Formatting fixes and change in security domain api

Re-added function for rebase.
author: Ade Lee <alee@redhat.com> 2014-05-27 14:42:15 -0400
committer: Ade Lee <alee@redhat.com> 2014-05-27 17:42:25 -0400
commit: aa849989e2c4ecf25e597aac94bddfa143059947 (patch)
tree: fa91d95f811fbe5b2d0f2ce3cba9e9a968950f38 /ipaserver
parent: b62f7a71a9c4dad3ab5b9a66a36babcc46237edd (diff)
download: freeipa-aa849989e2c4ecf25e597aac94bddfa143059947.tar.gz
freeipa-aa849989e2c4ecf25e597aac94bddfa143059947.tar.xz
freeipa-aa849989e2c4ecf25e597aac94bddfa143059947.zip
3 files changed, 41 insertions, 15 deletions
diff --git a/ipaserver/install/dogtaginstance.py b/ipaserver/install/dogtaginstance.py
index 89e4ad4e6..64683f4f8 100644
--- a/ipaserver/install/dogtaginstance.py
+++ b/ipaserver/install/dogtaginstance.py
@@ -75,14 +75,14 @@ def get_security_domain():
 def is_installing_replica(sys_type):
     """
     We expect only one of each type of Dogtag subsystem in an IPA deployment.
-    That means that if a subsystem of the specified type has already been deployed -
-    and therefore appears in the security domain - then we must be installing
-    a replica.
+    That means that if a subsystem of the specified type has already been
+    deployed - and therefore appears in the security domain - then we must be
+    installing a replica.
     """
     info = get_security_domain()
     try:
         sys_list = info.systems[sys_type]
-        return len(sys_list) > 0
+        return len(sys_list.hosts) > 0
     except KeyError:
         return False
 
@@ -212,8 +212,9 @@ class DogtagInstance(service.Service):
         Path to CS.cfg config file passed in.
         """
 
-        with stopped_service(self.dogtag_constants.SERVICE_NAME,
-                             instance_name=self.dogtag_constants.PKI_INSTANCE_NAME):
+        with stopped_service(
+                self.dogtag_constants.SERVICE_NAME,
+                instance_name=self.dogtag_constants.PKI_INSTANCE_NAME):
             installutils.set_directive(
                 config,
                 'authz.instance.DirAclAuthz.ldap.ldapauth.authtype',
@@ -378,7 +379,9 @@ class DogtagInstance(service.Service):
 
         try:
             conn = ipaldap.IPAdmin(self.fqdn, self.ds_port)
-            conn.do_simple_bind(DN(('cn', 'Directory Manager')), self.dm_password)
+            conn.do_simple_bind(
+                DN(('cn', 'Directory Manager')),
+                self.dm_password)
 
             entry_attrs = conn.get_entry(self.admin_user, ['usercertificate'])
             admin_cert = entry_attrs.get('usercertificate')[0]
@@ -386,4 +389,4 @@ class DogtagInstance(service.Service):
             if conn is not None:
                 conn.unbind()
 
-        return base64.b64encode(admin_cert)
-\ No newline at end of file
+        return base64.b64encode(admin_cert)
diff --git a/ipaserver/install/drminstance.py b/ipaserver/install/drminstance.py
index de98276e8..536e468df 100644
--- a/ipaserver/install/drminstance.py
+++ b/ipaserver/install/drminstance.py
@@ -106,7 +106,8 @@ class DRMInstance(DogtagInstance):
 
         self.step("configuring DRM instance", self.__spawn_instance)
         if not self.clone:
-            self.step("add RA user to DRM agent group", self.__add_ra_user_to_agent_group)
+            self.step("add RA user to DRM agent group",
+                      self.__add_ra_user_to_agent_group)
         self.step("restarting DRM", self.restart_instance)
         self.step("configure certificate renewals", self.configure_renewal)
         self.step("Configure HTTP to proxy connections",
@@ -180,8 +181,9 @@ class DRMInstance(DogtagInstance):
                    str(DN(('cn', self.fqdn), self.subject_base)))
         config.set("KRA", "pki_audit_signing_subject_dn",
                    str(DN(('cn', 'DRM Audit'), self.subject_base)))
-        config.set("KRA", "pki_transport_subject_dn",
-                   str(DN(('cn', 'DRM Transport Certificate'), self.subject_base)))
+        config.set(
+            "KRA", "pki_transport_subject_dn",
+            str(DN(('cn', 'DRM Transport Certificate'), self.subject_base)))
         config.set(
             "KRA", "pki_storage_subject_dn",
             str(DN(('cn', 'DRM Storage Certificate'), self.subject_base)))
@@ -236,8 +238,9 @@ class DRMInstance(DogtagInstance):
             config.set("KRA", "pki_clone_replication_clone_port",
                        dogtag.install_constants.DS_PORT)
             config.set("KRA", "pki_clone_replicate_schema", "False")
-            config.set("KRA", "pki_clone_uri",
-                       "https://%s" % ipautil.format_netloc(self.master_host, 443))
+            config.set(
+                "KRA", "pki_clone_uri",
+                "https://%s" % ipautil.format_netloc(self.master_host, 443))
 
         # Generate configuration file
         with open(cfg_file, "wb") as f:
@@ -261,7 +264,8 @@ class DRMInstance(DogtagInstance):
         conn.do_simple_bind(DN(('cn', 'Directory Manager')), self.dm_password)
 
         entry_dn = DN(('uid', "ipara"), ('ou', 'People'), ('o', 'ipaca'))
-        dn = DN(('cn', 'Data Recovery Manager Agents'), ('ou', 'groups'), self.basedn)
+        dn = DN(('cn', 'Data Recovery Manager Agents'), ('ou', 'groups'),
+                self.basedn)
         modlist = [(0, 'uniqueMember', '%s' % entry_dn)]
         conn.modify_s(dn, modlist)
 
diff --git a/ipaserver/install/installutils.py b/ipaserver/install/installutils.py
index 675050ce4..315848f2e 100644
--- a/ipaserver/install/installutils.py
+++ b/ipaserver/install/installutils.py
@@ -40,7 +40,7 @@ from ipapython.ipa_log_manager import *
 from ipalib.util import validate_hostname
 from ipapython import config
 from ipalib import errors
-from ipaserver.install import certs
+from ipaserver.install import certs, service
 from ipapython import services as ipaservices
 from ipapython import version
 
@@ -898,3 +898,22 @@ def stopped_service(service, instance_name=""):
         finally:
             root_logger.debug('Starting %s%s.', service, log_instance_name)
             ipaservices.knownservices[service].start(instance_name)
+
+
+def check_entropy():
+    '''
+    Checks if the system has enough entropy, if not, displays warning message
+    '''
+    try:
+        with open('/proc/sys/kernel/random/entropy_avail', 'r') as efname:
+            if int(efname.read()) < 200:
+                emsg = 'WARNING: Your system is running out of entropy, ' \
+                        'you may experience long delays'
+                service.print_msg(emsg)
+                root_logger.debug(emsg)
+    except IOError as e:
+        root_logger.debug(
+            "Could not open /proc/sys/kernel/random/entropy_avail: %s" % e)
+    except ValueError as e:
+        root_logger.debug(
+            "Invalid value in /proc/sys/kernel/random/entropy_avail %s" % e)
author	Ade Lee <alee@redhat.com>	2014-05-27 14:42:15 -0400
committer	Ade Lee <alee@redhat.com>	2014-05-27 17:42:25 -0400
commit	aa849989e2c4ecf25e597aac94bddfa143059947 (patch)
tree	fa91d95f811fbe5b2d0f2ce3cba9e9a968950f38 /ipaserver
parent	b62f7a71a9c4dad3ab5b9a66a36babcc46237edd (diff)
download	freeipa-aa849989e2c4ecf25e597aac94bddfa143059947.tar.gz freeipa-aa849989e2c4ecf25e597aac94bddfa143059947.tar.xz freeipa-aa849989e2c4ecf25e597aac94bddfa143059947.zip