:
+ raise errors.ACIError(
+ info=_("not allowed to perform server connection check"))
+
+ dbus.mainloop.glib.DBusGMainLoop(set_as_default=True)
+
+ bus = dbus.SystemBus()
+ obj = bus.get_object('org.freeipa.server', '/',
+ follow_name_owner_changes=True)
+ server = dbus.Interface(obj, 'org.freeipa.server')
+
+ ret, stdout, stderr = server.conncheck(keys[-1])
+
+ result = dict(
+ result=(ret == 0),
+ value=keys[-2],
+ )
+
+ for line in stdout.splitlines():
+ messages.add_message(options['version'],
+ result,
+ messages.ExternalCommandOutput(line=line))
+
+ return result