diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2011-06-17 16:47:39 -0400 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2011-06-23 19:04:33 -0400 |
| commit | 8a32bb3746802a29b2655e4ad2cbbba8481e1eaf (patch) | |
| tree | 14c7e77b744d31e303d78313cf9866502dad1ef9 /ipaserver/install/installutils.py | |
| parent | cbffe1d65df222acf6eb26cdaa121932a01f9ba7 (diff) | |
| download | freeipa-8a32bb3746802a29b2655e4ad2cbbba8481e1eaf.tar.gz freeipa-8a32bb3746802a29b2655e4ad2cbbba8481e1eaf.tar.xz freeipa-8a32bb3746802a29b2655e4ad2cbbba8481e1eaf.zip | |
Make dogtag an optional (and default un-) installed component in a replica.
A dogtag replica file is created as usual. When the replica is installed
dogtag is optional and not installed by default. Adding the --setup-ca
option will configure it when the replica is installed.
A new tool ipa-ca-install will configure dogtag if it wasn't configured
when the replica was initially installed.
This moves a fair bit of code out of ipa-replica-install into
installutils and cainstance to avoid duplication.
https://fedorahosted.org/freeipa/ticket/1251
Diffstat (limited to 'ipaserver/install/installutils.py')
| -rw-r--r-- | ipaserver/install/installutils.py | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/ipaserver/install/installutils.py b/ipaserver/install/installutils.py index f5a862599..68fce7e69 100644 --- a/ipaserver/install/installutils.py +++ b/ipaserver/install/installutils.py @@ -29,6 +29,8 @@ import struct import fcntl import netaddr import time +import tempfile +from ConfigParser import SafeConfigParser from ipapython import ipautil from ipapython import dnsclient @@ -36,6 +38,17 @@ from ipapython import dnsclient class HostnameLocalhost(Exception): pass +class ReplicaConfig: + def __init__(self): + self.realm_name = "" + self.domain_name = "" + self.master_host_name = "" + self.dirman_password = "" + self.host_name = "" + self.dir = "" + self.subject_base = "" + self.setup_ca = False + def get_fqdn(): fqdn = "" try: @@ -442,3 +455,47 @@ def resolve_host(host_name): return addrinfos[0][4][0] except: return None + +def get_host_name(no_host_dns): + """ + Get the current FQDN from the socket and verify that it is valid. + + no_host_dns is a boolean that determines whether we enforce that the + hostname is resolvable. + + Will raise a RuntimeError on error, returns hostname on success + """ + hostname = get_fqdn() + verify_fqdn(hostname, no_host_dns) + return hostname + +def expand_replica_info(filename, password): + """ + Decrypt and expand a replica installation file into a temporary + location. The caller is responsible to remove this directory. + """ + top_dir = tempfile.mkdtemp("ipa") + tarfile = top_dir+"/files.tar" + dir = top_dir + "/realm_info" + ipautil.decrypt_file(filename, tarfile, password, top_dir) + ipautil.run(["tar", "xf", tarfile, "-C", top_dir]) + os.remove(tarfile) + + return top_dir, dir + +def read_replica_info(dir, rconfig): + """ + Read the contents of a replica installation file. + + rconfig is a ReplicaConfig object + """ + filename = dir + "/realm_info" + fd = open(filename) + config = SafeConfigParser() + config.readfp(fd) + + rconfig.realm_name = config.get("realm", "realm_name") + rconfig.master_host_name = config.get("realm", "master_host_name") + rconfig.domain_name = config.get("realm", "domain_name") + rconfig.host_name = config.get("realm", "destination_host") + rconfig.subject_base = config.get("realm", "subject_base") |