diff options
Diffstat (limited to 'install/tools/ipa-ca-install')
-rwxr-xr-x | install/tools/ipa-ca-install | 58 |
1 files changed, 16 insertions, 42 deletions
diff --git a/install/tools/ipa-ca-install b/install/tools/ipa-ca-install index d4a287951..a3ed6e5d3 100755 --- a/install/tools/ipa-ca-install +++ b/install/tools/ipa-ca-install @@ -19,22 +19,19 @@ # import sys -import socket - -import os, shutil +import os +import shutil from ipapython import ipautil from ipapython import services as ipaservices -from ipaserver.install import installutils, service -from ipaserver.install import certs -from ipaserver.install.installutils import (HostnameLocalhost, ReplicaConfig, - expand_replica_info, read_replica_info, get_host_name, BadHostError, - private_ccache, read_replica_info_dogtag_port) +from ipaserver.install import installutils +from ipaserver.install.installutils import ( + private_ccache, create_replica_config) from ipaserver.install import dsinstance, cainstance, bindinstance from ipaserver.install.replication import replica_conn_check from ipapython import version -from ipalib import api, util +from ipalib import api from ipapython.dn import DN from ipapython.config import IPAOptionParser from ipapython import sysrestore @@ -44,6 +41,7 @@ from ipapython.ipa_log_manager import * log_file_name = "/var/log/ipareplica-ca-install.log" REPLICA_INFO_TOP_DIR = None + def parse_options(): usage = "%prog [options] REPLICA_FILE" parser = IPAOptionParser(usage=usage, version=version.VERSION) @@ -71,9 +69,11 @@ def parse_options(): return safe_options, options, args[0] + def get_dirman_password(): return installutils.read_password("Directory Manager (existing master)", confirm=False, validate=False) + def install_dns_records(config, options): if not bindinstance.dns_container_exists(config.master_host_name, @@ -88,7 +88,8 @@ def install_dns_records(config, options): bind.add_ipa_ca_dns_records(config.host_name, config.domain_name) finally: if api.Backend.ldap2.isconnected(): - api.Backend.ldap2.disconnect() + api.Backend.ldap2.disconnect() + def main(): safe_options, options, filename = parse_options() @@ -129,38 +130,11 @@ def main(): sys.exit("Directory Manager password required") if not options.admin_password and not options.skip_conncheck and \ - options.unattended: - sys.exit('admin password required') - - try: - top_dir, dir = expand_replica_info(filename, dirman_password) - global REPLICA_INFO_TOP_DIR - REPLICA_INFO_TOP_DIR = top_dir - except Exception, e: - print "ERROR: Failed to decrypt or open the replica file." - print "Verify you entered the correct Directory Manager password." - sys.exit(1) + options.unattended: + sys.exit('admin password required') - config = ReplicaConfig() - read_replica_info(dir, config) - config.dirman_password = dirman_password - try: - host = get_host_name(options.no_host_dns) - except BadHostError, e: - root_logger.error(str(e)) - sys.exit(1) - if config.host_name != host: - try: - print "This replica was created for '%s' but this machine is named '%s'" % (config.host_name, host) - if not ipautil.user_input("This may cause problems. Continue?", True): - sys.exit(0) - config.host_name = host - print "" - except KeyboardInterrupt: - sys.exit(0) - config.dir = dir + config = create_replica_config(dirman_password, filename, options) config.setup_ca = True - config.ca_ds_port = read_replica_info_dogtag_port(config.dir) if not ipautil.file_exists(config.dir + "/cacert.p12"): print 'CA cannot be installed in CA-less setup.' @@ -212,8 +186,8 @@ if __name__ == '__main__': try: with private_ccache(): installutils.run_script(main, log_file_name=log_file_name, - operation_name='ipa-ca-install', - fail_message=fail_message) + operation_name='ipa-ca-install', + fail_message=fail_message) finally: # always try to remove decrypted replica file try: |