See commit message & ticket for details.

https://fedorahosted.org/freeipa/ticket/3889

--
PetrĀ³
From 0c159673b1df2b31ce693398536ff31ebf4bb53a Mon Sep 17 00:00:00 2001
From: Petr Viktorin <pvikt...@redhat.com>
Date: Tue, 10 Dec 2013 13:00:16 +0100
Subject: [PATCH] ipa-replica-install: Move check for existing host before DNS
 resolution check

The checks for existing host and existing replication agreement
set a flag that caused an exit() if any of them failed.

Between these checks there was an unrelated check, DNS resolution.
If the host and DNS checks both failed, this made it look like
the DNS check was the cause of failed install. Especially if the user
ignored the DNS check in unattended mode, the output was confusing.

Remove the flag and fail directly.
Do the replication agreement check first; fixing this with
ipa-replica-manage del will also remove the host entry.

Also, use the logger for error messages so they appear in the log
file as well as on the console.

https://fedorahosted.org/freeipa/ticket/3889
---
 install/tools/ipa-replica-install | 41 ++++++++++++++++++++++++---------------
 1 file changed, 25 insertions(+), 16 deletions(-)

diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install
index 0e7aefef48d47fefa290607e0604c014d9469fdd..462526bb456c6b8f80812cd061db26f590c8059d 100755
--- a/install/tools/ipa-replica-install
+++ b/install/tools/ipa-replica-install
@@ -606,14 +606,34 @@ def main():
                      tls_cacertfile=CACERT)
         replman = ReplicationManager(config.realm_name, config.master_host_name,
                                      config.dirman_password)
-        found = False
+
+        # Check that we don't already have a replication agreement
+        try:
+            (agreement_cn, agreement_dn) = replman.agreement_dn(host)
+            entry = conn.get_entry(agreement_dn, ['*'])
+        except errors.NotFound:
+            pass
+        else:
+            root_logger.info('Error: A replication agreement for this host '
+                'already exists.')
+            print ('A replication agreement for this host already exists. '
+                   'It needs to be removed.')
+            print "Run this on the master that generated the info file:"
+            print "    %% ipa-replica-manage del %s --force" % host
+            exit(3)
+
+        # Check pre-existing host entry
         try:
             entry = conn.find_entries(u'fqdn=%s' % host, ['fqdn'], DN(api.env.container_host, api.env.basedn))
-            print "The host %s already exists on the master server.\nYou should remove it before proceeding:" % host
+        except errors.NotFound:
+            pass
+        else:
+            root_logger.info(
+                'Error: Host %s already exists on the master server.' % host)
+            print 'The host %s already exists on the master server.' % host
+            print "You should remove it before proceeding:"
             print "    %% ipa host-del %s" % host
-            found = True
-        except errors.NotFound:
-            pass
+            exit(3)
 
         # If remote host has DNS, check forward/reverse resolution
         with temporary_ldap2_connection(
@@ -633,17 +653,6 @@ def main():
             root_logger.debug('No IPA DNS servers, '
                 'skipping forward/reverse resolution check')
 
-        # Check that we don't already have a replication agreement
-        try:
-            (agreement_cn, agreement_dn) = replman.agreement_dn(host)
-            entry = conn.get_entry(agreement_dn, ['*'])
-            print "A replication agreement for this host already exists. It needs to be removed. Run this on the master that generated the info file:"
-            print "    %% ipa-replica-manage del %s --force" % host
-            found = True
-        except errors.NotFound:
-            pass
-        if found:
-            sys.exit(3)
     except errors.ACIError:
         sys.exit("\nThe password provided is incorrect for LDAP server %s" % config.master_host_name)
     except errors.LDAPError:
-- 
1.8.3.1

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to