URL: https://github.com/freeipa/freeipa/pull/5043 Author: stanislavlevin Title: #5043: [Backport][ipa-4-8] uninstall: Don't fail on missing /var/lib/samba Action: opened
PR body: """ This PR was opened manually because PR #5032 was pushed to master and backport to ipa-4-8 is required. """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/5043/head:pr5043 git checkout pr5043
From f8003a7291d3aa5c08f7f3599c3e54cd8662eb34 Mon Sep 17 00:00:00 2001 From: Stanislav Levin <s...@altlinux.org> Date: Wed, 12 Aug 2020 18:19:24 +0300 Subject: [PATCH 1/3] uninstall: Don't fail on missing /var/lib/samba On some distros freeipa-server package may not depend on `/var/lib/samba` directory. In this case an uninstallation of ipaserver fails. Fixes: https://pagure.io/freeipa/issue/8461 Signed-off-by: Stanislav Levin <s...@altlinux.org> --- ipaserver/install/adtrustinstance.py | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/ipaserver/install/adtrustinstance.py b/ipaserver/install/adtrustinstance.py index c51848d9b3..a7a403f37d 100644 --- a/ipaserver/install/adtrustinstance.py +++ b/ipaserver/install/adtrustinstance.py @@ -899,10 +899,11 @@ def uninstall(self): ipautil.remove_file(self.smb_conf) # Remove samba's persistent and temporary tdb files - tdb_files = [tdb_file for tdb_file in os.listdir(paths.SAMBA_DIR) - if tdb_file.endswith(".tdb")] - for tdb_file in tdb_files: - ipautil.remove_file(tdb_file) + if os.path.isdir(paths.SAMBA_DIR): + tdb_files = [tdb_file for tdb_file in os.listdir(paths.SAMBA_DIR) + if tdb_file.endswith(".tdb")] + for tdb_file in tdb_files: + ipautil.remove_file(tdb_file) # Remove our keys from samba's keytab self.clean_samba_keytab() From d7c1d7db9669e6bbcad81e40439df7b859d980de Mon Sep 17 00:00:00 2001 From: Stanislav Levin <s...@altlinux.org> Date: Wed, 12 Aug 2020 18:30:29 +0300 Subject: [PATCH 2/3] uninstall: Clean up no longer used flag The `_server_trust_ad_installed` was added as a flag which indicates that `freeipa-server-trust-ad` package is installed. Later, `ipaserver/install/adtrustinstance.py` module was moved out into `freeipa-server` package and the import became unconditionally successful. Fixes: https://pagure.io/freeipa/issue/8461 Signed-off-by: Stanislav Levin <s...@altlinux.org> --- ipaserver/install/server/install.py | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/ipaserver/install/server/install.py b/ipaserver/install/server/install.py index 004f9e5300..b86c3fec15 100644 --- a/ipaserver/install/server/install.py +++ b/ipaserver/install/server/install.py @@ -38,7 +38,7 @@ no_matching_interface_for_ip_address_warning, ) from ipaserver.install import ( - adtrust, bindinstance, ca, dns, dsinstance, + adtrust, adtrustinstance, bindinstance, ca, dns, dsinstance, httpinstance, installutils, kra, krbinstance, otpdinstance, custodiainstance, replication, service, sysupgrade) @@ -50,12 +50,6 @@ if six.PY3: unicode = str -try: - from ipaserver.install import adtrustinstance - _server_trust_ad_installed = True -except ImportError: - _server_trust_ad_installed = False - NoneType = type(None) logger = logging.getLogger(__name__) @@ -1170,8 +1164,7 @@ def uninstall(installer): httpinstance.HTTPInstance(fstore).uninstall() krbinstance.KrbInstance(fstore).uninstall() dsinstance.DsInstance(fstore=fstore).uninstall() - if _server_trust_ad_installed: - adtrustinstance.ADTRUSTInstance(fstore).uninstall() + adtrustinstance.ADTRUSTInstance(fstore).uninstall() # realm isn't used, but IPAKEMKeys parses /etc/ipa/default.conf # otherwise, see https://pagure.io/freeipa/issue/7474 . custodiainstance.CustodiaInstance(realm='REALM.INVALID').uninstall() From aa9358ddff2d0efb526a98e245806e15a1c7fc99 Mon Sep 17 00:00:00 2001 From: Stanislav Levin <s...@altlinux.org> Date: Thu, 13 Aug 2020 11:19:05 +0300 Subject: [PATCH 3/3] spec: Move ipa-cldap plugin out to freeipa-server-trust-ad package This ns-slapd plugin is used as a CLDAP server which responses to AD DCs with an information about IPA domain. So, logically it belongs to freeipa-server-trust-ad package. Signed-off-by: Stanislav Levin <s...@altlinux.org> --- freeipa.spec.in | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/freeipa.spec.in b/freeipa.spec.in index b6a19eb30d..3b09d6aa56 100755 --- a/freeipa.spec.in +++ b/freeipa.spec.in @@ -1203,7 +1203,6 @@ fi %attr(755,root,root) %{plugin_dir}/libipa_uuid.so %attr(755,root,root) %{plugin_dir}/libipa_modrdn.so %attr(755,root,root) %{plugin_dir}/libipa_lockout.so -%attr(755,root,root) %{plugin_dir}/libipa_cldap.so %attr(755,root,root) %{plugin_dir}/libipa_dns.so %attr(755,root,root) %{plugin_dir}/libipa_range_check.so %attr(755,root,root) %{plugin_dir}/libipa_otp_counter.so @@ -1260,6 +1259,7 @@ fi %{_usr}/share/ipa/kdcproxy.wsgi %{_usr}/share/ipa/ipaca*.ini %{_usr}/share/ipa/*.ldif +%exclude %{_datadir}/ipa/ipa-cldap-conf.ldif %{_usr}/share/ipa/*.uldif %{_usr}/share/ipa/*.template %dir %{_usr}/share/ipa/advise @@ -1351,6 +1351,8 @@ fi %{_sbindir}/ipa-adtrust-install %{_usr}/share/ipa/smb.conf.empty %attr(755,root,root) %{_libdir}/samba/pdb/ipasam.so +%attr(755,root,root) %{plugin_dir}/libipa_cldap.so +%{_datadir}/ipa/ipa-cldap-conf.ldif %{_mandir}/man1/ipa-adtrust-install.1* %ghost %{_libdir}/krb5/plugins/libkrb5/winbind_krb5_locator.so %{_sysconfdir}/dbus-1/system.d/oddjob-ipa-trust.conf
_______________________________________________ FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-devel@lists.fedorahosted.org
