From 56401c1abe7d4c78650acfcd9bbe8c8edc1dac57 Mon Sep 17 00:00:00 2001 From: John Dennis Date: Tue, 15 Nov 2011 14:39:31 -0500 Subject: ticket 2022 - modify codebase to utilize IPALogManager, obsoletes logging change default_logger_level to debug in configure_standard_logging add new ipa_log_manager module, move log_mgr there, also export root_logger from log_mgr. change all log_manager imports to ipa_log_manager and change log_manager.root_logger to root_logger. add missing import for parse_log_level() --- ipaserver/install/adtrustinstance.py | 15 +++---- ipaserver/install/bindinstance.py | 10 ++--- ipaserver/install/cainstance.py | 50 ++++++++++----------- ipaserver/install/certs.py | 14 +++--- ipaserver/install/dsinstance.py | 60 +++++++++++++------------- ipaserver/install/httpinstance.py | 4 +- ipaserver/install/installutils.py | 37 ++++------------ ipaserver/install/krbinstance.py | 18 ++++---- ipaserver/install/ldapupdate.py | 84 ++++++++++++++++++------------------ ipaserver/install/ntpinstance.py | 5 +-- ipaserver/install/replication.py | 47 ++++++++++---------- ipaserver/install/service.py | 15 ++++--- ipaserver/install/upgradeinstance.py | 4 +- ipaserver/plugins/ldap2.py | 5 +-- 14 files changed, 173 insertions(+), 195 deletions(-) (limited to 'ipaserver') diff --git a/ipaserver/install/adtrustinstance.py b/ipaserver/install/adtrustinstance.py index d1dc759c6..f655b2004 100644 --- a/ipaserver/install/adtrustinstance.py +++ b/ipaserver/install/adtrustinstance.py @@ -17,8 +17,6 @@ # along with this program. If not, see . # -import logging - import os import errno import ldap @@ -30,6 +28,7 @@ from ipaserver.install.dsinstance import realm_to_serverid from ipalib import errors from ipapython import sysrestore from ipapython import ipautil +from ipapython.ipa_log_manager import * import random import string @@ -119,7 +118,7 @@ class ADTRUSTInstance(service.Service): try: self.admin_conn.modify_s(self.suffix, mod) except ldap.TYPE_OR_VALUE_EXISTS: - logging.debug("samba user aci already exists in suffix %s on %s" % (self.suffix, self.admin_conn.host)) + root_logger.debug("samba user aci already exists in suffix %s on %s" % (self.suffix, self.admin_conn.host)) def __gen_sid_string(self): sub_ids = struct.unpack(". # -import logging import pwd import os import sys @@ -56,6 +55,7 @@ from ipaserver.install import dsinstance from ipaserver.install import certs from ipaserver.install.installutils import ReplicaConfig from ipalib import util +from ipapython.ipa_log_manager import * HTTPD_CONFD = "/etc/httpd/conf.d/" DEFAULT_DSPORT=7389 @@ -115,7 +115,7 @@ def get_preop_pin(instance_root, instance_name): try: f=open(filename) except IOError, e: - logging.error("Cannot open configuration file." + str(e)) + root_logger.error("Cannot open configuration file." + str(e)) raise e data = f.read() data = data.split('\n') @@ -277,10 +277,10 @@ class CADSInstance(service.Service): user_exists = True try: pwd.getpwnam(PKI_DS_USER) - logging.debug("ds user %s exists" % PKI_DS_USER) + root_logger.debug("ds user %s exists" % PKI_DS_USER) except KeyError: user_exists = False - logging.debug("adding ds user %s" % PKI_DS_USER) + root_logger.debug("adding ds user %s" % PKI_DS_USER) args = ["/usr/sbin/useradd", "-g", dsinstance.DS_GROUP, "-c", "PKI DS System User", "-d", "/var/lib/dirsrv", @@ -288,9 +288,9 @@ class CADSInstance(service.Service): "-M", "-r", PKI_DS_USER] try: ipautil.run(args) - logging.debug("done adding user") + root_logger.debug("done adding user") except ipautil.CalledProcessError, e: - logging.critical("failed to add user %s" % e) + root_logger.critical("failed to add user %s" % e) self.backup_state("user_exists", user_exists) @@ -299,21 +299,21 @@ class CADSInstance(service.Service): self.backup_state("serverid", self.serverid) inf_txt = ipautil.template_str(INF_TEMPLATE, self.sub_dict) - logging.debug("writing inf template") + root_logger.debug("writing inf template") inf_fd = ipautil.write_tmp_file(inf_txt) inf_txt = re.sub(r"RootDNPwd=.*\n", "", inf_txt) - logging.debug(inf_txt) + root_logger.debug(inf_txt) if ipautil.file_exists("/usr/sbin/setup-ds.pl"): args = ["/usr/sbin/setup-ds.pl", "--silent", "--logfile", "-", "-f", inf_fd.name] - logging.debug("calling setup-ds.pl") + root_logger.debug("calling setup-ds.pl") else: args = ["/usr/bin/ds_newinst.pl", inf_fd.name] - logging.debug("calling ds_newinst.pl") + root_logger.debug("calling ds_newinst.pl") try: ipautil.run(args) - logging.debug("completed creating ds instance") + root_logger.debug("completed creating ds instance") except ipautil.CalledProcessError, e: - logging.critical("failed to restart ds instance %s" % e) + root_logger.critical("failed to restart ds instance %s" % e) inf_fd.close() def load_pkcs12(self): @@ -376,11 +376,11 @@ class CADSInstance(service.Service): try: ipaservices.knownservices.dirsrv.restart(self.serverid) if not dsinstance.is_ds_running(self.serverid): - logging.critical("Failed to restart the directory server. See the installation log for details.") + root_logger.critical("Failed to restart the directory server. See the installation log for details.") sys.exit(1) except Exception: # TODO: roll back here? - logging.critical("Failed to restart the directory server. See the installation log for details.") + root_logger.critical("Failed to restart the directory server. See the installation log for details.") def uninstall(self): if self.is_configured(): @@ -410,7 +410,7 @@ class CADSInstance(service.Service): try: ipautil.run(["/usr/sbin/userdel", PKI_DS_USER]) except ipautil.CalledProcessError, e: - logging.critical("failed to delete user %s" % e) + root_logger.critical("failed to delete user %s" % e) class CAInstance(service.Service): """ @@ -569,19 +569,19 @@ class CAInstance(service.Service): user_exists = True try: pwd.getpwnam(PKI_USER) - logging.debug("ca user %s exists" % PKI_USER) + root_logger.debug("ca user %s exists" % PKI_USER) except KeyError: user_exists = False - logging.debug("adding ca user %s" % PKI_USER) + root_logger.debug("adding ca user %s" % PKI_USER) args = ["/usr/sbin/useradd", "-c", "CA System User", "-d", "/var/lib", "-s", "/sbin/nologin", "-M", "-r", PKI_USER] try: ipautil.run(args) - logging.debug("done adding user") + root_logger.debug("done adding user") except ipautil.CalledProcessError, e: - logging.critical("failed to add user %s" % e) + root_logger.critical("failed to add user %s" % e) self.backup_state("user_exists", user_exists) @@ -676,7 +676,7 @@ class CAInstance(service.Service): ipautil.run(args, env={'PKI_HOSTNAME':self.fqdn}, nolog=nolog) except ipautil.CalledProcessError, e: - logging.critical("failed to configure ca instance %s" % e) + root_logger.critical("failed to configure ca instance %s" % e) raise RuntimeError('Configuration of CA failed') if self.external == 1: @@ -689,7 +689,7 @@ class CAInstance(service.Service): if ipautil.file_exists("/root/tmp-ca.p12"): shutil.move("/root/tmp-ca.p12", "/root/cacert.p12") - logging.debug("completed creating ca instance") + root_logger.debug("completed creating ca instance") def __restart_instance(self): try: @@ -697,7 +697,7 @@ class CAInstance(service.Service): installutils.wait_for_open_ports('localhost', 9180, 300) except Exception: # TODO: roll back here? - logging.critical("Failed to restart the certificate server. See the installation log for details.") + root_logger.critical("Failed to restart the certificate server. See the installation log for details.") def __disable_nonce(self): # Turn off Nonces @@ -1060,14 +1060,14 @@ class CAInstance(service.Service): ipautil.run(["/usr/bin/pkiremove", "-pki_instance_root=/var/lib", "-pki_instance_name=%s" % PKI_INSTANCE_NAME, "--force"]) except ipautil.CalledProcessError, e: - logging.critical("failed to uninstall CA instance %s" % e) + root_logger.critical("failed to uninstall CA instance %s" % e) user_exists = self.restore_state("user_exists") if user_exists == False: try: ipautil.run(["/usr/sbin/userdel", PKI_USER]) except ipautil.CalledProcessError, e: - logging.critical("failed to delete user %s" % e) + root_logger.critical("failed to delete user %s" % e) def publish_ca_cert(self, location): args = ["-L", "-n", self.canickname, "-a"] @@ -1153,7 +1153,7 @@ def install_replica_ca(config, postinstall=False): return (ca, cs) if __name__ == "__main__": - installutils.standard_logging_setup("install.log", False) + standard_logging_setup("install.log") cs = CADSInstance() cs.create_instance("EXAMPLE.COM", "catest.example.com", "example.com", "password") ca = CAInstance("EXAMPLE.COM", "/etc/httpd/alias") diff --git a/ipaserver/install/certs.py b/ipaserver/install/certs.py index feac48a89..3cbcec5c8 100644 --- a/ipaserver/install/certs.py +++ b/ipaserver/install/certs.py @@ -21,7 +21,7 @@ import os, stat, subprocess, re import errno import tempfile import shutil -import logging +from ipapython.ipa_log_manager import * import urllib import xml.dom.minidom import pwd @@ -503,7 +503,7 @@ class CertDB(object): try: (stdout, stderr, rc) = certmonger.start_tracking(nickname, self.secdir, password_file) except (ipautil.CalledProcessError, RuntimeError), e: - logging.error("certmonger failed starting to track certificate: %s" % str(e)) + root_logger.error("certmonger failed starting to track certificate: %s" % str(e)) return cmonger.stop() @@ -512,7 +512,7 @@ class CertDB(object): subject = str(nsscert.subject) m = re.match('New tracking request "(\d+)" added', stdout) if not m: - logging.error('Didn\'t get new %s request, got %s' % (cmonger.service_name, stdout)) + root_logger.error('Didn\'t get new %s request, got %s' % (cmonger.service_name, stdout)) raise RuntimeError('%s did not issue new tracking request for \'%s\' in \'%s\'. Use \'ipa-getcert list\' to list existing certificates.' % (cmonger.service_name, nickname, self.secdir)) request_id = m.group(1) @@ -534,7 +534,7 @@ class CertDB(object): try: certmonger.stop_tracking(self.secdir, nickname=nickname) except (ipautil.CalledProcessError, RuntimeError), e: - logging.error("certmonger failed to stop tracking certificate: %s" % str(e)) + root_logger.error("certmonger failed to stop tracking certificate: %s" % str(e)) cmonger.stop() def create_server_cert(self, nickname, hostname, other_certdb=None, subject=None): @@ -859,17 +859,17 @@ class CertDB(object): def trust_root_cert(self, root_nickname): if root_nickname is None: - logging.debug("Unable to identify root certificate to trust. Continueing but things are likely to fail.") + root_logger.debug("Unable to identify root certificate to trust. Continueing but things are likely to fail.") return if root_nickname[:7] == "Builtin": - logging.debug("No need to add trust for built-in root CA's, skipping %s" % root_nickname) + root_logger.debug("No need to add trust for built-in root CA's, skipping %s" % root_nickname) else: try: self.run_certutil(["-M", "-n", root_nickname, "-t", "CT,CT,"]) except ipautil.CalledProcessError, e: - logging.error("Setting trust on %s failed" % root_nickname) + root_logger.error("Setting trust on %s failed" % root_nickname) def find_server_certs(self): p = subprocess.Popen(["/usr/bin/certutil", "-d", self.secdir, diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py index 8ca33c13c..4260579af 100644 --- a/ipaserver/install/dsinstance.py +++ b/ipaserver/install/dsinstance.py @@ -19,7 +19,7 @@ # import shutil -import logging +from ipapython.ipa_log_manager import * import pwd import glob import sys @@ -290,10 +290,10 @@ class DsInstance(service.Service): user_exists = True try: pwd.getpwnam(DS_USER) - logging.debug("ds user %s exists" % DS_USER) + root_logger.debug("ds user %s exists" % DS_USER) except KeyError: user_exists = False - logging.debug("adding ds user %s" % DS_USER) + root_logger.debug("adding ds user %s" % DS_USER) args = ["/usr/sbin/useradd", "-g", DS_GROUP, "-c", "DS System User", "-d", "/var/lib/dirsrv", @@ -301,9 +301,9 @@ class DsInstance(service.Service): "-M", "-r", DS_USER] try: ipautil.run(args) - logging.debug("done adding user") + root_logger.debug("done adding user") except ipautil.CalledProcessError, e: - logging.critical("failed to add user %s" % e) + root_logger.critical("failed to add user %s" % e) self.backup_state("user_exists", user_exists) @@ -314,7 +314,7 @@ class DsInstance(service.Service): self.sub_dict['BASEDC'] = self.realm_name.split('.')[0].lower() base_txt = ipautil.template_str(BASE_TEMPLATE, self.sub_dict) - logging.debug(base_txt) + root_logger.debug(base_txt) target_fname = '/var/lib/dirsrv/boot.ldif' base_fd = open(target_fname, "w") @@ -325,32 +325,32 @@ class DsInstance(service.Service): os.chmod(target_fname, 0440) inf_txt = ipautil.template_str(INF_TEMPLATE, self.sub_dict) - logging.debug("writing inf template") + root_logger.debug("writing inf template") inf_fd = ipautil.write_tmp_file(inf_txt) inf_txt = re.sub(r"RootDNPwd=.*\n", "", inf_txt) - logging.debug(inf_txt) + root_logger.debug(inf_txt) if ipautil.file_exists("/usr/sbin/setup-ds.pl"): args = ["/usr/sbin/setup-ds.pl", "--silent", "--logfile", "-", "-f", inf_fd.name] - logging.debug("calling setup-ds.pl") + root_logger.debug("calling setup-ds.pl") else: args = ["/usr/bin/ds_newinst.pl", inf_fd.name] - logging.debug("calling ds_newinst.pl") + root_logger.debug("calling ds_newinst.pl") try: ipautil.run(args) - logging.debug("completed creating ds instance") + root_logger.debug("completed creating ds instance") except ipautil.CalledProcessError, e: - logging.critical("failed to restart ds instance %s" % e) + root_logger.critical("failed to restart ds instance %s" % e) # check for open port 389 from now on self.open_ports.append(389) - logging.debug("restarting ds instance") + root_logger.debug("restarting ds instance") try: self.__restart_instance() - logging.debug("done restarting ds instance") + root_logger.debug("done restarting ds instance") except ipautil.CalledProcessError, e: print "failed to restart ds instance", e - logging.debug("failed to restart ds instance %s" % e) + root_logger.debug("failed to restart ds instance %s" % e) inf_fd.close() os.remove("/var/lib/dirsrv/boot.ldif") @@ -384,14 +384,14 @@ class DsInstance(service.Service): try: super(DsInstance, self).restart(instance) if not is_ds_running(instance): - logging.critical("Failed to restart the directory server. See the installation log for details.") + root_logger.critical("Failed to restart the directory server. See the installation log for details.") sys.exit(1) installutils.wait_for_open_ports('localhost', self.open_ports, 300) except SystemExit, e: raise e except Exception, e: # TODO: roll back here? - logging.critical("Failed to restart the directory server (%s). See the installation log for details." % e) + root_logger.critical("Failed to restart the directory server (%s). See the installation log for details." % e) def __restart_instance(self): self.restart(self.serverid) @@ -410,7 +410,7 @@ class DsInstance(service.Service): self._ldap_mod("memberof-task.ldif", self.sub_dict) # Note, keep dn in sync with dn in install/share/memberof-task.ldif dn = "cn=IPA install %s,cn=memberof task,cn=tasks,cn=config" % self.sub_dict["TIME"] - logging.debug("Waiting for memberof task to complete.") + root_logger.debug("Waiting for memberof task to complete.") conn = ipaldap.IPAdmin("127.0.0.1") if self.dm_password: conn.simple_bind_s("cn=directory manager", self.dm_password) @@ -558,7 +558,7 @@ class DsInstance(service.Service): self._ldap_mod("default-hbac.ldif", self.sub_dict) def change_admin_password(self, password): - logging.debug("Changing admin password") + root_logger.debug("Changing admin password") dirname = config_dirname(self.serverid) dmpwdfile = "" admpwdfile = "" @@ -580,10 +580,10 @@ class DsInstance(service.Service): env = { 'LDAPTLS_CACERTDIR':os.path.dirname(CACERT), 'LDAPTLS_CACERT':CACERT } ipautil.run(args, env=env) - logging.debug("ldappasswd done") + root_logger.debug("ldappasswd done") except ipautil.CalledProcessError, e: print "Unable to set admin password", e - logging.debug("Unable to set admin password %s" % e) + root_logger.debug("Unable to set admin password %s" % e) finally: if os.path.isfile(dmpwdfile): @@ -605,7 +605,7 @@ class DsInstance(service.Service): self.fstore.restore_file("/etc/security/limits.conf") self.fstore.restore_file("/etc/sysconfig/dirsrv") except ValueError, error: - logging.debug(error) + root_logger.debug(error) pass if not enabled is None and not enabled: @@ -628,7 +628,7 @@ class DsInstance(service.Service): try: ipautil.run(["/usr/sbin/userdel", DS_USER]) except ipautil.CalledProcessError, e: - logging.critical("failed to delete user %s" % e) + root_logger.critical("failed to delete user %s" % e) # Make sure some upgrade-related state is removed. This could cause # re-installation problems. @@ -653,12 +653,12 @@ class DsInstance(service.Service): # first make sure we have a valid cacert_fname try: if not os.access(cacert_fname, os.R_OK): - logging.critical("The given CA cert file named [%s] could not be read" % - cacert_fname) + root_logger.critical("The given CA cert file named [%s] could not be read" % + cacert_fname) return False except OSError, e: - logging.critical("The given CA cert file named [%s] could not be read: %s" % - (cacert_fname, str(e))) + root_logger.critical("The given CA cert file named [%s] could not be read: %s" % + (cacert_fname, str(e))) return False # ok - ca cert file can be read # shutdown the server @@ -674,8 +674,8 @@ class DsInstance(service.Service): try: certdb.load_cacert(cacert_fname) except ipautil.CalledProcessError, e: - logging.critical("Error importing CA cert file named [%s]: %s" % - (cacert_fname, str(e))) + root_logger.critical("Error importing CA cert file named [%s]: %s" % + (cacert_fname, str(e))) status = False # restart the directory server self.start() @@ -729,7 +729,7 @@ class DsInstance(service.Service): fd.close() else: - logging.info("Custom file limits are already set! Skipping\n") + root_logger.info("Custom file limits are already set! Skipping\n") print "Custom file limits are already set! Skipping\n" return diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py index c5c047c35..79b617289 100644 --- a/ipaserver/install/httpinstance.py +++ b/ipaserver/install/httpinstance.py @@ -20,7 +20,7 @@ import os import os.path import tempfile -import logging +from ipapython.ipa_log_manager import * import pwd import shutil @@ -279,7 +279,7 @@ class HTTPInstance(service.Service): try: self.fstore.restore_file(f) except ValueError, error: - logging.debug(error) + root_logger.debug(error) pass # Remove the configuration files we create diff --git a/ipaserver/install/installutils.py b/ipaserver/install/installutils.py index 4e6788cc3..817308f1d 100644 --- a/ipaserver/install/installutils.py +++ b/ipaserver/install/installutils.py @@ -17,7 +17,6 @@ # along with this program. If not, see . # -import logging import socket import errno import getpass @@ -34,6 +33,7 @@ import shutil from ConfigParser import SafeConfigParser from ipapython import ipautil, dnsclient, sysrestore +from ipapython.ipa_log_manager import * # Used to determine install status IPA_MODULES = ['httpd', 'kadmin', 'dirsrv', 'pki-cad', 'pkids', 'install', 'krb5kdc', 'ntpd', 'named'] @@ -314,27 +314,6 @@ def port_available(port): return rv -def standard_logging_setup(log_filename, debug=False, filemode='w'): - old_umask = os.umask(077) - # Always log everything (i.e., DEBUG) to the log - # file. - logging.basicConfig(level=logging.DEBUG, - format='%(asctime)s %(levelname)s %(message)s', - filename=log_filename, - filemode=filemode) - os.umask(old_umask) - - console = logging.StreamHandler() - # If the debug option is set, also log debug messages to the console - if debug: - console.setLevel(logging.DEBUG) - else: - # Otherwise, log critical and error messages - console.setLevel(logging.ERROR) - formatter = logging.Formatter('%(name)-12s: %(levelname)-8s %(message)s') - console.setFormatter(formatter) - logging.getLogger('').addHandler(console) - def get_password(prompt): if os.isatty(sys.stdin.fileno()): return getpass.getpass(prompt) @@ -459,7 +438,7 @@ def create_keytab(path, principal): if ipautil.file_exists(path): os.remove(path) except os.error: - logging.critical("Failed to remove %s." % path) + root_logger.critical("Failed to remove %s." % path) kadmin("ktadd -k " + path + " " + principal) @@ -596,7 +575,7 @@ def remove_file(filename): if os.path.exists(filename): os.unlink(filename) except Exception, e: - logging.error('Error removing %s: %s' % (filename, str(e))) + root_logger.error('Error removing %s: %s' % (filename, str(e))) def rmtree(path): """ @@ -606,7 +585,7 @@ def rmtree(path): if os.path.exists(path): shutil.rmtree(path) except Exception, e: - logging.error('Error removing %s: %s' % (path, str(e))) + root_logger.error('Error removing %s: %s' % (path, str(e))) def is_ipa_configured(): """ @@ -620,15 +599,15 @@ def is_ipa_configured(): for module in IPA_MODULES: if sstore.has_state(module): - logging.debug('%s is configured' % module) + root_logger.debug('%s is configured' % module) installed = True else: - logging.debug('%s is not configured' % module) + root_logger.debug('%s is not configured' % module) if fstore.has_files(): - logging.debug('filestore has files') + root_logger.debug('filestore has files') installed = True else: - logging.debug('filestore is tracking no files') + root_logger.debug('filestore is tracking no files') return installed diff --git a/ipaserver/install/krbinstance.py b/ipaserver/install/krbinstance.py index fa47e09ec..6ed385162 100644 --- a/ipaserver/install/krbinstance.py +++ b/ipaserver/install/krbinstance.py @@ -18,7 +18,6 @@ # import shutil -import logging import fileinput import re import sys @@ -33,6 +32,7 @@ from ipapython import ipautil from ipapython import services as ipaservices from ipalib import util from ipalib import errors +from ipapython.ipa_log_manager import * from ipaserver import ipaldap from ipaserver.install import replication @@ -221,7 +221,7 @@ class KrbInstance(service.Service): try: self.start() except: - logging.critical("krb5kdc service failed to start") + root_logger.critical("krb5kdc service failed to start") def __setup_sub_dict(self): self.sub_dict = dict(FQDN=self.fqdn, @@ -245,10 +245,10 @@ class KrbInstance(service.Service): try: self.admin_conn.delete_s(r.dn) except LDAPError, e: - logging.critical("Error during SASL mapping removal: %s" % str(e)) + root_logger.critical("Error during SASL mapping removal: %s" % str(e)) raise e except LDAPError, e: - logging.critical("Error while enumerating SASL mappings %s" % str(e)) + root_logger.critical("Error while enumerating SASL mappings %s" % str(e)) raise e entry = ipaldap.Entry("cn=Full Principal,cn=mapping,cn=sasl,cn=config") @@ -261,7 +261,7 @@ class KrbInstance(service.Service): try: self.admin_conn.add_s(entry) except ldap.ALREADY_EXISTS: - logging.critical("failed to add Full Principal Sasl mapping") + root_logger.critical("failed to add Full Principal Sasl mapping") raise e entry = ipaldap.Entry("cn=Name Only,cn=mapping,cn=sasl,cn=config") @@ -274,7 +274,7 @@ class KrbInstance(service.Service): try: self.admin_conn.add_s(entry) except ldap.ALREADY_EXISTS: - logging.critical("failed to add Name Only Sasl mapping") + root_logger.critical("failed to add Name Only Sasl mapping") raise e def __add_krb_container(self): @@ -342,7 +342,7 @@ class KrbInstance(service.Service): entry = self.admin_conn.getEntry(self.get_realm_suffix(), ldap.SCOPE_SUBTREE) except errors.NotFound, e: - logging.critical("Could not find master key in DS") + root_logger.critical("Could not find master key in DS") raise e krbMKey = pyasn1.codec.ber.decoder.decode(entry.krbmkey) @@ -356,7 +356,7 @@ class KrbInstance(service.Service): fd.write(s) fd.close() except os.error, e: - logging.critical("failed to write stash file") + root_logger.critical("failed to write stash file") raise e #add the password extop module @@ -445,7 +445,7 @@ class KrbInstance(service.Service): try: self.fstore.restore_file(f) except ValueError, error: - logging.debug(error) + root_logger.debug(error) pass if not enabled is None and not enabled: diff --git a/ipaserver/install/ldapupdate.py b/ipaserver/install/ldapupdate.py index e1f6b1f43..34637c1ee 100644 --- a/ipaserver/install/ldapupdate.py +++ b/ipaserver/install/ldapupdate.py @@ -33,7 +33,7 @@ from ipalib import util from ipalib import errors import ldap from ldap.dn import escape_dn_chars -import logging +from ipapython.ipa_log_manager import * import krbV import platform import time @@ -258,7 +258,7 @@ class LDAPUpdate: else: e['updates'] = update['updates'] else: - logging.debug("Unknown key in updates %s" % update.keys()) + root_logger.debug("Unknown key in updates %s" % update.keys()) all_updates[dn] = e @@ -353,8 +353,8 @@ class LDAPUpdate: e.setValue('nsInstance', 'userRoot') e.setValues('nsIndexAttribute', attribute) - logging.info("Creating task to index attribute: %s", attribute) - logging.debug("Task id: %s", dn) + root_logger.info("Creating task to index attribute: %s", attribute) + root_logger.debug("Task id: %s", dn) if self.live_run: self.conn.addEntry(e.dn, e.toTupleList()) @@ -379,10 +379,10 @@ class LDAPUpdate: try: entry = self.conn.getEntry(dn, ldap.SCOPE_BASE, "(objectclass=*)", attrlist) except errors.NotFound, e: - logging.error("Task not found: %s", dn) + root_logger.error("Task not found: %s", dn) return except errors.DatabaseError, e: - logging.error("Task lookup failure %s", e) + root_logger.error("Task lookup failure %s", e) return status = entry.getValue('nstaskstatus') @@ -392,10 +392,10 @@ class LDAPUpdate: continue if status.lower().find("finished") > -1: - logging.info("Indexing finished") + root_logger.info("Indexing finished") break - logging.debug("Indexing in progress") + root_logger.debug("Indexing in progress") time.sleep(1) return @@ -507,49 +507,49 @@ class LDAPUpdate: e = [e] for v in values: if utype == 'remove': - logging.debug("remove: '%s' from %s, current value %s", v, k, e) + root_logger.debug("remove: '%s' from %s, current value %s", v, k, e) try: e.remove(v) except ValueError: - logging.warn("remove: '%s' not in %s", v, k) + root_logger.warning("remove: '%s' not in %s", v, k) pass entry.setValues(k, e) - logging.debug('remove: updated value %s', e) + root_logger.debug('remove: updated value %s', e) elif utype == 'add': - logging.debug("add: '%s' to %s, current value %s", v, k, e) + root_logger.debug("add: '%s' to %s, current value %s", v, k, e) # Remove it, ignoring errors so we can blindly add it later try: e.remove(v) except ValueError: pass e.append(v) - logging.debug('add: updated value %s', e) + root_logger.debug('add: updated value %s', e) entry.setValues(k, e) elif utype == 'addifnew': - logging.debug("addifnew: '%s' to %s, current value %s", v, k, e) + root_logger.debug("addifnew: '%s' to %s, current value %s", v, k, e) # Only add the attribute if it doesn't exist. Only works # with single-value attributes. if len(e) == 0: e.append(v) - logging.debug('addifnew: set %s to %s', k, e) + root_logger.debug('addifnew: set %s to %s', k, e) entry.setValues(k, e) elif utype == 'addifexist': - logging.debug("addifexist: '%s' to %s, current value %s", v, k, e) + root_logger.debug("addifexist: '%s' to %s, current value %s", v, k, e) # Only add the attribute if the entry doesn't exist. We # determine this based on whether it has an objectclass if entry.getValues('objectclass'): e.append(v) - logging.debug('addifexist: set %s to %s', k, e) + root_logger.debug('addifexist: set %s to %s', k, e) entry.setValues(k, e) elif utype == 'only': - logging.debug("only: set %s to '%s', current value %s", k, v, e) + root_logger.debug("only: set %s to '%s', current value %s", k, v, e) if only.get(k): e.append(v) else: e = [v] only[k] = True entry.setValues(k, e) - logging.debug('only: updated value %s', e) + root_logger.debug('only: updated value %s', e) elif utype == 'deleteentry': # skip this update type, it occurs in __delete_entries() return None @@ -562,10 +562,10 @@ class LDAPUpdate: try: e.remove(old) e.append(new) - logging.debug('replace: updated value %s', e) + root_logger.debug('replace: updated value %s', e) entry.setValues(k, e) except ValueError: - logging.debug('replace: %s not found, skipping', old) + root_logger.debug('replace: %s not found, skipping', old) self.print_entity(entry) @@ -573,19 +573,19 @@ class LDAPUpdate: def print_entity(self, e, message=None): """The entity object currently lacks a str() method""" - logging.debug("---------------------------------------------") + root_logger.debug("---------------------------------------------") if message: - logging.debug("%s", message) - logging.debug("dn: " + e.dn) + root_logger.debug("%s", message) + root_logger.debug("dn: " + e.dn) attr = e.attrList() for a in attr: value = e.getValues(a) if isinstance(value,str): - logging.debug(a + ": " + value) + root_logger.debug(a + ": " + value) else: - logging.debug(a + ": ") + root_logger.debug(a + ": ") for l in value: - logging.debug("\t" + l) + root_logger.debug("\t" + l) def is_schema_updated(self, s): """Compare the schema in 's' with the current schema in the DS to @@ -626,15 +626,15 @@ class LDAPUpdate: raise BadSyntax, "More than 1 entry returned on a dn search!? %s" % new_entry.dn entry = self.__entry_to_entity(e[0]) found = True - logging.info("Updating existing entry: %s", entry.dn) + root_logger.info("Updating existing entry: %s", entry.dn) except errors.NotFound: # Doesn't exist, start with the default entry entry = new_entry - logging.info("New entry: %s", entry.dn) + root_logger.info("New entry: %s", entry.dn) except errors.DatabaseError: # Doesn't exist, start with the default entry entry = new_entry - logging.info("New entry, using default value: %s", entry.dn) + root_logger.info("New entry, using default value: %s", entry.dn) self.print_entity(entry) @@ -660,7 +660,7 @@ class LDAPUpdate: self.conn.addEntry(entry.dn, entry.toTupleList()) self.modified = True except Exception, e: - logging.error("Add failure %s", e) + root_logger.error("Add failure %s", e) else: # Update LDAP try: @@ -671,19 +671,19 @@ class LDAPUpdate: else: if len(changes) >= 1: updated = True - logging.debug("%s" % changes) - logging.debug("Live %d, updated %d" % (self.live_run, updated)) + root_logger.debug("%s" % changes) + root_logger.debug("Live %d, updated %d" % (self.live_run, updated)) if self.live_run and updated: self.conn.updateEntry(entry.dn, entry.origDataDict(), entry.toDict()) - logging.info("Done") + root_logger.info("Done") except errors.EmptyModlist: - logging.info("Entry already up-to-date") + root_logger.info("Entry already up-to-date") updated = False except errors.DatabaseError, e: - logging.error("Update failed: %s", e) + root_logger.error("Update failed: %s", e) updated = False except errors.ACIError, e: - logging.error("Update failed: %s", e) + root_logger.error("Update failed: %s", e) updated = False if ("cn=index" in entry.dn and @@ -712,10 +712,10 @@ class LDAPUpdate: self.conn.deleteEntry(dn) self.modified = True except errors.NotFound, e: - logging.info("Deleting non-existent entry %s", e) + root_logger.info("Deleting non-existent entry %s", e) self.modified = True except errors.DatabaseError, e: - logging.error("Delete failed: %s", e) + root_logger.error("Delete failed: %s", e) updates = updates.get('updates', []) for u in updates: @@ -728,10 +728,10 @@ class LDAPUpdate: self.conn.deleteEntry(dn) self.modified = True except errors.NotFound, e: - logging.info("Deleting non-existent entry %s", e) + root_logger.info("Deleting non-existent entry %s", e) self.modified = True except errors.DatabaseError, e: - logging.error("Delete failed: %s", e) + root_logger.error("Delete failed: %s", e) return @@ -784,7 +784,7 @@ class LDAPUpdate: dn_list = {} for f in files: try: - logging.info("Parsing file %s" % f) + root_logger.info("Parsing file %s" % f) data = self.read_file(f) except Exception, e: print e diff --git a/ipaserver/install/ntpinstance.py b/ipaserver/install/ntpinstance.py index 00217c390..e1b72dda5 100644 --- a/ipaserver/install/ntpinstance.py +++ b/ipaserver/install/ntpinstance.py @@ -18,12 +18,11 @@ # along with this program. If not, see . # -import logging - import service from ipapython import sysrestore from ipapython import ipautil from ipapython import services as ipaservices +from ipapython.ipa_log_manager import * class NTPInstance(service.Service): def __init__(self, fstore=None): @@ -171,7 +170,7 @@ class NTPInstance(service.Service): try: self.fstore.restore_file("/etc/ntp.conf") except ValueError, error: - logging.debug(error) + root_logger.debug(error) pass if not enabled is None and not enabled: diff --git a/ipaserver/install/replication.py b/ipaserver/install/replication.py index a29b98147..a139fd0fb 100644 --- a/ipaserver/install/replication.py +++ b/ipaserver/install/replication.py @@ -17,7 +17,8 @@ # along with this program. If not, see . # -import time, logging +import time +from ipapython.ipa_log_manager import * import os import sys @@ -152,10 +153,10 @@ class ReplicationManager(object): try: replica = master_conn.search_s(dn, ldap.SCOPE_BASE, "objectclass=*")[0] if not replica.getValue('nsDS5ReplicaId'): - logging.debug("Unable to retrieve nsDS5ReplicaId from remote server") + root_logger.debug("Unable to retrieve nsDS5ReplicaId from remote server") raise RuntimeError("Unable to retrieve nsDS5ReplicaId from remote server") except ldap.NO_SUCH_OBJECT: - logging.debug("Unable to retrieve nsDS5ReplicaId from remote server") + root_logger.debug("Unable to retrieve nsDS5ReplicaId from remote server") raise # Now update the value on the master @@ -165,7 +166,7 @@ class ReplicationManager(object): try: master_conn.modify_s(dn, mod) except Exception, e: - logging.debug("Problem updating nsDS5ReplicaID %s" % e) + root_logger.debug("Problem updating nsDS5ReplicaID %s" % e) raise return retval @@ -327,14 +328,14 @@ class ReplicationManager(object): conn.modify_s(self.suffix, [(ldap.MOD_ADD, 'aci', [ "(targetattr = \"*\")(version 3.0; acl \"Proxied authorization for database links\"; allow (proxy) userdn = \"ldap:///%s\";)" % self.repl_man_dn ])]) except ldap.TYPE_OR_VALUE_EXISTS: - logging.debug("proxy aci already exists in suffix %s on %s" % (self.suffix, conn.host)) + root_logger.debug("proxy aci already exists in suffix %s on %s" % (self.suffix, conn.host)) def get_mapping_tree_entry(self): try: entry = self.conn.getEntry("cn=mapping tree,cn=config", ldap.SCOPE_ONELEVEL, "(cn=\"%s\")" % (self.suffix)) except errors.NotFound, e: - logging.debug("failed to find mappting tree entry for %s" % self.suffix) + root_logger.debug("failed to find mappting tree entry for %s" % self.suffix) raise e return entry @@ -356,7 +357,7 @@ class ReplicationManager(object): try: self.conn.modify_s(dn, mod) except ldap.TYPE_OR_VALUE_EXISTS: - logging.debug("chainOnUpdate already enabled for %s" % self.suffix) + root_logger.debug("chainOnUpdate already enabled for %s" % self.suffix) def setup_chain_on_update(self, other_conn): chainbe = self.setup_chaining_backend(other_conn) @@ -397,7 +398,7 @@ class ReplicationManager(object): try: conn.modify_s(self.suffix, mod) except ldap.TYPE_OR_VALUE_EXISTS: - logging.debug("passsync aci already exists in suffix %s on %s" % (self.suffix, conn.host)) + root_logger.debug("passsync aci already exists in suffix %s on %s" % (self.suffix, conn.host)) def setup_winsync_agmt(self, entry, win_subtree=None): if win_subtree is None: @@ -508,9 +509,9 @@ class ReplicationManager(object): b_pn = a.search_s(self.suffix, ldap.SCOPE_SUBTREE, filterstr=filter_b) if a_pn is None: - logging.critical('Unable to find entry for %s on %s' % (filter_a, str(b))) + root_logger.critical('Unable to find entry for %s on %s' % (filter_a, str(b))) if b_pn is None: - logging.critical('Unable to find entry for %s on %s' % (filter_b, str(a))) + root_logger.critical('Unable to find entry for %s on %s' % (filter_b, str(a))) if a_pn is None or b_pn is None: raise RuntimeError('Replication agreement cannot be converted') @@ -567,7 +568,7 @@ class ReplicationManager(object): try: self.conn.modify_s(dn, mod) except Exception, e: - logging.debug("Failed to remove referral value: %s" % str(e)) + root_logger.debug("Failed to remove referral value: %s" % str(e)) def check_repl_init(self, conn, agmtdn): done = False @@ -623,7 +624,7 @@ class ReplicationManager(object): end = entry.nsds5ReplicaLastUpdateEnd # incremental update is done if inprogress is false and end >= start done = inprogress and inprogress.lower() == 'false' and start and end and (start <= end) - logging.info("Replication Update in progress: %s: status: %s: start: %s: end: %s" % + root_logger.info("Replication Update in progress: %s: status: %s: start: %s: end: %s" % (inprogress, status, start, end)) if not done and status: # check for errors # status will usually be a number followed by a string @@ -729,14 +730,14 @@ class ReplicationManager(object): for dn,entry in res: if dn == "": self.ad_suffix = entry['defaultNamingContext'][0] - logging.info("AD Suffix is: %s" % self.ad_suffix) + root_logger.info("AD Suffix is: %s" % self.ad_suffix) if self.ad_suffix == "": raise RuntimeError("Failed to lookup AD's Ldap suffix") ad_conn.unbind_s() del ad_conn except Exception, e: - logging.info("Failed to connect to AD server %s" % ad_dc_name) - logging.info("The error was: %s" % e) + root_logger.info("Failed to connect to AD server %s" % ad_dc_name) + root_logger.info("The error was: %s" % e) raise RuntimeError("Failed to setup winsync replication") # Setup the only half. @@ -751,10 +752,10 @@ class ReplicationManager(object): self.setup_agreement(self.conn, ad_dc_name, repl_man_dn=ad_binddn, repl_man_passwd=ad_pwd, iswinsync=True, win_subtree=ad_subtree) - logging.info("Added new sync agreement, waiting for it to become ready . . .") + root_logger.info("Added new sync agreement, waiting for it to become ready . . .") cn, dn = self.agreement_dn(ad_dc_name) self.wait_for_repl_update(self.conn, dn, 30) - logging.info("Agreement is ready, starting replication . . .") + root_logger.info("Agreement is ready, starting replication . . .") # Add winsync replica to the public DIT dn = str(DN(('cn',ad_dc_name),('cn','replicas'),('cn','ipa'),('cn','etc'), self.suffix)) @@ -766,7 +767,7 @@ class ReplicationManager(object): try: self.conn.add_s(entry) except Exception, e: - logging.info("Failed to create public entry for winsync replica") + root_logger.info("Failed to create public entry for winsync replica") #Finally start replication ret = self.start_replication(self.conn, ad_dc_name) @@ -833,12 +834,12 @@ class ReplicationManager(object): '(objectclass=nsds5ReplicationAgreement)))' % hostname entry = conn.search_s("cn=config", ldap.SCOPE_SUBTREE, filter) if len(entry) == 0: - logging.error("Unable to find replication agreement for %s" % + root_logger.error("Unable to find replication agreement for %s" % (hostname)) raise RuntimeError("Unable to proceed") if len(entry) > 1: - logging.error("Found multiple agreements for %s" % hostname) - logging.error("Using the first one only (%s)" % entry[0].dn) + root_logger.error("Found multiple agreements for %s" % hostname) + root_logger.error("Using the first one only (%s)" % entry[0].dn) dn = entry[0].dn schedule = entry[0].nsds5replicaupdateschedule @@ -850,12 +851,12 @@ class ReplicationManager(object): # it back. if newschedule == schedule: newschedule = '2358-2359 1' - logging.info("Changing agreement %s schedule to %s to force synch" % + root_logger.info("Changing agreement %s schedule to %s to force synch" % (dn, newschedule)) mod = [(ldap.MOD_REPLACE, 'nsDS5ReplicaUpdateSchedule', [ newschedule ])] conn.modify_s(dn, mod) time.sleep(1) - logging.info("Changing agreement %s to restore original schedule %s" % + root_logger.info("Changing agreement %s to restore original schedule %s" % (dn, schedule)) mod = [(ldap.MOD_REPLACE, 'nsDS5ReplicaUpdateSchedule', [ schedule ])] conn.modify_s(dn, mod) diff --git a/ipaserver/install/service.py b/ipaserver/install/service.py index c9ff793f7..249727b15 100644 --- a/ipaserver/install/service.py +++ b/ipaserver/install/service.py @@ -17,7 +17,7 @@ # along with this program. If not, see . # -import logging, sys +import sys import os, socket import tempfile from ipapython import sysrestore @@ -30,6 +30,7 @@ import base64 import time import datetime from ipaserver.install import installutils +from ipapython.ipa_log_manager import * CACERT = "/etc/ipa/ca.crt" @@ -43,7 +44,7 @@ SERVICE_LIST = { } def print_msg(message, output_fd=sys.stdout): - logging.debug(message) + root_logger.debug(message) output_fd.write(message) output_fd.write("\n") @@ -110,7 +111,7 @@ class Service(object): try: ipautil.run(args, nolog=nologlist) except ipautil.CalledProcessError, e: - logging.critical("Failed to load %s: %s" % (ldif, str(e))) + root_logger.critical("Failed to load %s: %s" % (ldif, str(e))) finally: if pw_name: os.remove(pw_name) @@ -177,7 +178,7 @@ class Service(object): try: self.admin_conn.modify_s(dn, mod) except Exception, e: - logging.critical("Could not add certificate to service %s entry: %s" % (self.principal, str(e))) + root_logger.critical("Could not add certificate to service %s entry: %s" % (self.principal, str(e))) def is_configured(self): return self.sstore.has_state(self.service_name) @@ -249,7 +250,7 @@ class Service(object): method() e = datetime.datetime.now() d = e - s - logging.debug(" duration: %d seconds" % d.seconds) + root_logger.debug(" duration: %d seconds" % d.seconds) step += 1 self.print_msg("done configuring %s." % self.service_name) @@ -267,7 +268,7 @@ class Service(object): else: conn.do_sasl_gssapi_bind() except Exception, e: - logging.debug("Could not connect to the Directory Server on %s: %s" % (fqdn, str(e))) + root_logger.debug("Could not connect to the Directory Server on %s: %s" % (fqdn, str(e))) raise e return conn @@ -290,7 +291,7 @@ class Service(object): try: conn.add_s(entry) except ldap.ALREADY_EXISTS, e: - logging.critical("failed to add %s Service startup entry" % name) + root_logger.critical("failed to add %s Service startup entry" % name) raise e class SimpleServiceInstance(Service): diff --git a/ipaserver/install/upgradeinstance.py b/ipaserver/install/upgradeinstance.py index 2f42358b7..72636497c 100644 --- a/ipaserver/install/upgradeinstance.py +++ b/ipaserver/install/upgradeinstance.py @@ -21,7 +21,7 @@ import os import sys import shutil import random -import logging +from ipapython.ipa_log_manager import * from ipaserver.install import installutils from ipaserver.install import dsinstance @@ -111,7 +111,7 @@ class IPAUpgrade(service.Service): # Bad things happened, return gracefully self.modified = False self.upgradefailed = True - logging.error('Upgrade failed with %s' % str(e)) + root_logger.error('Upgrade failed with %s' % str(e)) def main(): if os.getegid() != 0: diff --git a/ipaserver/plugins/ldap2.py b/ipaserver/plugins/ldap2.py index 32a1eccb4..57981869d 100644 --- a/ipaserver/plugins/ldap2.py +++ b/ipaserver/plugins/ldap2.py @@ -36,7 +36,7 @@ import time import re import krbV -import logging +from ipapython.ipa_log_manager import * import ldap as _ldap import ldap.filter as _ldap_filter import ldap.sasl as _ldap_sasl @@ -1098,8 +1098,7 @@ class ldap2(CrudBackend, Encoder): try: indirect.remove(r[0].lower()) except ValueError, e: - logging.info('Failed to remove' - ' indirect entry %s from %s' % r[0], entry_dn) + root_logger.info('Failed to remove indirect entry %s from %s' % r[0], entry_dn) raise e return (direct, indirect) -- cgit