Petr^2 and Tomas were not happy by the way https://fedorahosted.org/freeipa/ticket/5175 was handled initially, so here is a patch that tries to amend some of the issues.

--
Martin^3 Babinsky
From 3c0cf0b0d6584ba0a1b329e409b67bcdffefbd1f Mon Sep 17 00:00:00 2001
From: Martin Babinsky <mbabi...@redhat.com>
Date: Mon, 26 Oct 2015 14:55:21 +0100
Subject: [PATCH] ipa-replica-prepare: more robust and concise check for
 supported domain level

https://fedorahosted.org/freeipa/ticket/5175
---
 ipaserver/install/ipa_replica_prepare.py | 49 ++++++++++++++++++--------------
 1 file changed, 27 insertions(+), 22 deletions(-)

diff --git a/ipaserver/install/ipa_replica_prepare.py b/ipaserver/install/ipa_replica_prepare.py
index 8998bc094e22ba9a95d528b09f73b2884d78462f..fc495204dfc5911d8b8fb896a87a14706f38cfb1 100644
--- a/ipaserver/install/ipa_replica_prepare.py
+++ b/ipaserver/install/ipa_replica_prepare.py
@@ -44,20 +44,6 @@ from ipaplatform.paths import paths
 from ipalib.constants import CACERT, DOMAIN_LEVEL_0
 
 
-UNSUPPORTED_DOMAIN_LEVEL_TEMPLATE = """
-Replica creation using '{command_name}' to generate replica file
-is supported only in {domain_level}-level IPA domain.
-
-The current IPA domain level is {curr_domain_level} and thus the replica must
-be created by promoting an existing IPA client.
-
-To set up a replica use the following procedure:
-    1.) set up a client on the host using 'ipa-client-install'
-    2.) promote the client to replica running 'ipa-replica-install'
-        *without* replica file specified
-"""
-
-
 class ReplicaPrepare(admintool.AdminTool):
     command_name = 'ipa-replica-prepare'
 
@@ -175,7 +161,7 @@ class ReplicaPrepare(admintool.AdminTool):
         api.bootstrap(in_server=True)
         api.finalize()
 
-        self.check_domainlevel(api)
+        self.check_for_supported_domain_level()
 
         if api.env.host == self.replica_fqdn:
             raise admintool.ScriptError("You can't create a replica on itself")
@@ -690,12 +676,31 @@ class ReplicaPrepare(admintool.AdminTool):
             '-o', ca_file
         ])
 
-    def check_domainlevel(self, api):
+    def check_for_supported_domain_level(self):
+        """
+        check if we are in 0-level topology. If not, raise an error pointing
+        the user to the replica promotion pathway
+        """
         domain_level = dsinstance.get_domain_level(api)
-        if domain_level > DOMAIN_LEVEL_0:
-            raise RuntimeError(
-                UNSUPPORTED_DOMAIN_LEVEL_TEMPLATE.format(
-                    command_name=self.command_name,
-                    domain_level=DOMAIN_LEVEL_0,
-                    curr_domain_level=domain_level)
+
+        if domain_level != DOMAIN_LEVEL_0:
+            self.log.error(
+                "Current IPA domain level is {domain_level}.".format(
+                    domain_level=domain_level
+                )
+            )
+            self.log.error("Using replica files to set up IPA replicas is not "
+                           "supported."
+            )
+            self.log.info(
+                "To create a replica, you must promote an existing "
+                "IPA client.".format(domain_level=domain_level)
+            )
+            raise errors.InvalidDomainLevelError(
+                reason=(
+                    "'{command}' requires domain level {prep_domain_level}"
+                ).format(
+                    command=self.command_name,
+                    prep_domain_level=DOMAIN_LEVEL_0
+                )
             )
-- 
2.4.3

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to