diff options
author | Stanislav Laznicka <slaznick@redhat.com> | 2016-06-17 13:14:49 +0200 |
---|---|---|
committer | Martin Basti <mbasti@redhat.com> | 2016-08-16 18:22:44 +0200 |
commit | 5776f1e90000ccfc24689c99951864248ed01045 (patch) | |
tree | f32014af4c7887014e84e7f2b38a95613138dfbd /ipaserver/install/ca.py | |
parent | d461f42f9581f4b3ec89d7e043effe9d17fb1baa (diff) | |
download | freeipa-5776f1e90000ccfc24689c99951864248ed01045.tar.gz freeipa-5776f1e90000ccfc24689c99951864248ed01045.tar.xz freeipa-5776f1e90000ccfc24689c99951864248ed01045.zip |
Remove sys.exit from install modules and scripts
sys.exit() calls sometimes make it hard to find bugs and mask code that
does not always work properly.
https://fedorahosted.org/freeipa/ticket/5750
Reviewed-By: Martin Basti <mbasti@redhat.com>
Diffstat (limited to 'ipaserver/install/ca.py')
-rw-r--r-- | ipaserver/install/ca.py | 42 |
1 files changed, 20 insertions, 22 deletions
diff --git a/ipaserver/install/ca.py b/ipaserver/install/ca.py index bce804ac1..00e0b038c 100644 --- a/ipaserver/install/ca.py +++ b/ipaserver/install/ca.py @@ -4,10 +4,9 @@ from __future__ import print_function -import sys - from ipaserver.install import cainstance, dsinstance, bindinstance from ipapython import ipautil, certdb +from ipapython.admintool import ScriptError from ipaplatform import services from ipaplatform.paths import paths from ipaserver.install import installutils, certs @@ -30,12 +29,11 @@ def install_check(standalone, replica_config, options): if replica_config is not None: if standalone and api.env.ra_plugin == 'selfsign': - sys.exit('A selfsign CA can not be added') + raise ScriptError('A selfsign CA can not be added') if ((not options.promote and not ipautil.file_exists(replica_config.dir + "/cacert.p12"))): - print('CA cannot be installed in CA-less setup.') - sys.exit(1) + raise ScriptError('CA cannot be installed in CA-less setup.') if standalone and not options.skip_conncheck: principal = options.principal @@ -53,7 +51,7 @@ def install_check(standalone, replica_config, options): if standalone: if api.Command.ca_is_enabled()['result']: - sys.exit( + raise ScriptError( "One or more CA masters are already present in IPA realm " "'%s'.\nIf you wish to replicate CA to this host, please " "re-run 'ipa-ca-install'\nwith a replica file generated on " @@ -64,28 +62,28 @@ def install_check(standalone, replica_config, options): if not cainstance.is_step_one_done(): # This can happen if someone passes external_ca_file without # already having done the first stage of the CA install. - print("CA is not installed yet. To install with an external CA " + raise ScriptError( + "CA is not installed yet. To install with an external CA " "is a two-stage process.\nFirst run the installer with " "--external-ca.") - sys.exit(1) external_cert_file, external_ca_file = installutils.load_external_cert( options.external_cert_files, options.subject) elif options.external_ca: if cainstance.is_step_one_done(): - print("CA is already installed.\nRun the installer with " - "--external-cert-file.") - sys.exit(1) + raise ScriptError( + "CA is already installed.\nRun the installer with " + "--external-cert-file.") if ipautil.file_exists(paths.ROOT_IPA_CSR): - print(("CA CSR file %s already exists.\nIn order to continue " - "remove the file and run the installer again." % - paths.ROOT_IPA_CSR)) - sys.exit(1) + raise ScriptError( + "CA CSR file %s already exists.\nIn order to continue " + "remove the file and run the installer again." % + paths.ROOT_IPA_CSR) if not options.external_cert_files: if not cainstance.check_port(): print("IPA requires port 8443 for PKI but it is currently in use.") - sys.exit("Aborting installation") + raise ScriptError("Aborting installation") if standalone: dirname = dsinstance.config_dirname( @@ -98,9 +96,9 @@ def install_check(standalone, replica_config, options): if nickname in (certdb.get_ca_nickname(realm_name), 'ipaCert', 'Signing-Cert'): - print(("Certificate with nickname %s is present in %s, " - "cannot continue." % (nickname, db.secdir))) - sys.exit(1) + raise ScriptError( + "Certificate with nickname %s is present in %s, " + "cannot continue." % (nickname, db.secdir)) cert = db.get_cert_from_db(nickname) if not cert: @@ -109,9 +107,9 @@ def install_check(standalone, replica_config, options): if subject in (DN('CN=Certificate Authority', subject_base), DN('CN=IPA RA', subject_base), DN('CN=Object Signing Cert', subject_base)): - print(("Certificate with subject %s is present in %s, " - "cannot continue." % (subject, db.secdir))) - sys.exit(1) + raise ScriptError( + "Certificate with subject %s is present in %s, " + "cannot continue." % (subject, db.secdir)) def install(standalone, replica_config, options): |