Set explicit confdir option for global contexts

Some API contexts are used to modify global state (e.g. files in /etc and /var). These contexts do not support confdir overrides. Initialize the API with an explicit confdir argument to paths.ETC_IPA. The special contexts are: * backup * cli_installer * installer * ipctl * renew * restore * server * updates The patch also corrects the context of the ipa-httpd-kdcproxy script to 'server'. https://fedorahosted.org/freeipa/ticket/6389 Signed-off-by: Christian Heimes <cheimes@redhat.com> Reviewed-By: Jan Cholasta <jcholast@redhat.com>
author: Christian Heimes <cheimes@redhat.com> 2016-11-28 16:24:33 +0100
committer: Jan Cholasta <jcholast@redhat.com> 2016-12-02 09:14:35 +0100
commit: 1e6a204b4372bbbfb722a00370a5ce4e34406b9f (patch)
tree: b8deef8cc3b4f04990f5d305eafdeff14d5d8928 /ipaserver
parent: 98f0077360884da6df31b351caaed7510dec94de (diff)
8 files changed, 24 insertions, 11 deletions
diff --git a/ipaserver/install/ipa_backup.py b/ipaserver/install/ipa_backup.py
index a4261f5fb..c11120b30 100644
--- a/ipaserver/install/ipa_backup.py
+++ b/ipaserver/install/ipa_backup.py
@@ -256,7 +256,7 @@ class Backup(admintool.AdminTool):
         options = self.options
         super(Backup, self).run()
 
-        api.bootstrap(in_server=True, context='backup')
+        api.bootstrap(in_server=True, context='backup', confdir=paths.ETC_IPA)
         api.finalize()
 
         self.log.info("Preparing backup on %s", api.env.host)
diff --git a/ipaserver/install/ipa_ldap_updater.py b/ipaserver/install/ipa_ldap_updater.py
index e6e6b5a36..f3e05b852 100644
--- a/ipaserver/install/ipa_ldap_updater.py
+++ b/ipaserver/install/ipa_ldap_updater.py
@@ -89,7 +89,7 @@ class LDAPUpdater(admintool.AdminTool):
     def run(self):
         super(LDAPUpdater, self).run()
 
-        api.bootstrap(in_server=True, context='updates')
+        api.bootstrap(in_server=True, context='updates', confdir=paths.ETC_IPA)
         api.finalize()
 
     def handle_error(self, exception):
diff --git a/ipaserver/install/ipa_restore.py b/ipaserver/install/ipa_restore.py
index 2987b5aad..2fae21591 100644
--- a/ipaserver/install/ipa_restore.py
+++ b/ipaserver/install/ipa_restore.py
@@ -841,6 +841,7 @@ class Restore(admintool.AdminTool):
         services.knownservices.certmonger.restart()
 
     def init_api(self, **overrides):
+        overrides.setdefault('confdir', paths.ETC_IPA)
         api.bootstrap(in_server=True, context='restore', **overrides)
         api.finalize()
 
diff --git a/ipaserver/install/ipa_server_upgrade.py b/ipaserver/install/ipa_server_upgrade.py
index c38470474..ef310687b 100644
--- a/ipaserver/install/ipa_server_upgrade.py
+++ b/ipaserver/install/ipa_server_upgrade.py
@@ -38,7 +38,7 @@ class ServerUpgrade(admintool.AdminTool):
     def run(self):
         super(ServerUpgrade, self).run()
 
-        api.bootstrap(in_server=True, context='updates')
+        api.bootstrap(in_server=True, context='updates', confdir=paths.ETC_IPA)
         api.finalize()
 
         try:
diff --git a/ipaserver/install/ipa_winsync_migrate.py b/ipaserver/install/ipa_winsync_migrate.py
index d0653c983..cb77de6aa 100644
--- a/ipaserver/install/ipa_winsync_migrate.py
+++ b/ipaserver/install/ipa_winsync_migrate.py
@@ -24,6 +24,7 @@ import six
 
 from ipalib import api
 from ipalib import errors
+from ipaplatform.paths import paths
 from ipapython import admintool
 from ipapython.dn import DN
 from ipapython.ipautil import realm_to_suffix, posixify
@@ -346,7 +347,7 @@ class WinsyncMigrate(admintool.AdminTool):
             sys.exit(e)
 
         # Finalize API
-        api.bootstrap(in_server=True, context='server')
+        api.bootstrap(in_server=True, context='server', confdir=paths.ETC_IPA)
         api.finalize()
 
         # Setup LDAP connection
diff --git a/ipaserver/install/ldapupdate.py b/ipaserver/install/ldapupdate.py
index 576b03541..bc2673b31 100644
--- a/ipaserver/install/ldapupdate.py
+++ b/ipaserver/install/ldapupdate.py
@@ -308,7 +308,9 @@ class LDAPUpdate(object):
             self.sub_dict["TOTAL_EXCLUDES"] = "(objectclass=*) $ EXCLUDE " + \
                 " ".join(constants.REPL_AGMT_TOTAL_EXCLUDES)
         self.api = create_api(mode=None)
-        self.api.bootstrap(in_server=True, context='updates',
+        self.api.bootstrap(in_server=True,
+                           context='updates',
+                           confdir=paths.ETC_IPA,
                            ldap_uri=self.ldapuri)
         self.api.finalize()
         if online:
diff --git a/ipaserver/install/server/install.py b/ipaserver/install/server/install.py
index 1f2e8a437..b30a9349f 100644
--- a/ipaserver/install/server/install.py
+++ b/ipaserver/install/server/install.py
@@ -566,6 +566,7 @@ def install_check(installer):
     # we are sure we have the configuration file ready.
     cfg = dict(
         context='installer',
+        confdir=paths.ETC_IPA,
         in_server=True,
         # make sure host name specified by user is used instead of default
         host=host_name,
@@ -962,6 +963,7 @@ def uninstall_check(installer):
     # we are sure we have the configuration file ready.
     cfg = dict(
         context='installer',
+        confdir=paths.ETC_IPA,
         in_server=True,
     )
 
diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py
index 742848da6..f1f7b1bf8 100644
--- a/ipaserver/install/server/replicainstall.py
+++ b/ipaserver/install/server/replicainstall.py
@@ -692,7 +692,7 @@ def install_check(installer):
     # Note: We must do this before bootstraping and finalizing ipalib.api
     create_ipa_conf(fstore, config, ca_enabled)
 
-    api.bootstrap(in_server=True, context='installer')
+    api.bootstrap(in_server=True, context='installer', confdir=paths.ETC_IPA)
     api.finalize()
 
     installutils.verify_fqdn(config.master_host_name, options.no_host_dns)
@@ -731,7 +731,9 @@ def install_check(installer):
 
     ldapuri = 'ldaps://%s' % ipautil.format_netloc(config.master_host_name)
     remote_api = create_api(mode=None)
-    remote_api.bootstrap(in_server=True, context='installer',
+    remote_api.bootstrap(in_server=True,
+                         context='installer',
+                         confdir=paths.ETC_IPA,
                          ldap_uri=ldapuri)
     remote_api.finalize()
     conn = remote_api.Backend.ldap2
@@ -954,12 +956,14 @@ def promote_check(installer):
     fstore = sysrestore.FileStore(paths.SYSRESTORE)
 
     env = Env()
-    env._bootstrap(context='installer', log=None)
+    env._bootstrap(context='installer', confdir=paths.ETC_IPA, log=None)
     env._finalize_core(**dict(constants.DEFAULT_CONFIG))
 
     # pylint: disable=no-member
     xmlrpc_uri = 'https://{}/ipa/xml'.format(ipautil.format_netloc(env.host))
-    api.bootstrap(in_server=True, context='installer',
+    api.bootstrap(in_server=True,
+                  context='installer',
+                  confdir=paths.ETC_IPA,
                   ldap_uri=installutils.realm_to_ldapi_uri(env.realm),
                   xmlrpc_uri=xmlrpc_uri)
     # pylint: enable=no-member
@@ -1056,8 +1060,11 @@ def promote_check(installer):
     xmlrpc_uri = 'https://{}/ipa/xml'.format(
         ipautil.format_netloc(config.master_host_name))
     remote_api = create_api(mode=None)
-    remote_api.bootstrap(in_server=True, context='installer',
-                         ldap_uri=ldapuri, xmlrpc_uri=xmlrpc_uri)
+    remote_api.bootstrap(in_server=True,
+                         context='installer',
+                         confdir=paths.ETC_IPA,
+                         ldap_uri=ldapuri,
+                         xmlrpc_uri=xmlrpc_uri)
     remote_api.finalize()
 
     check_remote_version(remote_api)
author	Christian Heimes <cheimes@redhat.com>	2016-11-28 16:24:33 +0100
committer	Jan Cholasta <jcholast@redhat.com>	2016-12-02 09:14:35 +0100
commit	1e6a204b4372bbbfb722a00370a5ce4e34406b9f (patch)
tree	b8deef8cc3b4f04990f5d305eafdeff14d5d8928 /ipaserver
parent	98f0077360884da6df31b351caaed7510dec94de (diff)