This patch allows to disable service in LDAP to prevents service to be
started by "ipactl restart"
Required by DNSSEC
Patch attached
--
Martin Basti
From df330b6b2d630982a25ceaf7c7f6af79327f9089 Mon Sep 17 00:00:00 2001
From: Martin Basti <mba...@redhat.com>
Date: Thu, 28 Aug 2014 19:27:44 +0200
Subject: [PATCH] LDAP disable service
This patch allows to disable service in LDAP (ipactl will not start it)
---
ipaserver/install/service.py | 54 +++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 53 insertions(+), 1 deletion(-)
diff --git a/ipaserver/install/service.py b/ipaserver/install/service.py
index 1f01b275135173b7d0bfdb4d56729438a0853142..f008c7b8f94f3c8489b2c69f8d7cac52c2172a82 100644
--- a/ipaserver/install/service.py
+++ b/ipaserver/install/service.py
@@ -368,13 +368,40 @@ class Service(object):
self.steps = []
- def ldap_enable(self, name, fqdn, dm_password, ldap_suffix, config=[]):
+ def ldap_enable(self, name, fqdn, dm_password, ldap_suffix, config=[], enable_if_exists=False):
assert isinstance(ldap_suffix, DN)
self.disable()
if not self.admin_conn:
self.ldap_connect()
entry_name = DN(('cn', name), ('cn', fqdn), ('cn', 'masters'), ('cn', 'ipa'), ('cn', 'etc'), ldap_suffix)
+
+ # enable disabled service
+ if enable_if_exists:
+ try:
+ entry = self.admin_conn.get_entry(entry_name, ['ipaConfigString'])
+ except errors.NotFound:
+ pass
+ else:
+ if 'enabledService' in entry.get('ipaConfigString', []):
+ root_logger.debug("failed to re-enable %s Service startup entry (already enabled)" % name)
+ return
+
+ if 'ipaConfigString' in entry and entry['ipaConfigString'] is not None:
+ entry['ipaConfigString'].append('enabledService')
+ else:
+ entry['ipaConfigString'] = ['serviceEnabled']
+ root_logger.warning("%s Service startup entry has no 'ipaConfigString' attributes" % name)
+
+ try:
+ self.admin_conn.update_entry(entry)
+ except:
+ root_logger.debug("failed to re-enable %s Service startup entry (already enabled)" % name)
+ raise
+ else:
+ return
+
+
order = SERVICE_LIST[name][1]
entry = self.admin_conn.make_entry(
entry_name,
@@ -390,6 +417,31 @@ class Service(object):
root_logger.debug("failed to add %s Service startup entry" % name)
raise e
+ def ldap_disable(self, name, fqdn, ldap_suffix):
+ assert isinstance(ldap_suffix, DN)
+ if not self.admin_conn:
+ self.ldap_connect()
+
+ entry_name = DN(('cn', name), ('cn', fqdn), ('cn', 'masters'), ('cn', 'ipa'), ('cn', 'etc'), ldap_suffix)
+ try:
+ entry = self.admin_conn.get_entry(entry_name, ['ipaConfigString'])
+ except errors.NotFound:
+ root_logger.debug("failed to disable %s Service startup entry (service not found)" % name)
+ raise
+
+ if 'enabledService' not in entry.get('ipaConfigString', []):
+ root_logger.debug("failed to disable %s Service startup entry (Service already disabled)" % name)
+ return
+
+ entry['ipaConfigString'].remove('enabledService')
+
+ try:
+ self.admin_conn.update_entry(entry)
+ except:
+ root_logger.debug("failed to disable %s Service startup entry" % name)
+ raise
+
+
class SimpleServiceInstance(Service):
def create_instance(self, gensvc_name=None, fqdn=None, dm_password=None, ldap_suffix=None, realm=None):
self.gensvc_name = gensvc_name
--
1.8.3.1
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
