URL: https://github.com/freeipa/freeipa/pull/182 Author: tiran Title: #182: Use env var IPA_CONFDIR to get confdir for 'cli' context Action: synchronized
To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/182/head:pr182 git checkout pr182
From 8ffcd720d01bc7394a3de7ce7d8c7d6e00fb35e8 Mon Sep 17 00:00:00 2001 From: Christian Heimes <chei...@redhat.com> Date: Mon, 24 Oct 2016 10:35:41 +0200 Subject: [PATCH] Use env var IPA_CONFDIR to get confdir The environment variable IPA_CONFDIR overrides the default confdir path. The value of the environment variable must be an absolute path to an existing directory. The new variable makes it much simpler to use the 'ipa' command and ipalib with a local configuration directory. Some contexts like server, installer and upgrades do not support the env var. Signed-off-by: Christian Heimes <chei...@redhat.com> --- client/man/ipa.1 | 4 ++++ install/tools/ipa-httpd-kdcproxy | 2 +- install/tools/ipa-replica-conncheck | 2 +- ipalib/config.py | 18 +++++++++++++++++- 4 files changed, 23 insertions(+), 3 deletions(-) diff --git a/client/man/ipa.1 b/client/man/ipa.1 index 9194ca0..b843e7b 100644 --- a/client/man/ipa.1 +++ b/client/man/ipa.1 @@ -186,6 +186,10 @@ The ipa client will determine which server to connect to in this order: .TP If a kerberos error is raised by any of the requests then it will stop processing and display the error message. +.SH "ENVIRONMENT VARIABLES" +.TP +\fBIPA_CONFDIR\fR +Override path to confdir (default: \fB/etc/ipa\fR). .SH "FILES" .TP \fB/etc/ipa/default.conf\fR diff --git a/install/tools/ipa-httpd-kdcproxy b/install/tools/ipa-httpd-kdcproxy index 20674c2..20daacd 100755 --- a/install/tools/ipa-httpd-kdcproxy +++ b/install/tools/ipa-httpd-kdcproxy @@ -184,7 +184,7 @@ class KDCProxyConfig(object): def main(debug=DEBUG, time_limit=TIME_LIMIT): # initialize API without file logging if not api.isdone('bootstrap'): - api.bootstrap(context='ipa-httpd-kdcproxy', log=None, debug=debug) + api.bootstrap(context='server', log=None, debug=debug) standard_logging_setup(verbose=True, debug=debug) try: diff --git a/install/tools/ipa-replica-conncheck b/install/tools/ipa-replica-conncheck index 4045e41..fbe2dd5 100755 --- a/install/tools/ipa-replica-conncheck +++ b/install/tools/ipa-replica-conncheck @@ -478,7 +478,7 @@ def main(): else: nss_dir = None - api.bootstrap(context='client', xmlrpc_uri=xmlrpc_uri, + api.bootstrap(context='installer', xmlrpc_uri=xmlrpc_uri, nss_dir=nss_db.secdir) api.finalize() try: diff --git a/ipalib/config.py b/ipalib/config.py index cf9e925..7b32056 100644 --- a/ipalib/config.py +++ b/ipalib/config.py @@ -43,6 +43,7 @@ from ipalib.base import check_name from ipalib.constants import CONFIG_SECTION from ipalib.constants import OVERRIDE_ERROR, SET_ERROR, DEL_ERROR +from ipapython.admintool import ScriptError if six.PY3: unicode = str @@ -200,6 +201,10 @@ class provides high-level methods for bootstraping a fresh `Env` instance __locked = False + # reserved contexts do not support IPA_CONFDIR env var + _reserved_contexts = {'backup', 'installer', 'ipactl', 'renew', + 'restore', 'server', 'updates'} + def __init__(self, **initialize): object.__setattr__(self, '_Env__d', {}) object.__setattr__(self, '_Env__done', set()) @@ -461,7 +466,18 @@ def _bootstrap(self, **overrides): # Set confdir: if 'confdir' not in self: - if self.in_tree: + ipa_confdir = os.environ.get('IPA_CONFDIR') + if ipa_confdir is not None: + if self.context in self._reserved_contexts: + raise ScriptError( + 'IPA_CONFDIR env var is not allowed for context ' + '"{}".'.format(self.context)) + if not path.isabs(ipa_confdir) or not path.isdir(ipa_confdir): + raise ScriptError( + 'IPA_CONFDIR env var must be an absolute path to an ' + 'existing directory.') + self.confdir = ipa_confdir + elif self.in_tree: self.confdir = self.dot_ipa else: self.confdir = path.join('/', 'etc', 'ipa')
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code