Hi, On 19.07.2011 16:36, Alexander Bokovoy wrote: >> I believe that nss-pam-ldapd uses a different configuration file than >> nss_ldap, I think I'd rather use the existence of that to determine what >> is being used. Calling out to rpm seems heavy-weight. > In continuation of the same story, ticket 1368 asks for propagating > hostname into static configuration (/etc/sysconfig/network, HOSTNAME > variable on Red Hat systems). This is an example of system-specific > common code where we want to ensure configuration is made and backed up > but we don't care what is configuration's location and format. I.e. > perfect example to write platform-specific support. > > I'm going to rework ipautil into providing common functions and loading > platform-specific ones from separate files so that we can have Red Hat > or Fedora (or LSB) platforms, Debian-based platforms and so on. Remeber, > this is for ipa-client-install so some flexibility is welcomed here. > > I'll try to avoid using package management tools in such > platform-specific code as much as possible also to avoid lock conflicts > (if something is being installed in background you might get locked when > asking a package database). > > We don't need to do platform detection at runtime as that is could be > deferred to package maintainers. After all, IPA most likely will be > packaged and ipa-client-install will come from such a package. Thus, > providing proper ipautil-system.py file can be done as packaging effort.
Attached is a first cut for the refactoring. It introduces ipapython.services which is a container for service- and platform-specific methods and classes that would require different behavior depending on a distribution in question. I moved existing code to ipapython/platform/redhat.py. ipapython/services.py is auto-generated and basically is one-liner: ===== from ipapython.platform.<platform> import * ===== Actual <platform> value is substituted using top-level Makefile's SUPPORTED_PLAFTORM= variable (defaults to 'redhat', can be redefined without modifying Makefile, in package building scripts, for example) and then ipapython/services.py is generated from ipapython/services.py.in I have converted all users of ipapython.iputil to a new interface but haven't really tested the code yet apart from make dist and make-lint. As it is work in progress, all comments and suggestions are welcome! -- / Alexander Bokovoy
From 8ab1740193ffca750658c27c957d00b8de1eabf6 Mon Sep 17 00:00:00 2001 From: Alexander Bokovoy <[email protected]> Date: Wed, 20 Jul 2011 20:20:22 +0300 Subject: [PATCH] First phase of iputil refactoring: introduce ipapython.services and ipapython.platform --- Makefile | 8 ++ install/tools/ipa-nis-manage | 11 ++- install/tools/ipa-replica-install | 2 +- install/tools/ipa-server-install | 7 +- ipa-client/ipa-install/ipa-client-install | 62 +++++++++------- ipapython/Makefile | 4 +- ipapython/ipautil.py | 117 +++++++++++++++++----------- ipapython/platform/__init__.py | 23 ++++++ ipapython/platform/redhat.py | 116 ++++++++++++++++++++++++++++ ipapython/setup.py.in | 2 +- ipaserver/install/bindinstance.py | 2 +- ipaserver/install/cainstance.py | 4 +- ipaserver/install/certs.py | 2 +- ipaserver/install/dsinstance.py | 6 +- ipaserver/install/httpinstance.py | 2 +- ipaserver/install/krbinstance.py | 2 +- ipaserver/install/ntpinstance.py | 4 +- ipaserver/install/service.py | 55 +++++++------- 18 files changed, 306 insertions(+), 123 deletions(-) create mode 100644 ipapython/platform/__init__.py create mode 100644 ipapython/platform/redhat.py diff --git a/Makefile b/Makefile index 6484dbbc9263e28b220d2819ad47baaf910ba5f1..9d8802587f9fa1130271d3824667d83b637ac9ee 100644 --- a/Makefile +++ b/Makefile @@ -8,6 +8,8 @@ PRJ_PREFIX=freeipa RPMBUILD ?= $(PWD)/rpmbuild TARGET ?= master +SUPPORTED_PLATFORM=redhat + # After updating the version in VERSION you should run the version-update # target. @@ -109,6 +111,12 @@ version-update: release-update ipa-client/ipa-client.spec.in > ipa-client/ipa-client.spec sed -e s/__VERSION__/$(IPA_VERSION)/ ipa-client/version.m4.in \ > ipa-client/version.m4 + + if [ "$(SUPPORTED_PLATFORM)" != "" ]; then \ + sed -e s/SUPPORTED_PLATFORM/$(SUPPORTED_PLATFORM)/ ipapython/services.py.in \ + > ipapython/services.py; \ + fi + if [ "$(SKIP_API_VERSION_CHECK)" != "yes" ]; then \ ./makeapi --validate; \ fi diff --git a/install/tools/ipa-nis-manage b/install/tools/ipa-nis-manage index 3625ae03a79830cb832e0644f0954c5fe0e8e67b..63977da6a72bd35eb32e408c09914ef9888487ef 100755 --- a/install/tools/ipa-nis-manage +++ b/install/tools/ipa-nis-manage @@ -24,6 +24,7 @@ import os try: from optparse import OptionParser from ipapython import ipautil, config + from ipapython import services as ipaservices from ipaserver.install import installutils from ipaserver.install.ldapupdate import LDAPUpdate, BadSyntax from ipaserver.plugins.ldap2 import ldap2 @@ -143,15 +144,15 @@ def main(): # Enable either the portmap or rpcbind service try: - ipautil.run(["/sbin/chkconfig", "portmap", "on"]) - servicemsg = "portmap" + ipaservices.service_on(ipaservices.SERVICE_PORTMAP) + servicemsg = ipaservices.SERVICE_PORTMAP except ipautil.CalledProcessError, cpe: if cpe.returncode == 1: try: - ipautil.run(["/sbin/chkconfig", "rpcbind", "on"]) - servicemsg = "rpcbind" + ipaservices.service_on(ipaservices.SERVICE_RPCBIND) + servicemsg = ipaservices.SERVICE_RPCBIND except ipautil.CalledProcessError, cpe: - print "Unable to enable either portmap or rpcbind" + print "Unable to enable either %s or %s" % (ipaservices.SERVICE_PORTMAP, ipaservices.SERVICE_RPCBIND) retval = 3 # The cn=config entry for the plugin may already exist but it diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install index 6531421ab47b58e04187d860456bb4ce49bec74f..ac6ccf5dbc9dc48510b7c76ab9e7bc6e29e6c077 100755 --- a/install/tools/ipa-replica-install +++ b/install/tools/ipa-replica-install @@ -464,7 +464,7 @@ def main(): ds.init_memberof() #Everything installed properly, activate ipa service. - service.chkconfig_on('ipa') + service.service_on('ipa') try: if not os.geteuid()==0: diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install index 8f8100bc96819378f1e59457ffb494f3858cd45d..fe5558786dcc2345ff6d13f52c1bcceec4011a44 100755 --- a/install/tools/ipa-server-install +++ b/install/tools/ipa-server-install @@ -55,6 +55,7 @@ from ipaserver.plugins.ldap2 import ldap2 from ipapython import sysrestore from ipapython.ipautil import * +import ipapython.services as ipaservices from ipalib import api, errors, util from ipalib.parameters import IA5Str from ipapython.config import IPAOptionParser @@ -462,7 +463,7 @@ def uninstall(): except KeyError: logging.info("Group %s already removed", dsinstance.DS_GROUP) - service.chkconfig_off('ipa') + service.service_off('ipa') return 0 @@ -888,7 +889,7 @@ def main(): os.remove(pw_name) else: http.create_instance(realm_name, host_name, domain_name, dm_password, autoconfig=True, self_signed_ca=options.selfsign, subject_base=options.subject) - ipautil.run(["/sbin/restorecon", "/var/cache/ipa/sessions"]) + ipaservices.restore_context("/var/cache/ipa/sessions") set_subject_in_config(realm_name, dm_password, util.realm_to_suffix(realm_name), options.subject) if not options.selfsign: @@ -943,7 +944,7 @@ def main(): #Everything installed properly, activate ipa service. - service.chkconfig_on('ipa') + service.service_on('ipa') print "==============================================================================" print "Setup complete" diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install index 4610583d7a314ba0fa67ed86d243ea4676ba39b4..506edfe1e8990c3f4c6a4d573b3a02ee82fe43eb 100755 --- a/ipa-client/ipa-install/ipa-client-install +++ b/ipa-client/ipa-install/ipa-client-install @@ -32,6 +32,7 @@ try: import ipaclient.ipachangeconf import ipaclient.ntpconf from ipapython.ipautil import run, user_input, CalledProcessError, file_exists + import ipapython.services as ipaservices from ipapython import ipautil from ipapython import dnsclient from ipapython import sysrestore @@ -179,14 +180,14 @@ def uninstall(options, env): # Always start certmonger. We can't untrack something if it isn't # running try: - ipautil.service_start('certmonger') + ipaservices.service_start(ipaservices.SERVICE_CERTMONGER) except Exception, e: logging.error("certmonger failed to start: %s" % str(e)) try: certmonger.stop_tracking('/etc/pki/nssdb', nickname=client_nss_nickname) except (CalledProcessError, RuntimeError), e: - logging.error("certmonger failed to stop tracking certificate: %s" % str(e)) + logging.error("%s failed to stop tracking certificate: %s" % (ipaservices.SERVICE_CERTMONGER, str(e))) if nickname_exists(client_nss_nickname): try: @@ -195,18 +196,18 @@ def uninstall(options, env): print "Failed to remove %s from /etc/pki/nssdb: %s" % (client_nss_nickname, str(e)) try: - ipautil.service_stop('certmonger') + ipaservices.service_stop(ipaservices.SERVICE_CERTMONGER) except Exception, e: - logging.error("certmonger failed to stop: %s" % str(e)) + logging.error("%s failed to stop: %s" % (ipaservices.SERVICE_CERTMONGER, str(e))) # Remove any special principal names we added to the IPA CA helper certmonger.remove_principal_from_cas() try: - ipautil.chkconfig_off('certmonger') + ipaservices.service_off(ipaservices.SERVICE_CERTMONGER) except Exception, e: - print "Failed to disable automatic startup of the certmonger daemon" - logging.error("Failed to disable automatic startup of the certmonger daemon: %s" % str(e)) + print "Failed to disable automatic startup of the %s service" % (ipaservices.SERVICE_CERTMONGER) + logging.error("Failed to disable automatic startup of the %s service: %s" % (ipaservices.SERVICE_CERTMONGER, str(e))) if not options.on_master: print "Unenrolling client from IPA server" @@ -229,7 +230,14 @@ def uninstall(options, env): print "Disabling client Kerberos and LDAP configurations" try: - run(["/usr/sbin/authconfig", "--disableldap", "--disablekrb5", "--disablesssd", "--disablesssdauth", "--disablemkhomedir", "--update"]) + auth_config = ipaservices.authconfig() + auth_config.disable("ldap").\ + disable("krb5").\ + disable("sssd").\ + disable("sssdauth").\ + disable("mkhomedir").\ + add_option("update") + auth_config.execute() except Exception, e: print "Failed to remove krb5/LDAP configuration. " +str(e) sys.exit(1) @@ -237,28 +245,28 @@ def uninstall(options, env): print "Restoring client configuration files" fstore.restore_all_files() - if ipautil.service_is_installed('nscd'): + if ipaservices.service_is_installed('nscd'): try: - ipautil.service_restart('nscd') + ipaservices.service_restart('nscd') except: print "Failed to restart start the NSCD daemon" try: - ipautil.chkconfig_on('nscd') + ipaservices.service_on('nscd') except: print "Failed to configure automatic startup of the NSCD daemon" else: # this is optional service, just log logging.info("NSCD daemon is not installed, skip configuration") - if ipautil.service_is_installed('nslcd'): + if ipaservices.service_is_installed('nslcd'): try: - ipautil.service_stop('nslcd') + ipaservices.service_stop('nslcd') except: print "Failed to stop the NSLCD daemon" try: - ipautil.chkconfig_off('nslcd') + ipaservices.service_off('nslcd') except: print "Failed to disable automatic startup of the NSLCD daemon" else: @@ -381,14 +389,14 @@ def configure_nslcd_conf(fstore, cli_basedn, cli_realm, cli_domain, cli_server, print "Creation of %s: %s" % ('/etc/nslcd.conf', str(e)) return 1 - if ipautil.service_is_installed('nslcd'): + if ipaservices.service_is_installed('nslcd'): try: - ipautil.service_restart('nslcd') + ipaservices.service_restart('nslcd') except Exception, e: logging.error("nslcd failed to restart: %s" % str(e)) try: - ipautil.chkconfig_on('nslcd') + ipaservices.service_on('nslcd') except Exception, e: print "Failed to configure automatic startup of the NSLCD daemon" logging.error("Failed to enable automatic startup of the NSLCD daemon: %s" % str(e)) @@ -482,14 +490,14 @@ def configure_certmonger(fstore, subject_base, cli_realm, hostname, options): # Ensure that certmonger has been started at least once to generate the # cas files in /var/lib/certmonger/cas. try: - ipautil.service_restart('certmonger') + ipaservices.service_restart('certmonger') except Exception, e: logging.error("certmonger failed to restart: %s" % str(e)) if options.hostname: # It needs to be stopped if we touch them try: - ipautil.service_stop('certmonger') + ipaservices.service_stop('certmonger') except Exception, e: logging.error("certmonger failed to stop: %s" % str(e)) # If the hostname is explicitly set then we need to tell certmonger @@ -497,7 +505,7 @@ def configure_certmonger(fstore, subject_base, cli_realm, hostname, options): certmonger.add_principal_to_cas(principal) try: - ipautil.service_restart('certmonger') + ipaservices.service_restart('certmonger') except Exception, e: print "Failed to start the certmonger daemon" print "Automatic certificate management will not be available" @@ -505,7 +513,7 @@ def configure_certmonger(fstore, subject_base, cli_realm, hostname, options): started = False try: - ipautil.chkconfig_on('certmonger') + ipaservices.service_on('certmonger') except Exception, e: print "Failed to configure automatic startup of the certmonger daemon" print "Automatic certificate management will not be available" @@ -915,15 +923,15 @@ def main(): client_dns(cli_server, hostname, options.dns_updates) #Name Server Caching Daemon. Disable for SSSD, use otherwise (if installed) - if ipautil.service_is_installed("nscd"): + if ipaservices.service_is_installed("nscd"): if options.sssd: nscd_service_action = "stop" - nscd_service_cmd = ipautil.service_stop - nscd_chkconfig_cmd = ipautil.chkconfig_off + nscd_service_cmd = ipaservices.service_stop + nscd_service_cmd = ipaservices.service_off else: nscd_service_action = "restart" - nscd_service_cmd = ipautil.service_restart - nscd_chkconfig_cmd = ipautil.chkconfig_on + nscd_service_cmd = ipaservices.service_restart + nscd_service_cmd = ipaservices.service_on try: nscd_service_cmd('nscd') @@ -933,7 +941,7 @@ def main(): print >>sys.stderr, "Caching of users/groups will not be available" try: - nscd_chkconfig_cmd('nscd') + nscd_service_cmd('nscd') except: if not options.sssd: print >>sys.stderr, "Failed to configure automatic startup of the NSCD daemon" diff --git a/ipapython/Makefile b/ipapython/Makefile index c96d5d9c1498140af7188a1d4b55c8e9453e3f71..7b046383a9552a1a241b0138126e5a638d1340d6 100644 --- a/ipapython/Makefile +++ b/ipapython/Makefile @@ -3,7 +3,7 @@ PACKAGEDIR ?= $(DESTDIR)/$(PYTHONLIBDIR)/ipa CONFIGDIR ?= $(DESTDIR)/etc/ipa TESTS = $(wildcard test/*.py) -SUBDIRS = py_default_encoding +SUBDIRS = py_default_encoding platform all: @for subdir in $(SUBDIRS); do \ @@ -27,7 +27,7 @@ clean: done distclean: clean - rm -f setup.py ipa-python.spec version.py + rm -f setup.py ipa-python.spec version.py services.py @for subdir in $(SUBDIRS); do \ (cd $$subdir && $(MAKE) $@) || exit 1; \ done diff --git a/ipapython/ipautil.py b/ipapython/ipautil.py index 0191662cdea28306c0b274578f9bfafc58faf143..b64f81d05715e59e16fbab6e3eb6bafe6b6cb859 100644 --- a/ipapython/ipautil.py +++ b/ipapython/ipautil.py @@ -1,6 +1,7 @@ # Authors: Simo Sorce <[email protected]> +# Alexander Bokovoy <[email protected]> # -# Copyright (C) 2007 Red Hat +# Copyright (C) 2007-2011 Red Hat # see file 'COPYING' for use and warranty information # # This program is free software; you can redistribute it and/or modify @@ -1050,51 +1051,6 @@ def get_gsserror(e): return (major, minor) -def service_stop(service_name, instance_name="", capture_output=True): - run(["/sbin/service", service_name, "stop", instance_name], - capture_output=capture_output) - -def service_start(service_name, instance_name="", capture_output=True): - run(["/sbin/service", service_name, "start", instance_name], - capture_output=capture_output) - -def service_restart(service_name, instance_name="", capture_output=True): - run(["/sbin/service", service_name, "restart", instance_name], - capture_output=capture_output) - -def service_is_running(service_name, instance_name=""): - ret = True - try: - run(["/sbin/service", service_name, "status", instance_name]) - except CalledProcessError: - ret = False - return ret - -def service_is_installed(service_name): - installed = True - try: - run(["/sbin/service", service_name, "status"]) - except CalledProcessError, e: - if e.returncode == 1: - # service is not installed or there is other serious issue - installed = False - return installed - -def service_is_enabled(service_name): - (stdout, stderr, returncode) = run(["/sbin/chkconfig", service_name], raiseonerr=False) - return (returncode == 0) - -def chkconfig_on(service_name): - run(["/sbin/chkconfig", service_name, "on"]) - -def chkconfig_off(service_name): - run(["/sbin/chkconfig", service_name, "off"]) - -def chkconfig_add(service_name): - run(["/sbin/chkconfig", "--add", service_name]) - -def chkconfig_del(service_name): - run(["/sbin/chkconfig", "--del", service_name]) def host_port_open(host, port, socket_stream=True, socket_timeout=None): families = (socket.AF_INET, socket.AF_INET6) @@ -1168,3 +1124,72 @@ def bind_port_responder(port, socket_stream=True, socket_timeout=None, responder s.sendto(responder_data, addr) finally: s.close() + +class AuthConfig: + """ + AuthConfig class implements system-independent interface to configure + system authentication resources. In Red Hat systems this is done with + authconfig(8) utility. + + AuthConfig class is nothing more than a tool to gather configuration options + and execute their processing. These options then converted by an actual implementation + to series of a system calls to appropriate utilities performing real configuration. + + Actual implementation should be done in ipapython/platform/<platform>.py by inheriting from ipautil.AuthConfig + and redefining __build_args() and execute() methods. + .... + class PlatformAuthConfig(ipautil.AuthConfig): + def __build_args(): + ... + + def execute(): + ... + + authconfig = PlatformAuthConfig + .... + + See ipapython/platform/redhat.py for a sample implementation that uses authconfig(8) as its backend. + + From IPA perspective, the authentication configuration should be done with use of ipapython.services.authconfig: + + auth_config = ipapython.services.authconfig() + auth_config.disable("ldap").\ + disable("krb5").\ + disable("sssd").\ + disable("sssdauth").\ + disable("mkhomedir").\ + add_option("update").\ + enable("nis").\ + add_parameter("nisdomain","foobar") + auth_config.execute() + """ + + def __init__(self): + self.parameters = {} + + def enable(self, option): + self.parameters[option] = True + return self + + def disable(self, option): + self.parameters[option] = False + return self + + def add_option(self, option): + self.parameters[option] = None + return self + + def add_parameter(self, option, value): + self.parameters[option] = [value] + return self + + def __build_args(self): + # do nothing + return None + + def execute(self): + # do nothing + return None + + + diff --git a/ipapython/platform/__init__.py b/ipapython/platform/__init__.py new file mode 100644 index 0000000000000000000000000000000000000000..e0a394b0276b3750f0bfe60d8ff88dd17f262285 --- /dev/null +++ b/ipapython/platform/__init__.py @@ -0,0 +1,23 @@ +# Authors: +# Alexander Bokovoy <[email protected]> +# +# Copyright (C) 2011 Red Hat +# see file 'COPYING' for use and warranty information +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +""" +Sub-package containing all platform-specific adaptation for ipapython.services. +Should not be used directly. +""" diff --git a/ipapython/platform/redhat.py b/ipapython/platform/redhat.py new file mode 100644 index 0000000000000000000000000000000000000000..c6d2631cdb3a51edf3a4bd4b906a9aba39c0d47b --- /dev/null +++ b/ipapython/platform/redhat.py @@ -0,0 +1,116 @@ +# Authors: Simo Sorce <[email protected]> +# Alexander Bokovoy <[email protected]> +# +# Copyright (C) 2007-2011 Red Hat +# see file 'COPYING' for use and warranty information +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +from ipapython import ipautil + +SERVICE_PORTMAP = "portmap" +SERVICE_RPCBIND = "rpcbind" +SERVICE_CERTMONGER = "certmonger" +SERVICE_NSCD = "nscd" +SERVICE_NLSCD = "nlscd" + +def service_stop(service_name, instance_name="", capture_output=True): + ipautil.run(["/sbin/service", service_name, "stop", instance_name], + capture_output=capture_output) + +def service_start(service_name, instance_name="", capture_output=True): + ipautil.run(["/sbin/service", service_name, "start", instance_name], + capture_output=capture_output) + +def service_restart(service_name, instance_name="", capture_output=True): + ipautil.run(["/sbin/service", service_name, "restart", instance_name], + capture_output=capture_output) + +def service_is_running(service_name, instance_name=""): + ret = True + try: + ipautil.run(["/sbin/service", service_name, "status", instance_name]) + except ipautil.CalledProcessError: + ret = False + return ret + +def service_is_installed(service_name): + installed = True + try: + ipautil.run(["/sbin/service", service_name, "status"]) + except ipautil.CalledProcessError, e: + if e.returncode == 1: + # service is not installed or there is other serious issue + installed = False + return installed + +def service_is_enabled(service_name): + (stdout, stderr, returncode) = ipautil.run(["/sbin/chkconfig", service_name], raiseonerr=False) + return (returncode == 0) + +def service_on(service_name): + ipautil.run(["/sbin/chkconfig", service_name, "on"]) + +def service_off(service_name): + ipautil.run(["/sbin/chkconfig", service_name, "off"]) + +def service_add(service_name): + ipautil.run(["/sbin/chkconfig", "--add", service_name]) + +def service_del(service_name): + ipautil.run(["/sbin/chkconfig", "--del", service_name]) + +def restore_context(dirname): + """ + restore security context on the directory + SE Linux equivalent is /sbin/restorecon <dirname> + """ + ipautil.run(["/sbin/restorecon", dirname]) + +class RedHatAuthConfig(ipautil.AuthConfig): + """ + AuthConfig class implements system-independent interface to configure + system authentication resources. In Red Hat-produced systems this is done with + authconfig(8) utility. + + """ + S_SHADOW = "shadow" + S_MD5 = "md5" + S_NIS = "nis" + S_LDAP = "ldap" + S_SSSD = "sssd" + + def __build_args(self): + args = [] + for (option, value) in self.parameters.items(): + if type(value) is bool: + if value: + args.append("--enable%s" % (option)) + else: + args.append("--disable%s" % (option)) + elif type(value) in (tuple, list): + args.append("--%s" % (option)) + args.append("%s" % (value[0])) + elif value is None: + args.append("--%s" % (option)) + else: + args.append("--%s%s" % (option,value)) + return args + + def execute(self): + args = self.__build_args() + ipautil.run(["/usr/sbin/authconfig"]+args) + +authconfig = RedHatAuthConfig diff --git a/ipapython/setup.py.in b/ipapython/setup.py.in index d9ee28c5586a9eb468176e101fc133dd45c25fee..df1cacf85b3e6482764e11757cbb63f85c36d0f1 100644 --- a/ipapython/setup.py.in +++ b/ipapython/setup.py.in @@ -65,7 +65,7 @@ def setup_package(): classifiers=filter(None, CLASSIFIERS.split('\n')), platforms = ["Linux", "Solaris", "Unix"], package_dir = {'ipapython': ''}, - packages = [ "ipapython" ], + packages = [ "ipapython", "ipapython.platform" ], ) finally: del sys.path[0] diff --git a/ipaserver/install/bindinstance.py b/ipaserver/install/bindinstance.py index 7aa8a2664dd7b5395c24fefab8b7c1ed0080d35b..6a08a9588a12399ae527e38af253a03b111496b9 100644 --- a/ipaserver/install/bindinstance.py +++ b/ipaserver/install/bindinstance.py @@ -607,7 +607,7 @@ class BindInstance(service.Service): pass if not enabled is None and not enabled: - self.chkconfig_off() + self.service_off() if not running is None and running: self.start() diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py index 3561dc9e43522532bc62a74b85a7c0e3baf7b5d0..f1fbb64646ff39fa6756708b052f555905c4ea17 100644 --- a/ipaserver/install/cainstance.py +++ b/ipaserver/install/cainstance.py @@ -397,7 +397,7 @@ class CADSInstance(service.Service): self.stop(serverid) if not enabled is None and not enabled: - self.chkconfig_off() + self.service_off() if not serverid is None: # drop the trailing / off the config_dirname so the directory @@ -1074,7 +1074,7 @@ class CAInstance(service.Service): enabled = self.restore_state("enabled") if not enabled is None and not enabled: - self.chkconfig_off() + self.service_off() try: ipautil.run(["/usr/bin/pkiremove", "-pki_instance_root=/var/lib", diff --git a/ipaserver/install/certs.py b/ipaserver/install/certs.py index 1bbcbabe6b57f03e5b45e76f2859a6316fc4ea63..292f10133557fadb09da8273eb6be3b0a950f6a1 100644 --- a/ipaserver/install/certs.py +++ b/ipaserver/install/certs.py @@ -481,7 +481,7 @@ class CertDB(object): """ Tell certmonger to track the given certificate nickname. """ - service.chkconfig_on("certmonger") + service.service_on("certmonger") service.start("certmonger") try: (stdout, stderr, rc) = certmonger.start_tracking(nickname, self.secdir, password_file) diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py index 99b021590bdd233a1e0c72c91a3e78a34fd2cd65..806a0225c422e9075d199232e654de6fdce903f6 100644 --- a/ipaserver/install/dsinstance.py +++ b/ipaserver/install/dsinstance.py @@ -312,8 +312,8 @@ class DsInstance(service.Service): self.backup_state("enabled", self.is_enabled()) # At the end of the installation ipa-server-install will enable the # 'ipa' service wich takes care of starting/stopping dirsrv - # self.chkconfig_on() - self.chkconfig_off() + # self.service_on() + self.service_off() def __setup_sub_dict(self): server_root = find_server_root() @@ -645,7 +645,7 @@ class DsInstance(service.Service): pass if not enabled is None and not enabled: - self.chkconfig_off() + self.service_off() serverid = self.restore_state("serverid") if not serverid is None: diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py index d2eb27c96eb2dbf6baf5f1b24edf579cd6d0881a..7ab4d5d369aeb874e74b0ab7aaa610157eb5bea7 100644 --- a/ipaserver/install/httpinstance.py +++ b/ipaserver/install/httpinstance.py @@ -259,7 +259,7 @@ class HTTPInstance(service.Service): db = certs.CertDB(api.env.realm) db.untrack_server_cert("Server-Cert") if not enabled is None and not enabled: - self.chkconfig_off() + self.service_off() for f in ["/etc/httpd/conf.d/ipa.conf", SSL_CONF, NSS_CONF]: try: diff --git a/ipaserver/install/krbinstance.py b/ipaserver/install/krbinstance.py index ecb842772ebe7112b0a4ffbe8593d8fe8c529b0b..a9ca9f7b0279e0b972dc729273bbc5be44342160 100644 --- a/ipaserver/install/krbinstance.py +++ b/ipaserver/install/krbinstance.py @@ -575,7 +575,7 @@ class KrbInstance(service.Service): pass if not enabled is None and not enabled: - self.chkconfig_off() + self.service_off() if not running is None and running: self.start() diff --git a/ipaserver/install/ntpinstance.py b/ipaserver/install/ntpinstance.py index d85e430b73cd67830fb87eb5451f01e4483229bd..7fc16d495b1651800fc83f847077263ddae56d7b 100644 --- a/ipaserver/install/ntpinstance.py +++ b/ipaserver/install/ntpinstance.py @@ -143,7 +143,7 @@ class NTPInstance(service.Service): def __enable(self): self.backup_state("enabled", self.is_enabled()) - self.chkconfig_on() + self.service_on() def create_instance(self): @@ -174,7 +174,7 @@ class NTPInstance(service.Service): pass if not enabled is None and not enabled: - self.chkconfig_off() + self.service_off() if not running is None and running: self.start() diff --git a/ipaserver/install/service.py b/ipaserver/install/service.py index efbb2c9334b4b1267863cb5712cc1f02d7e6cfda..a111a05ef01d0e7dacc6374d55bfdd3f19ea60fd 100644 --- a/ipaserver/install/service.py +++ b/ipaserver/install/service.py @@ -22,6 +22,7 @@ import os, socket import tempfile from ipapython import sysrestore from ipapython import ipautil +from ipapython import services as ipaservices from ipalib import errors import ldap from ipaserver import ipaldap @@ -41,34 +42,34 @@ SERVICE_LIST = { } def stop(service_name, instance_name="", capture_output=True): - ipautil.service_stop(service_name, instance_name, capture_output) + ipaservices.service_stop(service_name, instance_name, capture_output) def start(service_name, instance_name="", capture_output=True): - ipautil.service_start(service_name, instance_name, capture_output) + ipaservices.service_start(service_name, instance_name, capture_output) def restart(service_name, instance_name="", capture_output=True): - ipautil.service_restart(service_name, instance_name, capture_output) + ipaservices.service_restart(service_name, instance_name, capture_output) def is_running(service_name, instance_name=""): - return ipautil.service_is_running(service_name, instance_name) + return ipaservices.service_is_running(service_name, instance_name) def is_installed(service_name): - return ipautil.service_is_installed(service_name) + return ipaservices.service_is_installed(service_name) -def chkconfig_on(service_name): - ipautil.chkconfig_on(service_name) +def service_on(service_name): + ipaservices.service_on(service_name) -def chkconfig_off(service_name): - ipautil.chkconfig_on(service_name) +def service_off(service_name): + ipaservices.service_on(service_name) -def chkconfig_add(service_name): - ipautil.chkconfig_on(service_name) +def service_add(service_name): + ipaservices.service_on(service_name) -def chkconfig_del(service_name): - ipautil.chkconfig_on(service_name) +def service_del(service_name): + ipaservices.service_on(service_name) def is_enabled(service_name): - return ipautil.service_is_enabled(service_name) + return ipaservices.service_is_enabled(service_name) def print_msg(message, output_fd=sys.stdout): logging.debug(message) @@ -224,17 +225,17 @@ class Service(object): def is_running(self): return is_running(self.service_name) - def chkconfig_add(self): - chkconfig_add(self.service_name) + def service_add(self): + service_add(self.service_name) - def chkconfig_del(self): - chkconfig_del(self.service_name) + def service_del(self): + service_del(self.service_name) - def chkconfig_on(self): - chkconfig_on(self.service_name) + def service_on(self): + service_on(self.service_name) - def chkconfig_off(self): - chkconfig_off(self.service_name) + def service_off(self): + service_off(self.service_name) def is_enabled(self): return is_enabled(self.service_name) @@ -297,7 +298,7 @@ class Service(object): return conn def ldap_enable(self, name, fqdn, dm_password, ldap_suffix): - self.chkconfig_off() + self.service_off() conn = self.__get_conn(fqdn, dm_password) entry_name = "cn=%s,cn=%s,%s,%s" % (name, fqdn, @@ -333,10 +334,10 @@ class SimpleServiceInstance(Service): self.restart() def __enable(self): - self.chkconfig_add() + self.service_add() self.backup_state("enabled", self.is_enabled()) if self.gensvc_name == None: - self.chkconfig_on() + self.service_on() else: self.ldap_enable(self.gensvc_name, self.fqdn, self.dm_password, self.suffix) @@ -351,5 +352,5 @@ class SimpleServiceInstance(Service): if not running is None and not running: self.stop() if not enabled is None and not enabled: - self.chkconfig_off() - self.chkconfig_del() + self.service_off() + self.service_del() -- 1.7.6
_______________________________________________ Freeipa-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-devel
