On 01/22/2015 11:04 AM, Martin Babinsky wrote:
The attached patch addresses https://fedorahosted.org/freeipa/ticket/4487.
Using 'remove-ds.pl' script from 389-ds during server/replica
uninstallation should allow for cleaner removal of DS instance with no
leftovers (opened ports etc).
Martin^3
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Thanks to Martin^2 for explaining the rules governing the placement of
new attributes into BasePathNamespace class.
Attaching updated patch.
Martin^3
From e89896f1dc4b04f34e19dd5e563209dde2771f2e Mon Sep 17 00:00:00 2001
From: Martin Babinsky <mbabi...@redhat.com>
Date: Wed, 21 Jan 2015 13:40:36 +0100
Subject: [PATCH] Use 'remove-ds.pl' to remove DS instance
The patch adds a function which calls 'remove-ds.pl' during DS instance
removal. This should allow for a more thorough removal of DS related data
during server uninstallation (such as closing custom ports, cleaning up
slapd-* entries etc.)
This patch is related to https://fedorahosted.org/freeipa/ticket/4487.
---
ipaplatform/base/paths.py | 1 +
ipaserver/install/dsinstance.py | 35 +++++++++++++++++++++++++++++++++--
2 files changed, 34 insertions(+), 2 deletions(-)
diff --git a/ipaplatform/base/paths.py b/ipaplatform/base/paths.py
index 5c52714abaf7c5bddbeb80c68bd7cd6e0cac4459..22a3b9bb90d8b75278cb853d9b15de606db0602b 100644
--- a/ipaplatform/base/paths.py
+++ b/ipaplatform/base/paths.py
@@ -224,6 +224,7 @@ class BasePathNamespace(object):
NTPD = "/usr/sbin/ntpd"
PKIDESTROY = "/usr/sbin/pkidestroy"
PKISPAWN = "/usr/sbin/pkispawn"
+ REMOVE_DS_PL = "/usr/sbin/remove-ds.pl"
RESTORECON = "/usr/sbin/restorecon"
SELINUXENABLED = "/usr/sbin/selinuxenabled"
SETSEBOOL = "/usr/sbin/setsebool"
diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py
index 66267f4cdde548266b15594e3640bf8247c64859..3a466f5e91d9d303de05d0e0ce55d9e05ce0d20e 100644
--- a/ipaserver/install/dsinstance.py
+++ b/ipaserver/install/dsinstance.py
@@ -105,6 +105,31 @@ def erase_ds_instance_data(serverid):
# except:
# pass
+
+def remove_ds_instance(serverid, force=False):
+ """A wrapper around the 'remove-ds.pl' script used by
+ 389ds to remove a single directory server instance. In case of error
+ additional call with the '-f' flag is performed (forced removal). If this
+ also fails, then an exception is raised.
+ """
+ instance_name = '-'.join(['slapd', serverid])
+ args = [paths.REMOVE_DS_PL, '-i', instance_name]
+ if force:
+ args.append('-f')
+ root_logger.debug("Forcing instance removal")
+
+ try:
+ ipautil.run(args)
+ except ipautil.CalledProcessError:
+ if force:
+ root_logger.debug(("Instance removal failed. "
+ "Manual cleanup required"))
+ raise
+ root_logger.debug(("'%s' failed. "
+ "Attempting to force removal" % paths.REMOVE_DS_PL))
+ remove_ds_instance(serverid, force=True)
+
+
def get_ds_instances():
'''
Return a sorted list of all 389ds instances.
@@ -774,9 +799,15 @@ class DsInstance(service.Service):
self.disable()
serverid = self.restore_state("serverid")
- if not serverid is None:
+ if serverid is not None:
self.stop_tracking_certificates(serverid)
- erase_ds_instance_data(serverid)
+ root_logger.debug("Removing DS instance %s" % serverid)
+ try:
+ remove_ds_instance(serverid)
+ except ipautil.CalledProcessError:
+ root_logger.error("Failed to remove DS instance.")
+ root_logger.debug("Cleaning up instance data manually.")
+ erase_ds_instance_data(serverid)
# At one time we removed this user on uninstall. That can potentially
# orphan files, or worse, if another useradd runs in the intermim,
--
2.1.0
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
