Hi,
This patch forces more consistency into ipa-server-install output. All
descriptions of services that are not instances of
SimpleServiceInstance are now in the following format:
<Description> (<Service Name>)
Furthermore, start_creation method has been modified to support
custom start and end messages.
Sample output produced by this patch attached.
https://fedorahosted.org/freeipa/ticket/3059
Tomas
>From 8614544d08b1b2b4e85156bebbe629215fb14915 Mon Sep 17 00:00:00 2001
From: Tomas Babej <tba...@redhat.com>
Date: Thu, 11 Oct 2012 03:32:17 -0400
Subject: [PATCH] Make service naming in ipa-server-install consistent
Forces more consistency into ipa-server-install output. All
descriptions of services that are not instances of
SimpleServiceInstance are now in the following format:
<Description> (<Service Name>)
Furthermore, start_creation method has been modified to support
custom start and end messages.
https://fedorahosted.org/freeipa/ticket/3059
---
ipaserver/install/adtrustinstance.py | 3 ++-
ipaserver/install/bindinstance.py | 4 +++-
ipaserver/install/cainstance.py | 8 ++++++--
ipaserver/install/dsinstance.py | 8 ++++++--
ipaserver/install/httpinstance.py | 4 +++-
ipaserver/install/krbinstance.py | 8 ++++++--
ipaserver/install/ntpinstance.py | 4 +++-
ipaserver/install/service.py | 22 ++++++++++++++++------
8 files changed, 45 insertions(+), 16 deletions(-)
diff --git a/ipaserver/install/adtrustinstance.py b/ipaserver/install/adtrustinstance.py
index b74f4b685b1cb56bdcdbae15ab6a8f38960bfc66..971f47f347a2f054cb76fc5b9e0e7d9f99cef239 100644
--- a/ipaserver/install/adtrustinstance.py
+++ b/ipaserver/install/adtrustinstance.py
@@ -757,7 +757,8 @@ class ADTRUSTInstance(service.Service):
self.step("adding SIDs to existing users and groups",
self.__add_sids)
- self.start_creation("Configuring CIFS:")
+ self.start_creation("Configuring CIFS",
+ end_message="Done configuring CIFS")
def uninstall(self):
if self.is_configured():
diff --git a/ipaserver/install/bindinstance.py b/ipaserver/install/bindinstance.py
index f43a9ff0f9114388ae072daa82c39aaff716f7b2..67400082278258a2853d54c4df68d00318c20da8 100644
--- a/ipaserver/install/bindinstance.py
+++ b/ipaserver/install/bindinstance.py
@@ -505,7 +505,9 @@ class BindInstance(service.Service):
self.step("configuring named to start on boot", self.__enable)
self.step("changing resolv.conf to point to ourselves", self.__setup_resolv_conf)
- self.start_creation("Configuring named:")
+ self.start_creation("Configuring DNS",
+ end_message = "Done configuring DNS",
+ show_service_name=True)
def __start(self):
try:
diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py
index aabbba39de95937153ebebef79bf8b9082d2e46e..633b64c60bf16b8fc711d2883ecabd15f6818792 100644
--- a/ipaserver/install/cainstance.py
+++ b/ipaserver/install/cainstance.py
@@ -277,7 +277,9 @@ class CADSInstance(service.Service):
self.step("creating directory server instance", self.__create_instance)
self.step("restarting directory server", self.restart_instance)
- self.start_creation("Configuring directory server for the CA", 30)
+ self.start_creation("Configuring directory server for the CA",
+ end_message="Done configuring directory server for the CA",
+ show_service_name=True, runtime=30)
def __setup_sub_dict(self):
server_root = dsinstance.find_server_root()
@@ -576,7 +578,9 @@ class CAInstance(service.Service):
self.step("configure Server-Cert certificate renewal", self.track_servercert)
self.step("Configure HTTP to proxy connections", self.__http_proxy)
- self.start_creation("Configuring certificate server", 210)
+ self.start_creation("Configuring directory server for the CA",
+ end_message="Done configuring directory server for the CA",
+ show_service_name=True, runtime=210)
def __spawn_instance(self):
"""
diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py
index 2c9832d0277560ea85bdc29c7167a46430c78771..849661a1ec4bdb940d745b82a9631f64bf546e93 100644
--- a/ipaserver/install/dsinstance.py
+++ b/ipaserver/install/dsinstance.py
@@ -255,7 +255,9 @@ class DsInstance(service.Service):
self.__common_post_setup()
- self.start_creation("Configuring directory server", 60)
+ self.start_creation("Configuring directory server",
+ end_message="Done configuring directory server",
+ show_service_name=True, runtime=60)
def create_replica(self, realm_name, master_fqdn, fqdn,
domain_name, dm_password, pkcs12_info=None):
@@ -289,7 +291,9 @@ class DsInstance(service.Service):
self.__common_post_setup()
- self.start_creation("Configuring directory server", 60)
+ self.start_creation("Configuring directory server",
+ end_message="Done configuring directory server",
+ show_service_name=True, runtime=60)
def __setup_replica(self):
diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py
index 29077367dc17b6df0618c4740fad445edc43e790..a234fb9916762a44dc5736bbfb5d1e10aefe3e0c 100644
--- a/ipaserver/install/httpinstance.py
+++ b/ipaserver/install/httpinstance.py
@@ -99,7 +99,9 @@ class HTTPInstance(service.Service):
self.step("restarting httpd", self.__start)
self.step("configuring httpd to start on boot", self.__enable)
- self.start_creation("Configuring the web interface", 60)
+ self.start_creation("Configuring the web interface",
+ end_message="Done configuring the web interface",
+ show_service_name=True, runtime=60)
def __start(self):
self.backup_state("running", self.is_running())
diff --git a/ipaserver/install/krbinstance.py b/ipaserver/install/krbinstance.py
index 9101e6fcce353eea4ed9457808896dc06da1d966..5f0a2190ba8fa7f03f9aeaaaac3d4bc9a768f52d 100644
--- a/ipaserver/install/krbinstance.py
+++ b/ipaserver/install/krbinstance.py
@@ -180,7 +180,9 @@ class KrbInstance(service.Service):
self.__common_post_setup()
- self.start_creation("Configuring Kerberos KDC", 30)
+ self.start_creation("Configuring Kerberos KDC",
+ end_message="Done configuring Kerberos KDC",
+ show_service_name=True, runtime=30)
self.kpasswd = KpasswdInstance()
self.kpasswd.create_instance('KPASSWD', self.fqdn, self.admin_password, self.suffix, realm=self.realm)
@@ -209,7 +211,9 @@ class KrbInstance(service.Service):
self.__common_post_setup()
- self.start_creation("Configuring Kerberos KDC", 30)
+ self.start_creation("Configuring Kerberos KDC",
+ end_message="Done configuring Kerberos KDC",
+ show_service_name=True, runtime=30)
self.kpasswd = KpasswdInstance()
self.kpasswd.create_instance('KPASSWD', self.fqdn, self.admin_password, self.suffix)
diff --git a/ipaserver/install/ntpinstance.py b/ipaserver/install/ntpinstance.py
index e1b72dda595bf28c3789231423d8293d34d5a9a2..54de326407df23a4e94f29ae28b317374633443e 100644
--- a/ipaserver/install/ntpinstance.py
+++ b/ipaserver/install/ntpinstance.py
@@ -155,7 +155,9 @@ class NTPInstance(service.Service):
self.step("configuring ntpd to start on boot", self.__enable)
self.step("starting ntpd", self.__start)
- self.start_creation("Configuring ntpd")
+ self.start_creation("Configuring NTP daemon",
+ end_message="Done configuring NTP daemon",
+ show_service_name=True)
def uninstall(self):
if self.is_configured():
diff --git a/ipaserver/install/service.py b/ipaserver/install/service.py
index 1d157eba474615307663993d39fcbff41c3197ad..4ff44c9c64a213e4e62feeb201090287ac52adb6 100644
--- a/ipaserver/install/service.py
+++ b/ipaserver/install/service.py
@@ -296,7 +296,12 @@ class Service(object):
def step(self, message, method):
self.steps.append((message, method))
- def start_creation(self, message, runtime=-1):
+ def start_creation(self, start_message, end_message=None, show_service_name=False, runtime=-1):
+ if show_service_name is True:
+ start_message = '%s (%s)' % (start_message, self.service_name)
+ if end_message is not None:
+ end_message = '%s (%s)' % (end_message, self.service_name)
+
if runtime > 0:
plural=''
est = time.localtime(runtime)
@@ -304,15 +309,15 @@ class Service(object):
if est.tm_min > 1:
plural = 's'
if est.tm_sec > 0:
- self.print_msg('%s: Estimated time %d minute%s %d seconds' % (message, est.tm_min, plural, est.tm_sec))
+ self.print_msg('%s: Estimated time %d minute%s %d seconds' % (start_message, est.tm_min, plural, est.tm_sec))
else:
- self.print_msg('%s: Estimated time %d minute%s' % (message, est.tm_min, plural))
+ self.print_msg('%s: Estimated time %d minute%s' % (start_message, est.tm_min, plural))
else:
if est.tm_sec > 1:
plural = 's'
- self.print_msg('%s: Estimated time %d second%s' % (message, est.tm_sec, plural))
+ self.print_msg('%s: Estimated time %d second%s' % (start_message, est.tm_sec, plural))
else:
- self.print_msg(message)
+ self.print_msg(start_message)
step = 0
for (message, method) in self.steps:
@@ -324,7 +329,12 @@ class Service(object):
root_logger.debug(" duration: %d seconds" % d.seconds)
step += 1
- self.print_msg("done configuring %s." % self.service_name)
+ if end_message is not None:
+ self.print_msg('%s.' % end_message)
+ elif show_service_name is True:
+ self.print_msg('Done configuring %s.' % self.service_name)
+ else:
+ self.print_msg('Done.')
self.steps = []
--
1.7.11.4
The log file for this installation can be found in
/var/log/ipaserver-install.log
==============================================================================
This program will set up the FreeIPA Server.
This includes:
* Configure a stand-alone CA (dogtag) for certificate management
* Configure the Network Time Daemon (ntpd)
* Create and configure an instance of Directory Server
* Create and configure a Kerberos Key Distribution Center (KDC)
* Configure Apache (httpd)
* Configure DNS (bind)
To accept the default shown in brackets, press the Enter key.
Warning: skipping DNS resolution of host vm-116.idm.lab.bos.redhat.com
The domain name has been determined based on the host name.
Using reverse zone 78.16.10.in-addr.arpa.
The IPA Master Server will be configured with:
Hostname: vm-116.idm.lab.bos.redhat.com
IP address: 10.16.78.116
Domain name: idm.lab.bos.redhat.com
Realm name: IDM.LAB.BOS.REDHAT.COM
BIND DNS server will be configured to serve IPA domain with:
Forwarders: 10.16.255.2
Reverse zone: 78.16.10.in-addr.arpa.
Configuring NTP daemon (ntpd)
[1/4]: stopping ntpd
[2/4]: writing configuration
[3/4]: configuring ntpd to start on boot
[4/4]: starting ntpd
Done configuring NTP daemon (ntpd).
Configuring directory server for the CA (pkids): Estimated time 30 seconds
[1/3]: creating directory server user
[2/3]: creating directory server instance
[3/3]: restarting directory server
Done configuring directory server for the CA (pkids).
Configuring directory server for the CA (pki-cad): Estimated time 3 minutes 30
seconds
[1/21]: creating certificate server user
[2/21]: creating pki-ca instance
[3/21]: configuring certificate server instance
[4/21]: disabling nonces
[5/21]: creating CA agent PKCS#12 file in /root
[6/21]: creating RA agent certificate database
[7/21]: importing CA chain to RA certificate database
[8/21]: fixing RA database permissions
[9/21]: setting up signing cert profile
[10/21]: set up CRL publishing
[11/21]: set certificate subject base
[12/21]: enabling Subject Key Identifier
[13/21]: setting audit signing renewal to 2 years
[14/21]: configuring certificate server to start on boot
[15/21]: restarting certificate server
[16/21]: requesting RA certificate from CA
[17/21]: issuing RA agent certificate
[18/21]: adding RA agent as a trusted user
[19/21]: configure certificate renewals
[20/21]: configure Server-Cert certificate renewal
[21/21]: Configure HTTP to proxy connections
Done configuring directory server for the CA (pki-cad).
Configuring directory server (dirsrv): Estimated time 1 minute
[1/36]: creating directory server user
[2/36]: creating directory server instance
[3/36]: adding default schema
[4/36]: enabling memberof plugin
[5/36]: enabling winsync plugin
[6/36]: configuring replication version plugin
[7/36]: enabling IPA enrollment plugin
[8/36]: enabling ldapi
[9/36]: configuring uniqueness plugin
[10/36]: configuring uuid plugin
[11/36]: configuring modrdn plugin
[12/36]: enabling entryUSN plugin
[13/36]: configuring lockout plugin
[14/36]: creating indices
[15/36]: enabling referential integrity plugin
[16/36]: configuring ssl for ds instance
[17/36]: configuring certmap.conf
[18/36]: configure autobind for root
[19/36]: configure new location for managed entries
[20/36]: restarting directory server
[21/36]: adding default layout
[22/36]: adding delegation layout
[23/36]: adding replication acis
[24/36]: creating container for managed entries
[25/36]: configuring user private groups
[26/36]: configuring netgroups from hostgroups
[27/36]: creating default Sudo bind user
[28/36]: creating default Auto Member layout
[29/36]: adding range check plugin
[30/36]: creating default HBAC rule allow_all
[31/36]: initializing group membership
[32/36]: adding master entry
[33/36]: configuring Posix uid/gid generation
[34/36]: enabling compatibility plugin
[35/36]: tuning directory server
[36/36]: configuring directory to start on boot
Done configuring directory server (dirsrv).
Configuring Kerberos KDC (krb5kdc): Estimated time 30 seconds
[1/10]: adding sasl mappings to the directory
[2/10]: adding kerberos container to the directory
[3/10]: configuring KDC
[4/10]: initialize kerberos container
[5/10]: adding default ACIs
[6/10]: creating a keytab for the directory
[7/10]: creating a keytab for the machine
[8/10]: adding the password extension to the directory
[9/10]: starting the KDC
[10/10]: configuring KDC to start on boot
Done configuring Kerberos KDC (krb5kdc).
Configuring kadmin
[1/2]: starting kadmin
[2/2]: configuring kadmin to start on boot
Done.
Configuring ipa_memcached
[1/2]: starting ipa_memcached
[2/2]: configuring ipa_memcached to start on boot
Done.
Configuring the web interface (httpd): Estimated time 1 minute
[1/14]: disabling mod_ssl in httpd
[2/14]: setting mod_nss port to 443
[3/14]: setting mod_nss password file
[4/14]: enabling mod_nss renegotiate
[5/14]: adding URL rewriting rules
[6/14]: configuring httpd
[7/14]: setting up ssl
[8/14]: setting up browser autoconfig
[9/14]: publish CA cert
[10/14]: creating a keytab for httpd
[11/14]: clean up any existing httpd ccache
[12/14]: configuring SELinux for httpd
[13/14]: restarting httpd
[14/14]: configuring httpd to start on boot
Done configuring the web interface (httpd).
Applying LDAP updates
Restarting the directory server
Restarting the KDC
Configuring DNS (named)
[1/9]: adding DNS container
[2/9]: setting up our zone
[3/9]: setting up reverse zone
[4/9]: setting up our own record
[5/9]: setting up kerberos principal
[6/9]: setting up named.conf
[7/9]: restarting named
[8/9]: configuring named to start on boot
[9/9]: changing resolv.conf to point to ourselves
Done configuring DNS (named).
Global DNS configuration in LDAP server is empty
You can use 'dnsconfig-mod' command to set global DNS options that
would override settings in local named.conf files
Restarting the web server
==============================================================================
Setup complete
Next steps:
1. You must make sure these network ports are open:
TCP Ports:
* 80, 443: HTTP/HTTPS
* 389, 636: LDAP/LDAPS
* 88, 464: kerberos
* 53: bind
UDP Ports:
* 88, 464: kerberos
* 53: bind
* 123: ntp
2. You can now obtain a kerberos ticket using the command: 'kinit admin'
This ticket will allow you to use the IPA tools (e.g., ipa user-add)
and the web user interface.
Be sure to back up the CA certificate stored in /root/cacert.p12
This file is required to create replicas. The password for this
file is the Directory Manager password
Password for ad...@idm.lab.bos.redhat.com:
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
