On 12/02/2015 09:53 AM, Martin Babinsky wrote:
> On 12/01/2015 04:33 PM, Jan Cholasta wrote:
>> On 1.12.2015 16:19, Tomas Babej wrote:
>>>
>>>
>>> On 12/01/2015 08:19 AM, Jan Cholasta wrote:
>>>> On 30.11.2015 19:17, Simo Sorce wrote:
>>>>> On Mon, 2015-11-30 at 12:25 +0100, Tomas Babej wrote:
>>>>>> + # Perform only if we have the necessary options
>>>>>> + if not any([installer.admin_password, installer.keytab]):
>>>>>> + sys.exit("IPA client is not configured on this system.\n"
>>>>>> + "You must use a replica file or join the system "
>>>>>> + "either by using by running 'ipa-client-install'. "
>>>>>> + "Alternatively, you may specify enrollment related
>>>>>> options "
>>>>>> + "directly, see man ipa-replica-install.")
>>>>>> +
>>>>>
>>>>> There is a typo "either by using by "
>>>>>
>>>>> Also this seem to be run in promote_check, so you should not mention
>>>>> replica files, as promotion can only be run at domain level 1 where
>>>>> replica files cannot be used.
>>>>
>>>> One more thing from me: admin password should be passed to
>>>> ipa-client-install through stdin. Apply the following changes (tested
>>>> and working) to make it so:
>>>>
>>>> args.extend(["--hostname", installer.host_name])
>>>>
>>>> if installer.admin_password:
>>>> - args.extend(["--password", installer.admin_password])
>>>> args.extend(["--principal", installer.principal or
>>>> "admin"])
>>>> if installer.keytab:
>>>> args.extend(["--keytab", installer.keytab])
>>>> @@ -792,7 +791,13 @@ def ensure_enrolled(installer):
>>>> args.append("--no-sshd")
>>>> if installer.mkhomedir:
>>>> args.append("--mkhomedir")
>>>> - ipautil.run(args)
>>>> +
>>>> + if installer.admin_password:
>>>> + stdin = installer.admin_password
>>>> + else:
>>>> + stdin = None
>>>> +
>>>> + ipautil.run(args, stdin=stdin)
>>>> except Exception as e:
>>>> sys.exit("Configuration of client side components failed!\n"
>>>> "ipa-client-install returned: " + str(e))
>>>>
>>>
>>> Both Simo's and Jan's suggestions make sense, thanks.
>>>
>>> Updated patch attached.
>>
>> Thank you, ACK.
>>
>> Pushed to master: 034e76062fd897dc67b5a395735a5471257bfc8b
>>
>
> It would be nice if we could update ipa-replica-install manpage and
> document all three different ways to set up a replica
> (ipa-replica-install w/ replica file in domain level 0,
> ipa-client-install & ipa-replica-install via promotion in domain level
> 1, single ipa-replica-install w/ client-specific options in domain level
> 1).
>
> Especially in the latter case it was not obvious to me which options
> should I use to set up client and replica in one go without peeking in
> the source code.
>
Yes, a man page update is long due and in the forge already.
Tomas
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
