On 10/02/2012 03:55 PM, Rob Crittenden wrote:
Tomas Babej wrote:
When executing ipa-replica-manage connect to an unknown or irrelevant
master, we now print a sensible error message informing the user
about this possiblity as well.
I put a whole bunch of code into a try/except and this may be catching
errors in unexpected ways.
I'm not entirely sure right now what we should do, but looking at the
code in the try:
We take in replica1 and replica1 as arguments (the default for
replica1 is the current host).
If either of these raise a NotFound it means there there is no master
of that name. Does that mean that the master was deleted? Well,
A lot has changed since I did this, I may have been relying on a
side-effect, or just hadn't tested well-enough.
I wonder if we need that message at all. Is "foo" is not an IPA server
good enough? It still might be confusing if someone didn't know that
"foo" was deleted and it was still running. We could probably verify
that it is at least an IPA server by doing similar checking in the
client, it all depends on how far we want to take it.
I modified the patch. Now if the NotFound error is encountered, we try
to investigate whether we're trying to connect to an IPA server at all.
Please see if you have any suggestions.
>From 8bcd599a4fb2bb33f0592170df4a0f6b76d8aa2f Mon Sep 17 00:00:00 2001
From: Tomas Babej <tba...@redhat.com>
Date: Tue, 2 Oct 2012 09:15:33 -0400
Subject: [PATCH] IPA Server check in ipa-replica-manage
When executing ipa-replica-manage connect to an master that raises
NotFound error we now check if the master is at least IPA server.
If so, we inform the user that it is probably foreign or previously
deleted master. If not, we inform the user that the master is not
an IPA server at all.
install/tools/ipa-replica-manage | 15 ++++++++++++++-
1 file changed, 14 insertions(+), 1 deletion(-)
diff --git a/install/tools/ipa-replica-manage b/install/tools/ipa-replica-manage
index 897d117681d3e1559d5710366101b50540b705c8..19c9fea3092be0da4c9fed2640183a1939141a59 100755
@@ -33,6 +33,7 @@ from ipalib import api, errors, util
from ipapython.ipa_log_manager import *
from ipapython.dn import DN
from ipapython.config import IPAOptionParser
+from ipaclient import ipadiscovery
CACERT = "/etc/ipa/ca.crt"
@@ -709,7 +710,19 @@ def add_link(realm, replica1, replica2, dirman_passwd, options):
- sys.exit("You cannot connect to a previously deleted master")
+ ds = ipadiscovery.IPADiscovery()
+ ret = ds.search(server=replica2)
+ if ret == -4: # not an IPA Server
+ sys.exit("Connection unsuccessful: %s is not an IPA Server." %
+ elif ret == 0: # success
+ sys.exit("Connection unsuccessful: %s is an IPA Server, "
+ "but it might be unknown, foreign or previously deleted "
+ "one." % replica2)
+ sys.exit("Connection unsuccessful.")
repl1.setup_gssapi_replication(replica2, DN(('cn', 'Directory Manager')), dirman_passwd)
print "Connected '%s' to '%s'" % (replica1, replica2)
Freeipa-devel mailing list