diff options
30 files changed, 111 insertions, 234 deletions
diff --git a/client/ipa-client-automount b/client/ipa-client-automount index 91bdc88f4..88adb0a50 100755 --- a/client/ipa-client-automount +++ b/client/ipa-client-automount @@ -45,8 +45,6 @@ from ipaplatform.tasks import tasks from ipaplatform import services from ipaplatform.paths import paths -# pylint: disable=unused-variable - def parse_options(): usage = "%prog [options]\n" parser = OptionParser(usage=usage) @@ -81,7 +79,7 @@ def wait_for_sssd(): try: ipautil.run(["getent", "passwd", "admin@%s" % api.env.realm]) found = True - except Exception as e: + except Exception: time.sleep(1) n = n + 1 @@ -180,7 +178,7 @@ def configure_autofs_sssd(fstore, statestore, autodiscover, options): if provider == "ipa": domain.add_provider('ipa', 'autofs') try: - location = domain.get_option('ipa_automount_location') + domain.get_option('ipa_automount_location') sys.exit('An automount location is already configured') except SSSDConfig.NoOptionError: domain.set_option('ipa_automount_location', options.location) @@ -373,7 +371,7 @@ def main(): if not fstore.has_files() and not os.path.exists(paths.IPA_DEFAULT_CONF): sys.exit('IPA client is not configured on this system.\n') - options, args = parse_options() + options, _args = parse_options() standard_logging_setup( paths.IPACLIENT_INSTALL_LOG, verbose=False, debug=options.debug, @@ -400,7 +398,6 @@ def main(): sys.exit('automount is already configured on this system.\n') autodiscover = False - servers = [] ds = ipadiscovery.IPADiscovery() if not options.server: print("Searching for IPA server...") @@ -437,7 +434,6 @@ def main(): print("IPA server: DNS discovery") root_logger.debug('Configuring to use DNS discovery') - search_base = str(DN(('cn', options.location), api.env.container_automount, api.env.basedn)) print("Location: %s" % options.location) root_logger.debug('Using automount location %s' % options.location) @@ -457,7 +453,7 @@ def main(): sys.exit('Cannot connect to the server due to ' + str(e)) try: # Use the RPC directly so older servers are supported - result = api.Backend.rpcclient.forward( + api.Backend.rpcclient.forward( 'automountlocation_show', ipautil.fsdecode(options.location), version=u'2.0', diff --git a/client/ipa-client-install b/client/ipa-client-install index d38eaf951..da7d6b37d 100755 --- a/client/ipa-client-install +++ b/client/ipa-client-install @@ -72,8 +72,6 @@ error was: """ % e, file=sys.stderr) sys.exit(1) -# pylint: disable=unused-variable - SUCCESS = 0 CLIENT_INSTALL_ERROR = 1 CLIENT_NOT_CONFIGURED = 2 @@ -97,7 +95,7 @@ def parse_options(): initialized = nss.nss_is_initialized() try: cert = x509.load_certificate_from_file(value) - except Exception as e: + except Exception: raise OptionValueError("%s option '%s' is not a valid certificate file" % (opt, value)) else: del(cert) @@ -230,7 +228,7 @@ def parse_options(): "be run with --unattended option") parser.add_option_group(uninstall_group) - options, args = parser.parse_args() + options, _args = parser.parse_args() safe_opts = parser.get_safe_opts(options) if (options.server and not options.domain): @@ -383,7 +381,6 @@ def nssldap_exists(): # helper function for uninstall # deletes IPA domain from sssd.conf def delete_ipa_domain(): - sssd = services.service('sssd') try: sssdconfig = SSSDConfig.SSSDConfig() sssdconfig.import_config() @@ -1509,7 +1506,7 @@ def configure_nisdomain(options, domain): try: result = ipautil.run([paths.BIN_NISDOMAINNAME], capture_output=True) - except CalledProcessError as e: + except CalledProcessError: pass else: nis_domain_name = result.output @@ -1748,7 +1745,7 @@ def verify_dns_update(fqdn, ips): def get_server_connection_interface(server): # connect to IPA server, get all ip addresses of inteface used to connect for res in socket.getaddrinfo(server, 389, socket.AF_UNSPEC, socket.SOCK_STREAM): - (af, socktype, proto, canonname, sa) = res + af, socktype, proto, _canonname, sa = res try: s = socket.socket(af, socktype, proto) except socket.error as e: @@ -1923,7 +1920,7 @@ def get_ca_certs_from_file(url): root_logger.debug("trying to retrieve CA cert from file %s", filename) try: certs = x509.load_certificate_list_from_file(filename) - except Exception as e: + except Exception: raise errors.NoCertificateError(entry=filename) return certs @@ -1944,7 +1941,7 @@ def get_ca_certs_from_http(url, warn=True): try: result = run([paths.BIN_CURL, "-o", "-", url], capture_output=True) - except CalledProcessError as e: + except CalledProcessError: raise errors.NoCertificateError(entry=url) stdout = result.output @@ -2981,7 +2978,7 @@ def install(options, env, fstore, statestore): if nslcd.is_installed(): save_state(nslcd) - retcode, conf, filename = (0, None, None) + retcode, conf = (0, None) if not options.no_ac: # Modify nsswitch/pam stack diff --git a/daemons/dnssec/ipa-ods-exporter b/daemons/dnssec/ipa-ods-exporter index bb208d233..66332490a 100755 --- a/daemons/dnssec/ipa-ods-exporter +++ b/daemons/dnssec/ipa-ods-exporter @@ -41,8 +41,6 @@ from ipapython.dnssec.abshsm import sync_pkcs11_metadata, wrappingmech_name2id from ipapython.dnssec.ldapkeydb import LdapKeyDB from ipapython.dnssec.localhsm import LocalHSM -# pylint: disable=unused-variable - DAEMONNAME = 'ipa-ods-exporter' PRINCIPAL = None # not initialized yet WORKDIR = os.path.join(paths.VAR_OPENDNSSEC_DIR ,'tmp') @@ -446,13 +444,13 @@ def receive_systemd_command(log): raise KeyError('Exactly one socket is expected.') sck = socket.fromfd(fds[0], socket.AF_UNIX, socket.SOCK_STREAM) - rlist, wlist, xlist = select.select([sck], [], [], 0) + rlist, _wlist, _xlist = select.select([sck], [], [], 0) if not rlist: log.critical('socket activation did not return socket with a command') sys.exit(0) log.debug('accepting new connection') - conn, addr = sck.accept() + conn, _addr = sck.accept() log.debug('accepted new connection %s', repr(conn)) # this implements cmdhandler_handle_cmd() logic diff --git a/install/certmonger/dogtag-ipa-ca-renew-agent-submit b/install/certmonger/dogtag-ipa-ca-renew-agent-submit index 329daa0fe..967ce6e5e 100755 --- a/install/certmonger/dogtag-ipa-ca-renew-agent-submit +++ b/install/certmonger/dogtag-ipa-ca-renew-agent-submit @@ -44,8 +44,6 @@ from ipaplatform.paths import paths from ipaserver.plugins.ldap2 import ldap2 from ipaserver.install import cainstance, certs -# pylint: disable=unused-variable - # This is a certmonger CA helper script for IPA CA subsystem cert renewal. See # https://git.fedorahosted.org/cgit/certmonger.git/tree/doc/submit.txt for more # info on certmonger CA helper scripts. @@ -194,7 +192,7 @@ def request_cert(): rc = result.returncode if rc == WAIT_WITH_DELAY: - delay, sep, cookie = stdout.partition('\n') + delay, _sep, cookie = stdout.partition('\n') return (rc, delay, cookie) else: return (rc, stdout) @@ -282,7 +280,7 @@ def request_and_store_cert(): if not cookie: return (UNCONFIGURED, "Cookie not provided") - state, sep, cookie = cookie.partition(':') + state, _sep, cookie = cookie.partition(':') if state not in ('request', 'store'): return (UNCONFIGURED, "Invalid cookie: %r" % os.environ['CERTMONGER_CA_COOKIE']) @@ -306,7 +304,7 @@ def request_and_store_cert(): cert = result[1] cookie = None else: - cert, sep, cookie = cookie.partition(':') + cert, _sep, cookie = cookie.partition(':') if cookie is None: os.environ['CERTMONGER_OPERATION'] = 'SUBMIT' @@ -438,7 +436,7 @@ def renew_ca_cert(): if not cookie: return (UNCONFIGURED, "Cookie not provided") - state, sep, cookie = cookie.partition(':') + state, _sep, cookie = cookie.partition(':') if state not in ('retrieve', 'request'): return (UNCONFIGURED, "Invalid cookie: %r" % os.environ['CERTMONGER_CA_COOKIE']) diff --git a/install/tools/ipa-adtrust-install b/install/tools/ipa-adtrust-install index 13c62aa0b..378627da8 100755 --- a/install/tools/ipa-adtrust-install +++ b/install/tools/ipa-adtrust-install @@ -45,8 +45,6 @@ from ipaplatform.paths import paths from ipapython.ipa_log_manager import root_logger, standard_logging_setup from ipapython.dn import DN -# pylint: disable=unused-variable - if six.PY3: unicode = str @@ -87,7 +85,7 @@ def parse_options(): dest="enable_compat", default=False, action="store_true", help="Enable support for trusted domains for old clients") - options, args = parser.parse_args() + options, _args = parser.parse_args() safe_options = parser.get_safe_opts(options) return safe_options, options @@ -215,7 +213,7 @@ def set_and_check_netbios_name(netbios_name, unattended): def ensure_admin_kinit(admin_name, admin_password): try: ipautil.run(['kinit', admin_name], stdin=admin_password+'\n') - except ipautil.CalledProcessError as e: + except ipautil.CalledProcessError: print("There was error to automatically re-kinit your admin user ticket.") return False return True @@ -357,8 +355,8 @@ def main(): try: root_logger.debug("Searching for objects with missing SID with " "filter=%s, base_dn=%s", filter, base_dn) - (entries, truncated) = api.Backend.ldap2.find_entries(filter=filter, - base_dn=base_dn, attrs_list=['']) + entries, _truncated = api.Backend.ldap2.find_entries( + filter=filter, base_dn=base_dn, attrs_list=['']) except errors.NotFound: # All objects have SIDs assigned pass @@ -413,7 +411,7 @@ def main(): try: # Search only masters which have support for domain levels # because only these masters will have SSSD recent enough to support AD trust agents - (entries_m, truncated) = smb.admin_conn.find_entries( + entries_m, _truncated = smb.admin_conn.find_entries( filter="(&(objectclass=ipaSupportedDomainLevelConfig)(ipaMaxDomainLevel=*)(ipaMinDomainLevel=*))", base_dn=masters_dn, attrs_list=['cn'], scope=ldap.SCOPE_ONELEVEL) except errors.NotFound: @@ -423,8 +421,9 @@ def main(): print(unicode(e)) try: - (entries_a, truncated) = smb.admin_conn.find_entries(filter="", - base_dn=agents_dn, attrs_list=['member'], scope=ldap.SCOPE_BASE) + entries_a, _truncated = smb.admin_conn.find_entries( + filter="", base_dn=agents_dn, attrs_list=['member'], + scope=ldap.SCOPE_BASE) except errors.NotFound: pass except (errors.DatabaseError, errors.NetworkError) as e: diff --git a/install/tools/ipa-replica-manage b/install/tools/ipa-replica-manage index 6152898d1..d9dee9cb1 100755 --- a/install/tools/ipa-replica-manage +++ b/install/tools/ipa-replica-manage @@ -45,8 +45,6 @@ from ipaclient import ipadiscovery from six.moves.xmlrpc_client import MAXINT from ipaplatform.paths import paths -# pylint: disable=unused-variable - # dict of command name and tuples of min/max num of args needed commands = { "list":(0, 1, "[master fqdn]", ""), @@ -142,7 +140,7 @@ def test_connection(realm, host, nolookup=False): if not nolookup: enforce_host_existence(host) replman = replication.ReplicationManager(realm, host, None) - ents = replman.find_replication_agreements() + replman.find_replication_agreements() del replman return True except errors.ACIError: @@ -216,7 +214,7 @@ def list_replicas(realm, host, replica, dirman_passwd, verbose, nolookup=False): if winsync_peer: repl = replication.ReplicationManager(realm, winsync_peer, dirman_passwd) - cn, dn = repl.agreement_dn(replica) + _cn, dn = repl.agreement_dn(replica) entries = repl.conn.get_entries( dn, conn.SCOPE_BASE, "(objectclass=nsDSWindowsReplicationAgreement)") @@ -308,7 +306,7 @@ def del_link(realm, replica1, replica2, dirman_passwd, force=False): try: repl2.set_readonly(readonly=True) repl2.force_sync(repl2.conn, replica1) - cn, dn = repl2.agreement_dn(repl1.conn.host) + _cn, dn = repl2.agreement_dn(repl1.conn.host) repl2.wait_for_repl_update(repl2.conn, dn, 30) (range_start, range_max) = repl2.get_DNA_range(repl2.conn.host) (next_start, next_max) = repl2.get_DNA_next_range(repl2.conn.host) @@ -391,7 +389,9 @@ def get_ruv(realm, host, dirman_passwd, nolookup=False, ca=False): data = re.match('\{replica (\d+) (ldap://.*:\d+)\}(\s+\w+\s+\w*){0,1}', ruv) if data: rid = data.group(1) - (scheme, netloc, path, params, query, fragment) = urlparse(data.group(2)) + ( + _scheme, netloc, _path, _params, _query, _fragment + ) = urlparse(data.group(2)) servers.append((netloc, rid)) else: print("unable to decode: %s" % ruv) @@ -1323,7 +1323,7 @@ def store_DNA_range(repl, range_start, range_max, deleted_master, realm, except Exception as e: print("Connection failed: %s" % e) continue - (next_start, next_max) = repl2.get_DNA_next_range(candidate) + next_start, _next_max = repl2.get_DNA_next_range(candidate) if next_start is None: try: return repl2.save_DNA_next_range(range_start, range_max) @@ -1359,7 +1359,7 @@ def set_DNA_range(hostname, range, realm, dirman_passwd, next_range=False, """ try: (dna_next, dna_max) = range.split('-', 1) - except ValueError as e: + except ValueError: return "Invalid range, must be the form x-y" try: diff --git a/install/tools/ipactl b/install/tools/ipactl index d22973838..42bd73e74 100755 --- a/install/tools/ipactl +++ b/install/tools/ipactl @@ -39,9 +39,6 @@ from ipapython.dn import DN from ipaplatform import services from ipaplatform.paths import paths -# pylint: disable=unused-variable - - MSG_HINT_IGNORE_SERVICE_FAILURE = ( "Hint: You can use --ignore-service-failure option for forced start in " "case that a non-critical service failed" @@ -89,7 +86,7 @@ def is_dirsrv_debugging_enabled(): fd.close() for line in lines: if line.lower().startswith('nsslapd-errorlog-level'): - (option, value) = line.split(':') + _option, value = line.split(':') if int(value) > 0: debugging = True @@ -239,7 +236,7 @@ def get_config_from_file(): def_svc_list.append([s[1], s[0]]) ordered_list = [] - for (order, svc) in sorted(def_svc_list): + for _order, svc in sorted(def_svc_list): if svc in svc_list: ordered_list.append(svc) @@ -286,7 +283,6 @@ def ipa_start(options): except Exception as e: raise IpactlError("Failed to start Directory Service: " + str(e)) - ldap_list = [] try: svc_list = get_config(dirsrv) except Exception as e: @@ -540,7 +536,7 @@ def main(): # LSB status code 4: user had insufficient privilege raise IpactlError("You must be root to run ipactl.", 4) - safe_options, options, args = parse_options() + _safe_options, options, args = parse_options() if len(args) != 1: # LSB status code 2: invalid or excess argument(s) diff --git a/ipaclient/ipachangeconf.py b/ipaclient/ipachangeconf.py index b6cbc9bba..b7d8ffc33 100644 --- a/ipaclient/ipachangeconf.py +++ b/ipaclient/ipachangeconf.py @@ -24,8 +24,6 @@ import shutil import six -# pylint: disable=unused-variable - if six.PY3: unicode = str @@ -303,7 +301,7 @@ class IPAChangeConf(object): for o in oldopts: if o['type'] == "section" or o['type'] == "subsection": - (num, no) = self.findOpts(newopts, o['type'], o['name']) + _num, no = self.findOpts(newopts, o['type'], o['name']) if not no: opts.append(o) continue @@ -327,7 +325,7 @@ class IPAChangeConf(object): continue if o['type'] == "option": - (num, no) = self.findOpts(newopts, 'option', o['name'], True) + _num, no = self.findOpts(newopts, 'option', o['name'], True) if not no: opts.append(o) continue @@ -482,9 +480,6 @@ class IPAChangeConf(object): # [{'name': 'foo', 'value': 'bar', 'action': 'set/comment'}] # section is a section name like 'global' def changeConf(self, file, newopts): - autosection = False - savedsection = None - done = False output = "" f = None try: @@ -517,9 +512,6 @@ class IPAChangeConf(object): # options is a set of dictionaries in the form: # [{'name': 'foo', 'value': 'bar', 'action': 'set/comment'}] def newConf(self, file, options): - autosection = False - savedsection = None - done = False output = "" f = None try: diff --git a/ipaclient/ipadiscovery.py b/ipaclient/ipadiscovery.py index e051bc722..2075c3374 100644 --- a/ipaclient/ipadiscovery.py +++ b/ipaclient/ipadiscovery.py @@ -30,8 +30,6 @@ from ipaplatform.paths import paths from ipapython.ipautil import valid_ip, realm_to_suffix from ipapython.dn import DN -# pylint: disable=unused-variable - NOT_FQDN = -1 NO_LDAP_SERVER = -2 REALM_NOT_FOUND = -3 @@ -376,8 +374,6 @@ class IPADiscovery(object): lrealms = [] - i = 0 - #now verify the server is really an IPA server try: root_logger.debug("Init LDAP connection to: %s", thost) diff --git a/ipapython/install/core.py b/ipapython/install/core.py index 98ee588d0..e94c0f2c0 100644 --- a/ipapython/install/core.py +++ b/ipapython/install/core.py @@ -19,8 +19,6 @@ from ipapython.ipa_log_manager import root_logger from . import util from .util import from_ -# pylint: disable=unused-variable - __all__ = ['InvalidStateError', 'KnobValueError', 'Property', 'Knob', 'Configurable', 'Group', 'Component', 'Composite'] @@ -207,7 +205,7 @@ class Configurable(six.with_metaclass(abc.ABCMeta, object)): result = sorted(result, key=lambda r: r[0]) - for order, owner_cls, name in result: + for _order, owner_cls, name in result: yield owner_cls, name @classmethod @@ -316,7 +314,7 @@ class Configurable(six.with_metaclass(abc.ABCMeta, object)): Run the validation part of the configurable. """ - for nothing in self._validator(): + for _nothing in self._validator(): pass def _validator(self): @@ -333,7 +331,7 @@ class Configurable(six.with_metaclass(abc.ABCMeta, object)): Run the execution part of the configurable. """ - for nothing in self._executor(): + for _nothing in self._executor(): pass def _executor(self): @@ -541,7 +539,7 @@ class Composite(Configurable): result = sorted(result, key=lambda r: r[0]) - for order, owner_cls, name in result: + for _order, owner_cls, name in result: yield owner_cls, name def __getattr__(self, name): @@ -565,7 +563,7 @@ class Composite(Configurable): super(Composite, self)._reset() def _get_components(self): - for owner_cls, name in self.components(): + for _owner_cls, name in self.components(): yield getattr(self, name) def _configure(self): diff --git a/ipaserver/install/bindinstance.py b/ipaserver/install/bindinstance.py index a04822e2d..350cb3c76 100644 --- a/ipaserver/install/bindinstance.py +++ b/ipaserver/install/bindinstance.py @@ -60,8 +60,6 @@ from ipalib.util import (validate_zonemgr_str, normalize_zonemgr, UnresolvableRecordError) from ipalib.constants import CACERT -# pylint: disable=unused-variable - if six.PY3: unicode = str @@ -289,7 +287,7 @@ def find_reverse_zone(ip_address, api=api): while len(zone) > 0: if dns_zone_exists(zone, api): return zone - foo, bar, zone = zone.partition('.') + zone = zone.partition('.')[2] return None @@ -866,7 +864,7 @@ class BindInstance(service.Service): for addr in addrs: try: add_fwd_rr(zone, host, addr, self.api) - except errors.NotFound as e: + except errors.NotFound: pass reverse_zone = find_reverse_zone(addr, self.api) @@ -1107,7 +1105,8 @@ class BindInstance(service.Service): attributes = ['idnsname', 'objectclass'] dn = DN(self.api.env.container_dns, self.api.env.basedn) - entries, truncated = ldap.find_entries(attr_filter, attributes, base_dn=dn) + entries, _truncated = ldap.find_entries( + attr_filter, attributes, base_dn=dn) # remove records if entries: diff --git a/ipaserver/install/ca.py b/ipaserver/install/ca.py index b23ccfddb..dadc34e86 100644 --- a/ipaserver/install/ca.py +++ b/ipaserver/install/ca.py @@ -15,8 +15,6 @@ from ipalib import api, certstore, x509 from ipapython.dn import DN from ipapython.ipa_log_manager import root_logger -# pylint: disable=unused-variable - external_cert_file = None external_ca_file = None @@ -94,7 +92,7 @@ def install_check(standalone, replica_config, options): dsdb = certs.CertDB(realm_name, nssdir=dirname, subject_base=subject_base) for db in (cadb, dsdb): - for nickname, trust_flags in db.list_certs(): + for nickname, _trust_flags in db.list_certs(): if nickname in (certdb.get_ca_nickname(realm_name), 'ipaCert', 'Signing-Cert'): @@ -121,7 +119,6 @@ def install(standalone, replica_config, options): def install_step_0(standalone, replica_config, options): realm_name = options.realm_name - domain_name = options.domain_name dm_password = options.dm_password host_name = options.host_name subject_base = options.subject @@ -170,7 +167,6 @@ def install_step_0(standalone, replica_config, options): def install_step_1(standalone, replica_config, options): realm_name = options.realm_name - domain_name = options.domain_name dm_password = options.dm_password host_name = options.host_name subject_base = options.subject diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py index 0b502b2b6..384abc3fe 100644 --- a/ipaserver/install/cainstance.py +++ b/ipaserver/install/cainstance.py @@ -81,8 +81,6 @@ try: except ImportError: import http.client as httplib -# pylint: disable=unused-variable - # We need to reset the template because the CA uses the regular boot # information INF_TEMPLATE = """ @@ -1625,9 +1623,6 @@ def __update_entry_from_cert(make_filter, make_entry, dercert): """ base_dn = DN(('o', 'ipaca')) - serial_number = x509.get_serial_number(dercert, datatype=x509.DER) - subject = x509.get_subject(dercert, datatype=x509.DER) - issuer = x509.get_issuer(dercert, datatype=x509.DER) attempts = 0 server_id = installutils.realm_to_serverid(api.env.realm) @@ -1909,7 +1904,7 @@ def repair_profile_caIPAserviceCert(): with api.Backend.ra_certprofile as profile_api: try: cur_config = profile_api.read_profile(profile_id).splitlines() - except errors.RemoteRetrieveError as e: + except errors.RemoteRetrieveError: # no profile there to check/repair api.Backend.ra_certprofile.override_port = None return diff --git a/ipaserver/install/certs.py b/ipaserver/install/certs.py index b55bb6c4b..31fd36cc3 100644 --- a/ipaserver/install/certs.py +++ b/ipaserver/install/certs.py @@ -45,8 +45,6 @@ from ipalib.text import _ from ipaplatform.constants import constants from ipaplatform.paths import paths -# pylint: disable=unused-variable - # Apache needs access to this database so we need to create it # where apache can reach NSS_DIR = paths.HTTPD_ALIAS_DIR @@ -260,7 +258,7 @@ class CertDB(object): while True: try: (cert, st) = find_cert_from_txt(certs, st) - (rdn, subject_dn) = get_cert_nickname(cert) + _rdn, subject_dn = get_cert_nickname(cert) if subject_dn == ca_dn: nick = get_ca_nickname(self.realm) else: @@ -283,7 +281,7 @@ class CertDB(object): if pem: return cert else: - (cert, start) = find_cert_from_txt(cert, start=0) + cert, _start = find_cert_from_txt(cert, start=0) cert = x509.strip_header(cert) dercert = base64.b64decode(cert) return dercert @@ -405,7 +403,7 @@ class CertDB(object): result = dogtag.https_request( self.host_name, 8443, "/ca/ee/ca/profileSubmitSSLClient", self.secdir, password, "ipaCert", **params) - http_status, http_headers, http_body = result + http_status, _http_headers, http_body = result root_logger.debug("CA answer: %s", http_body) if http_status != 200: @@ -459,7 +457,7 @@ class CertDB(object): result = dogtag.https_request( self.host_name, 8443, "/ca/ee/ca/profileSubmitSSLClient", self.secdir, password, "ipaCert", **params) - http_status, http_headers, http_body = result + http_status, _http_headers, http_body = result if http_status != 200: raise RuntimeError("Unable to submit cert request") @@ -571,11 +569,11 @@ class CertDB(object): newca = f.readlines() f.close() newca = "".join(newca) - (newca, st) = find_cert_from_txt(newca) + newca, _st = find_cert_from_txt(newca) cacert = self.get_cert_from_db(self.cacert_name) if cacert != '': - (cacert, st) = find_cert_from_txt(cacert) + cacert, _st = find_cert_from_txt(cacert) if newca == cacert: return diff --git a/ipaserver/install/dns.py b/ipaserver/install/dns.py index efff82ace..c16b96397 100644 --- a/ipaserver/install/dns.py +++ b/ipaserver/install/dns.py @@ -30,12 +30,9 @@ from ipaserver.install.installutils import read_dns_forwarders from ipaserver.install.installutils import update_hosts_file from ipaserver.install import bindinstance from ipaserver.install import dnskeysyncinstance -from ipaserver.install import ntpinstance from ipaserver.install import odsexporterinstance from ipaserver.install import opendnssecinstance -# pylint: disable=unused-variable - ip_addresses = [] reverse_zones = [] @@ -45,7 +42,7 @@ def _find_dnssec_enabled_zones(conn): dnssec_enabled_filter = conn.make_filter(search_kw) dn = DN('cn=dns', api.env.basedn) try: - entries, truncated = conn.find_entries( + entries, _truncated = conn.find_entries( base_dn=dn, filter=dnssec_enabled_filter, attrs_list=['idnsname']) except errors.NotFound: return [] @@ -222,8 +219,6 @@ def install_check(standalone, api, replica, options, hostname): "database (kasp.db file)") # check if replica can be the DNSSEC master - named = services.knownservices.named - ods_enforcerd = services.knownservices.ods_enforcerd cmd = [paths.IPA_DNSKEYSYNCD_REPLICA] environment = { "SOFTHSM2_CONF": paths.DNSSEC_SOFTHSM2_CONF, @@ -316,15 +311,8 @@ def install_check(standalone, api, replica, options, hostname): def install(standalone, replica, options, api=api): - local_dnskeysyncd_dn = DN(('cn', 'DNSKeySync'), ('cn', api.env.host), - ('cn', 'masters'), ('cn', 'ipa'), ('cn', 'etc'), - api.env.basedn) - conn = api.Backend.ldap2 - fstore = sysrestore.FileStore(paths.SYSRESTORE) - conf_ntp = ntpinstance.NTPInstance(fstore).is_enabled() - if standalone: # otherwise this is done by server/replica installer update_hosts_file(ip_addresses, api.env.host, fstore) diff --git a/ipaserver/install/dnskeysyncinstance.py b/ipaserver/install/dnskeysyncinstance.py index 3e862b302..f39787937 100644 --- a/ipaserver/install/dnskeysyncinstance.py +++ b/ipaserver/install/dnskeysyncinstance.py @@ -21,15 +21,12 @@ from ipapython.ipa_log_manager import root_logger from ipapython.dn import DN from ipapython import ipaldap from ipapython import sysrestore, ipautil -from ipaplatform import services from ipaplatform.constants import constants from ipaplatform.paths import paths from ipalib import errors, api from ipalib.constants import CACERT from ipaserver.install.bindinstance import dns_container_exists -# pylint: disable=unused-variable - softhsm_token_label = u'ipaDNSSEC' softhsm_slot = 0 replica_keylabel_template = u"dnssec-replica:%s" @@ -117,7 +114,7 @@ class DNSKeySyncInstance(service.Service): 'ipk11Wrap': True, } filter = ldap.make_filter(search_kw, rules=ldap.MATCH_ALL) - entries, truncated = ldap.find_entries(filter=filter, base_dn=dn_base) + entries, _truncated = ldap.find_entries(filter=filter, base_dn=dn_base) for entry in entries: ldap.delete_entry(entry) @@ -149,22 +146,18 @@ class DNSKeySyncInstance(service.Service): self.start_creation() def __get_named_uid(self): - named = services.knownservices.named try: return pwd.getpwnam(constants.NAMED_USER).pw_uid except KeyError: raise RuntimeError("Named UID not found") def __get_named_gid(self): - named = services.knownservices.named try: return grp.getgrnam(constants.NAMED_GROUP).gr_gid except KeyError: raise RuntimeError("Named GID not found") def __check_dnssec_status(self): - ods_enforcerd = services.knownservices.ods_enforcerd - self.named_uid = self.__get_named_uid() self.named_gid = self.__get_named_gid() @@ -338,7 +331,7 @@ class DNSKeySyncInstance(service.Service): if not priv_keys: break # we found unique id - public_key_handle, private_key_handle = p11.generate_replica_key_pair( + public_key_handle, _privkey_handle = p11.generate_replica_key_pair( keylabel, key_id, pub_cka_verify=False, pub_cka_verify_recover=False, @@ -394,7 +387,7 @@ class DNSKeySyncInstance(service.Service): 'ipk11Wrap': True, } filter = ldap.make_filter(search_kw, rules=ldap.MATCH_ALL) - entries, truncated = ldap.find_entries(filter=filter, + entries, _truncated = ldap.find_entries(filter=filter, base_dn=dn_base) for entry in entries: # don't disable wrapping for new key diff --git a/ipaserver/install/dogtaginstance.py b/ipaserver/install/dogtaginstance.py index ea80a2f02..d6827450c 100644 --- a/ipaserver/install/dogtaginstance.py +++ b/ipaserver/install/dogtaginstance.py @@ -45,8 +45,6 @@ from ipaserver.install import replication from ipaserver.install.installutils import stopped_service from ipapython.ipa_log_manager import log_mgr -# pylint: disable=unused-variable - HTTPD_USER = constants.HTTPD_USER @@ -356,7 +354,7 @@ class DogtagInstance(service.Service): services.knownservices.messagebus.start() cmonger.start() - nicknames = [nickname for nickname, profile in self.tracking_reqs] + nicknames = [nickname for nickname, _profile in self.tracking_reqs] if self.server_cert_name is not None: nicknames.append(self.server_cert_name) @@ -477,7 +475,6 @@ class DogtagInstance(service.Service): def __remove_admin_from_group(self, group): dn = DN(('cn', group), ('ou', 'groups'), ('o', 'ipaca')) - entry = self.admin_conn.get_entry(dn) mod = [(ldap.MOD_DELETE, 'uniqueMember', self.admin_dn)] try: self.admin_conn.modify_s(dn, mod) diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py index 30e0038a2..aaaba0788 100644 --- a/ipaserver/install/dsinstance.py +++ b/ipaserver/install/dsinstance.py @@ -52,8 +52,6 @@ from ipapython.admintool import ScriptError from ipaplatform import services from ipaplatform.paths import paths -# pylint: disable=unused-variable - DS_USER = platformconstants.DS_USER DS_GROUP = platformconstants.DS_GROUP @@ -186,7 +184,7 @@ def get_domain_level(api=api): def get_all_external_schema_files(root): """Get all schema files""" f = [] - for path, subdirs, files in os.walk(root): + for path, _subdirs, files in os.walk(root): for name in files: if fnmatch.fnmatch(name, "*.ldif"): f.append(os.path.join(path, name)) @@ -741,7 +739,7 @@ class DsInstance(service.Service): os.chown(filepath, 0, 0) replacevars = {'KRB5CCNAME': ccache} - old_values = ipautil.backup_config_and_replace_variables( + ipautil.backup_config_and_replace_variables( self.fstore, filepath, replacevars=replacevars) tasks.restore_context(filepath) @@ -898,7 +896,6 @@ class DsInstance(service.Service): def change_admin_password(self, password): root_logger.debug("Changing admin password") - dirname = config_dirname(self.serverid) dmpwdfile = "" admpwdfile = "" @@ -937,7 +934,7 @@ class DsInstance(service.Service): enabled = self.restore_state("enabled") # Just eat this state if it exists - running = self.restore_state("running") + self.restore_state("running") try: self.fstore.restore_file(paths.LIMITS_CONF) @@ -961,10 +958,8 @@ class DsInstance(service.Service): root_logger.error("Failed to remove DS instance. You may " "need to remove instance data manually") - # At one time we removed this user on uninstall. That can potentially - # orphan files, or worse, if another useradd runs in the intermim, - # cause files to have a new owner. - user_exists = self.restore_state("user_exists") + # Just eat this state + self.restore_state("user_exists") # Make sure some upgrade-related state is removed. This could cause # re-installation problems. @@ -1341,7 +1336,7 @@ class DsInstance(service.Service): # the failure to update the shared config entry and return # max_wait = 30 - for i in range(0, max_wait + 1): + for _i in range(0, max_wait + 1): try: entries = conn.get_entries( sharedcfgdn, scope=ldap.SCOPE_ONELEVEL, diff --git a/ipaserver/install/ipa_backup.py b/ipaserver/install/ipa_backup.py index 3c38e6ff1..e7fefd8cd 100644 --- a/ipaserver/install/ipa_backup.py +++ b/ipaserver/install/ipa_backup.py @@ -40,8 +40,6 @@ from ipalib.constants import CACERT from ipaplatform.constants import constants from ipaplatform.tasks import tasks -# pylint: disable=unused-variable - """ A test gpg can be generated like this: @@ -382,7 +380,6 @@ class Backup(admintool.AdminTool): ''' self.log.info('Backing up %s in %s to LDIF' % (backend, instance)) - now = time.localtime() cn = time.strftime('export_%Y_%m_%d_%H_%M_%S') dn = DN(('cn', cn), ('cn', 'export'), ('cn', 'tasks'), ('cn', 'config')) @@ -434,7 +431,6 @@ class Backup(admintool.AdminTool): If executed online create a task and wait for it to complete. ''' self.log.info('Backing up %s' % instance) - now = time.localtime() cn = time.strftime('backup_%Y_%m_%d_%H_%M_%S') dn = DN(('cn', cn), ('cn', 'backup'), ('cn', 'tasks'), ('cn', 'config')) @@ -591,7 +587,6 @@ class Backup(admintool.AdminTool): os.mkdir(backup_dir) os.chmod(backup_dir, 0o700) - cwd = os.getcwd() os.chdir(self.dir) args = ['tar', '--xattrs', diff --git a/ipaserver/install/ipa_cacert_manage.py b/ipaserver/install/ipa_cacert_manage.py index e691f4112..859c2546c 100644 --- a/ipaserver/install/ipa_cacert_manage.py +++ b/ipaserver/install/ipa_cacert_manage.py @@ -31,8 +31,6 @@ from ipaplatform.paths import paths from ipalib import api, errors, x509, certstore from ipaserver.install import certs, cainstance, installutils -# pylint: disable=unused-variable - class CACertManage(admintool.AdminTool): command_name = 'ipa-cacert-manage' @@ -87,7 +85,6 @@ class CACertManage(admintool.AdminTool): parser.error("command not provided") command = self.command = self.args[0] - options = self.options if command == 'renew': pass diff --git a/ipaserver/install/ipa_replica_prepare.py b/ipaserver/install/ipa_replica_prepare.py index e58f9b6c8..d7ab81311 100644 --- a/ipaserver/install/ipa_replica_prepare.py +++ b/ipaserver/install/ipa_replica_prepare.py @@ -43,8 +43,6 @@ from ipalib import errors from ipaplatform.paths import paths from ipalib.constants import CACERT, DOMAIN_LEVEL_0 -# pylint: disable=unused-variable - UNSUPPORTED_DOMAIN_LEVEL_TEMPLATE = """ Replica creation using '{command_name}' to generate replica file is supported only in {domain_level}-level IPA domain. @@ -215,7 +213,6 @@ class ReplicaPrepare(admintool.AdminTool): "Directory Manager password required") # Try out the password & get the subject base - suffix = ipautil.realm_to_suffix(api.env.realm) try: conn = api.Backend.ldap2 conn.connect(bind_dn=DN(('cn', 'directory manager')), @@ -254,7 +251,6 @@ class ReplicaPrepare(admintool.AdminTool): try: installutils.verify_fqdn(self.replica_fqdn, local_hostname=False) except installutils.BadHostError as e: - msg = str(e) if isinstance(e, installutils.HostLookupError): if not options.ip_addresses: if dns_container_exists( @@ -292,7 +288,7 @@ class ReplicaPrepare(admintool.AdminTool): options.ip_addresses, options.reverse_zones, options, False, True) - host, zone = self.replica_fqdn.split('.', 1) + _host, zone = self.replica_fqdn.split('.', 1) if not bindinstance.dns_zone_exists(zone, api=api): self.log.error("DNS zone %s does not exist in IPA managed DNS " "server. Either create DNS zone or omit " @@ -340,7 +336,7 @@ class ReplicaPrepare(admintool.AdminTool): if options.pkinit_pin is None: raise admintool.ScriptError( "Kerberos KDC private key unlock password required") - pkinit_pkcs12_file, pkinit_pin, pkinit_ca_cert = self.load_pkcs12( + pkinit_pkcs12_file, pkinit_pin, _pkinit_ca_cert = self.load_pkcs12( options.pkinit_cert_files, options.pkinit_pin, options.pkinit_cert_name) self.pkinit_pkcs12_file = pkinit_pkcs12_file @@ -537,10 +533,10 @@ class ReplicaPrepare(admintool.AdminTool): dns.resolver.Timeout, dns.resolver.NoNameservers) try: - dns_answer = resolver.query(replica_fqdn, 'A', 'IN') + resolver.query(replica_fqdn, 'A', 'IN') except exceptions: try: - dns_answer = resolver.query(replica_fqdn, 'AAAA', 'IN') + resolver.query(replica_fqdn, 'AAAA', 'IN') except exceptions: return False except Exception as e: @@ -550,8 +546,6 @@ class ReplicaPrepare(admintool.AdminTool): return True def wait_for_dns(self): - options = self.options - # Make sure replica_fqdn has a trailing dot, so the # 'search' directive in /etc/resolv.conf doesn't apply replica_fqdn = self.replica_fqdn @@ -601,7 +595,6 @@ class ReplicaPrepare(admintool.AdminTool): :param passwd_fname: File that holds the cert DB password :param is_kdc: True if we're exporting KDC certs """ - options = self.options hostname = self.replica_fqdn subject_base = self.subject_base diff --git a/ipaserver/install/ipa_restore.py b/ipaserver/install/ipa_restore.py index 9cafa685c..64ab9e431 100644 --- a/ipaserver/install/ipa_restore.py +++ b/ipaserver/install/ipa_restore.py @@ -51,8 +51,6 @@ try: except ImportError: adtrustinstance = None -# pylint: disable=unused-variable - def recursive_chown(path, uid, gid): ''' Change ownership of all files and directories in a path. @@ -523,7 +521,6 @@ class Restore(admintool.AdminTool): ''' self.log.info('Restoring from %s in %s' % (backend, instance)) - now = time.localtime() cn = time.strftime('import_%Y_%m_%d_%H_%M_%S') dn = DN(('cn', cn), ('cn', 'import'), ('cn', 'tasks'), ('cn', 'config')) @@ -746,7 +743,6 @@ class Restore(admintool.AdminTool): self.log.info('Decrypting %s' % filename) filename = decrypt_file(self.dir, filename, keyring) - cwd = os.getcwd() os.chdir(self.dir) args = ['tar', diff --git a/ipaserver/install/ipa_winsync_migrate.py b/ipaserver/install/ipa_winsync_migrate.py index cf89366b3..d0653c983 100644 --- a/ipaserver/install/ipa_winsync_migrate.py +++ b/ipaserver/install/ipa_winsync_migrate.py @@ -29,8 +29,6 @@ from ipapython.dn import DN from ipapython.ipautil import realm_to_suffix, posixify from ipaserver.install import replication, installutils -# pylint: disable=unused-variable - if six.PY3: unicode = str @@ -175,7 +173,7 @@ class WinsyncMigrate(admintool.AdminTool): } try: - result = api.Command['idoverrideuser_add']( + api.Command['idoverrideuser_add']( DEFAULT_TRUST_VIEW_NAME, user_identifier, **kwargs @@ -193,7 +191,7 @@ class WinsyncMigrate(admintool.AdminTool): user_filter = "(&(objectclass=ntuser)(ntUserDomainId=*))" user_base = DN(api.env.container_user, api.env.basedn) - entries, _ = self.ldap.find_entries( + entries, _truncated = self.ldap.find_entries( filter=user_filter, base_dn=user_base, paged_search=True) @@ -262,8 +260,9 @@ class WinsyncMigrate(admintool.AdminTool): user_entry.dn) try: - objects, _ = self.ldap.find_entries(member_filter, - base_dn=object_container_dn) + objects, _truncated = self.ldap.find_entries( + member_filter, + base_dn=object_container_dn) except errors.EmptyResult: # If there's nothing to migrate, then let's get out of here return diff --git a/ipaserver/install/opendnssecinstance.py b/ipaserver/install/opendnssecinstance.py index 39ea19623..28638a1f8 100644 --- a/ipaserver/install/opendnssecinstance.py +++ b/ipaserver/install/opendnssecinstance.py @@ -20,8 +20,6 @@ from ipaplatform.paths import paths from ipalib import errors, api from ipaserver.install import dnskeysyncinstance -# pylint: disable=unused-variable - KEYMASTER = u'dnssecKeyMaster' softhsm_slot = 0 @@ -126,9 +124,6 @@ class OpenDNSSECInstance(service.Service): self.start_creation() def __check_dnssec_status(self): - named = services.knownservices.named - ods_enforcerd = services.knownservices.ods_enforcerd - try: self.named_uid = pwd.getpwnam(constants.NAMED_USER).pw_uid except KeyError: @@ -289,7 +284,6 @@ class OpenDNSSECInstance(service.Service): os.chmod(paths.OPENDNSSEC_KASP_DB, 0o660) # regenerate zonelist.xml - ods_enforcerd = services.knownservices.ods_enforcerd cmd = [paths.ODS_KSMUTIL, 'zonelist', 'export'] result = ipautil.run(cmd, runas=constants.ODS_USER, @@ -307,7 +301,6 @@ class OpenDNSSECInstance(service.Service): 'setup' ] - ods_enforcerd = services.knownservices.ods_enforcerd ipautil.run(command, stdin="y", runas=constants.ODS_USER) def __setup_dnskeysyncd(self): @@ -353,7 +346,6 @@ class OpenDNSSECInstance(service.Service): if ipautil.file_exists(paths.OPENDNSSEC_KASP_DB): # force to export data - ods_enforcerd = services.knownservices.ods_enforcerd cmd = [paths.IPA_ODS_EXPORTER, 'ipa-full-update'] try: self.print_msg("Exporting DNSSEC data before uninstallation") diff --git a/ipaserver/install/plugins/rename_managed.py b/ipaserver/install/plugins/rename_managed.py index 96da85fc2..5db00c7ae 100644 --- a/ipaserver/install/plugins/rename_managed.py +++ b/ipaserver/install/plugins/rename_managed.py @@ -24,8 +24,6 @@ from ipalib import Updater from ipapython import ipautil from ipapython.dn import DN -# pylint: disable=unused-variable - register = Registry() if six.PY3: @@ -80,16 +78,15 @@ class GenerateUpdateMixin(object): old_definition_container = DN(('cn', 'managed entries'), ('cn', 'plugins'), ('cn', 'config'), suffix) new_definition_container = DN(('cn', 'Definitions'), ('cn', 'Managed Entries'), ('cn', 'etc'), suffix) - definitions_dn = DN(('cn', 'Definitions')) update_list = [] restart = False # If the old entries don't exist the server has already been updated. try: - definitions_managed_entries, truncated = ldap.find_entries( + definitions_managed_entries, _truncated = ldap.find_entries( searchfilter, ['*'], old_definition_container, ldap.SCOPE_ONELEVEL) - except errors.NotFound as e: + except errors.NotFound: return (False, update_list) for entry in definitions_managed_entries: @@ -99,7 +96,7 @@ class GenerateUpdateMixin(object): assert isinstance(old_dn, DN) try: entry = ldap.get_entry(old_dn, ['*']) - except errors.NotFound as e: + except errors.NotFound: pass else: # Compute the new dn by replacing the old container with the new container @@ -164,7 +161,7 @@ class update_managed_post_first(Updater, GenerateUpdateMixin): def execute(self, **options): # Never need to restart with the pre-update changes - (ignore, update_list) = self.generate_update(False) + _ignore, update_list = self.generate_update(False) return False, update_list diff --git a/ipaserver/install/replication.py b/ipaserver/install/replication.py index e9fa796b7..fcd0b320a 100644 --- a/ipaserver/install/replication.py +++ b/ipaserver/install/replication.py @@ -38,8 +38,6 @@ from ipapython.dn import DN from ipaplatform import services from ipaplatform.paths import paths -# pylint: disable=unused-variable - if six.PY3: unicode = str @@ -708,7 +706,7 @@ class ReplicationManager(object): mod = [(ldap.MOD_ADD, 'nsDS5ReplicatedAttributeListTotal', '(objectclass=*) $ EXCLUDE %s' % " ".join(TOTAL_EXCLUDES))] a_conn.modify_s(dn, mod) - except ldap.LDAPError as e: + except ldap.LDAPError: # Apparently there are problems set the total list # Probably the master is an old 389-ds server, tell the caller # that we will have to set the memberof fixup task @@ -763,15 +761,15 @@ class ReplicationManager(object): root_logger.debug('Unable to find entry for %s on %s' % (filter_a, str(b))) self.force_sync(a, b.host) - cn, dn = self.agreement_dn(b.host) - haserror, error_message = self.wait_for_repl_update(a, dn, 60) + _cn, dn = self.agreement_dn(b.host) + _haserror, error_message = self.wait_for_repl_update(a, dn, 60) if not b_entry: root_logger.debug('Unable to find entry for %s on %s' % (filter_b, str(a))) self.force_sync(b, a.host) - cn, dn = self.agreement_dn(a.host) - haserror, error_message = self.wait_for_repl_update(b, dn, 60) + _cn, dn = self.agreement_dn(a.host) + _haserror, error_message = self.wait_for_repl_update(b, dn, 60) retries -= 1 @@ -834,10 +832,10 @@ class ReplicationManager(object): (ldap.MOD_DELETE, "nsds5replicabinddn", None), (ldap.MOD_DELETE, "nsds5replicacredentials", None)] - cn, a_ag_dn = self.agreement_dn(b.host) + _cn, a_ag_dn = self.agreement_dn(b.host) a.modify_s(a_ag_dn, mod) - cn, b_ag_dn = self.agreement_dn(a.host) + _cn, b_ag_dn = self.agreement_dn(a.host) b.modify_s(b_ag_dn, mod) # Finally remove the temporary replication manager user @@ -863,7 +861,7 @@ class ReplicationManager(object): better to pass the DN in directly. """ if dn is None: - cn, dn = self.agreement_dn(hostname) + _cn, dn = self.agreement_dn(hostname) return self.conn.delete_entry(dn) def delete_referral(self, hostname): @@ -984,7 +982,7 @@ class ReplicationManager(object): print("Starting replication, please wait until this has completed.") if hostname == None: hostname = self.conn.host - cn, dn = self.agreement_dn(hostname, master) + _cn, dn = self.agreement_dn(hostname, master) mod = [(ldap.MOD_ADD, 'nsds5BeginReplicaRefresh', 'start')] conn.modify_s(dn, mod) @@ -1091,7 +1089,7 @@ class ReplicationManager(object): repl_man_dn=ad_binddn, repl_man_passwd=ad_pwd, iswinsync=True, win_subtree=ad_subtree) root_logger.info("Added new sync agreement, waiting for it to become ready . . .") - cn, dn = self.agreement_dn(ad_dc_name) + _cn, dn = self.agreement_dn(ad_dc_name) self.wait_for_repl_update(self.conn, dn, 300) root_logger.info("Agreement is ready, starting replication . . .") @@ -1125,12 +1123,12 @@ class ReplicationManager(object): # have all principals and their passwords and can release # the right tickets. We do this by force pushing all our changes self.force_sync(self.conn, r_hostname) - cn, dn = self.agreement_dn(r_hostname) + _cn, dn = self.agreement_dn(r_hostname) self.wait_for_repl_update(self.conn, dn, 300) # now in the opposite direction self.force_sync(r_conn, self.hostname) - cn, dn = self.agreement_dn(self.hostname) + _cn, dn = self.agreement_dn(self.hostname) self.wait_for_repl_update(r_conn, dn, 300) # now that directories are in sync, @@ -1698,7 +1696,7 @@ class CSReplicationManager(ReplicationManager): def has_ipaca(self): try: - entry = self.conn.get_entry(self.db_suffix) + self.conn.get_entry(self.db_suffix) except errors.NotFound: return False else: diff --git a/ipaserver/install/server/install.py b/ipaserver/install/server/install.py index 0bc969102..22328ef34 100644 --- a/ipaserver/install/server/install.py +++ b/ipaserver/install/server/install.py @@ -59,8 +59,6 @@ except ImportError: from .common import BaseServer, BaseServerCA -# pylint: disable=unused-variable - SYSRESTORE_DIR_PATH = paths.SYSRESTORE @@ -531,7 +529,7 @@ def install_check(installer): if options.pkinit_pin is None: raise ScriptError( "Kerberos KDC private key unlock password required") - pkinit_pkcs12_file, pkinit_pin, pkinit_ca_cert = load_pkcs12( + pkinit_pkcs12_file, pkinit_pin, _pkinit_ca_cert = load_pkcs12( cert_files=options.pkinit_cert_files, key_password=options.pkinit_pin, key_nickname=options.pkinit_cert_name, @@ -687,14 +685,9 @@ def install(installer): options = installer fstore = installer._fstore sstore = installer._sstore - dirsrv_pkcs12_file = installer._dirsrv_pkcs12_file - http_pkcs12_file = installer._http_pkcs12_file - pkinit_pkcs12_file = installer._pkinit_pkcs12_file dirsrv_pkcs12_info = installer._dirsrv_pkcs12_info http_pkcs12_info = installer._http_pkcs12_info pkinit_pkcs12_info = installer._pkinit_pkcs12_info - external_cert_file = installer._external_cert_file - external_ca_file = installer._external_ca_file http_ca_cert = installer._ca_cert realm_name = options.realm_name @@ -705,7 +698,6 @@ def install(installer): host_name = options.host_name ip_addresses = options.ip_addresses setup_ca = options.setup_ca - setup_kra = options.setup_kra # Installation has started. No IPA sysrestore items are restored in case of # failure to enable root cause investigation @@ -1062,7 +1054,7 @@ def uninstall(installer): print("Shutting down all IPA services") try: run([paths.IPACTL, "stop"], raiseonerr=False) - except Exception as e: + except Exception: pass ntpinstance.NTPInstance(fstore).uninstall() diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py index 27e9f5797..7effda7b8 100644 --- a/ipaserver/install/server/replicainstall.py +++ b/ipaserver/install/server/replicainstall.py @@ -47,8 +47,6 @@ from binascii import hexlify from .common import BaseServer -# pylint: disable=unused-variable - if six.PY3: unicode = str @@ -691,9 +689,9 @@ def install_check(installer): # Check pre-existing host entry try: - entry = conn.find_entries(u'fqdn=%s' % config.host_name, - ['fqdn'], DN(api.env.container_host, - api.env.basedn)) + conn.find_entries( + u'fqdn=%s' % config.host_name, ['fqdn'], + DN(api.env.container_host, api.env.basedn)) except errors.NotFound: pass else: @@ -920,8 +918,6 @@ def install(installer): def ensure_enrolled(installer): - config = installer._config - # Call client install script service.print_msg("Configuring client side components") try: @@ -1100,7 +1096,7 @@ def promote_check(installer): if options.pkinit_pin is None: raise ScriptError( "Kerberos KDC private key unlock password required") - pkinit_pkcs12_file, pkinit_pin, pkinit_ca_cert = load_pkcs12( + pkinit_pkcs12_file, pkinit_pin, _pkinit_ca_cert = load_pkcs12( cert_files=options.pkinit_cert_files, key_password=options.pkinit_pin, key_nickname=options.pkinit_cert_name, @@ -1201,8 +1197,8 @@ def promote_check(installer): # Check that we don't already have a replication agreement try: - (acn, adn) = replman.agreement_dn(config.host_name) - entry = conn.get_entry(adn, ['*']) + _acn, adn = replman.agreement_dn(config.host_name) + conn.get_entry(adn, ['*']) except errors.NotFound: pass else: @@ -1235,7 +1231,7 @@ def promote_check(installer): dn = DN(('cn', 'replication managers'), ('cn', 'sysaccounts'), ('cn', 'etc'), ipautil.realm_to_suffix(config.realm_name)) try: - entry = conn.get_entry(dn) + conn.get_entry(dn) except errors.NotFound: msg = ("The Replication Managers group is not available in " "the domain. Replica promotion requires the use of " @@ -1374,12 +1370,8 @@ def promote(installer): fstore = installer._fstore sstore = installer._sstore config = installer._config - dirsrv_pkcs12_file = installer._dirsrv_pkcs12_file dirsrv_pkcs12_info = installer._dirsrv_pkcs12_info - http_pkcs12_file = installer._http_pkcs12_file http_pkcs12_info = installer._http_pkcs12_info - pkinit_pkcs12_file = installer._pkinit_pkcs12_file - pkinit_pkcs12_info = installer._pkinit_pkcs12_info ccache = os.environ['KRB5CCNAME'] remote_api = installer._remote_api @@ -1491,14 +1483,16 @@ def promote(installer): cainstance.export_kra_agent_pem() CA.fix_ra_perms() - krb = install_krb(config, - setup_pkinit=not options.no_pkinit, - promote=True) + install_krb( + config, + setup_pkinit=not options.no_pkinit, + promote=True) - http = install_http(config, - auto_redirect=not options.no_ui_redirect, - promote=True, pkcs12_info=http_pkcs12_info, - ca_is_configured=installer._ca_enabled) + install_http( + config, + auto_redirect=not options.no_ui_redirect, + promote=True, pkcs12_info=http_pkcs12_info, + ca_is_configured=installer._ca_enabled) # Apply any LDAP updates. Needs to be done after the replica is synced-up service.print_msg("Applying LDAP updates") diff --git a/ipaserver/install/server/upgrade.py b/ipaserver/install/server/upgrade.py index 2893a29da..4426b7fdf 100644 --- a/ipaserver/install/server/upgrade.py +++ b/ipaserver/install/server/upgrade.py @@ -49,8 +49,6 @@ from ipaserver.install import dogtaginstance from ipaserver.install.upgradeinstance import IPAUpgrade from ipaserver.install.ldapupdate import BadSyntax -# pylint: disable=unused-variable - if six.PY3: unicode = str @@ -68,7 +66,6 @@ def uninstall_ipa_kpasswd(): """ ipa_kpasswd = KpasswdInstance() - running = ipa_kpasswd.restore_state("running") enabled = not ipa_kpasswd.restore_state("enabled") if enabled is not None and not enabled: @@ -81,7 +78,6 @@ def backup_file(filename, ext): raise ValueError("Absolute path required") backupfile = filename + ".bak" - (reldir, file) = os.path.split(filename) while os.path.exists(backupfile): backupfile = backupfile + "." + str(ext) @@ -209,7 +205,6 @@ def update_dbmodules(realm, filename=paths.KRB5_CONF): prefix = '' root_logger.info('[Verifying that KDC configuration is using ipa-kdb backend]') - st = os.stat(filename) fd = open(filename) lines = fd.readlines() diff --git a/ipaserver/install/upgradeinstance.py b/ipaserver/install/upgradeinstance.py index 2ecbfb6ce..dbbef4ddd 100644 --- a/ipaserver/install/upgradeinstance.py +++ b/ipaserver/install/upgradeinstance.py @@ -30,8 +30,6 @@ from ipaserver.install import schemaupdate from ipaserver.install import ldapupdate from ipaserver.install import service -# pylint: disable=unused-variable - DSE = 'dse.ldif' @@ -79,7 +77,7 @@ class IPAUpgrade(service.Service): ext = '' rand = random.Random() - for i in range(8): + for _i in range(8): h = "%02x" % rand.randint(0,255) ext += h service.Service.__init__(self, "dirsrv") |