URL: https://github.com/freeipa/freeipa/pull/691
Author: stlaz
 Title: #691: Add force-join option to replica install
Action: synchronized

To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/691/head:pr691
git checkout pr691
From 90e8c0e7a20d3be6aee18928721de540f6c34bbc Mon Sep 17 00:00:00 2001
From: Stanislav Laznicka <slazn...@redhat.com>
Date: Wed, 5 Apr 2017 09:49:57 +0200
Subject: [PATCH 1/2] Add the force-join option to replica install

When installing client from inside replica installation on DL1,
it's possible that the client installation would fail and recommend
using --force-join option which is not available in replica installer.
Add the option there.

https://pagure.io/freeipa/issue/6183
---
 ipaserver/install/server/__init__.py       | 2 +-
 ipaserver/install/server/replicainstall.py | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/ipaserver/install/server/__init__.py b/ipaserver/install/server/__init__.py
index 89444f2..028a4aa 100644
--- a/ipaserver/install/server/__init__.py
+++ b/ipaserver/install/server/__init__.py
@@ -166,7 +166,6 @@ class ServerInstallInterface(ServerCertificateInstallInterface,
     """
     description = "Server"
 
-    force_join = False
     kinit_attempts = 1
     fixed_primary = True
     ntp_servers = None
@@ -526,6 +525,7 @@ class ServerMasterInstall(ServerMasterInstallInterface):
     Server master installer
     """
 
+    force_join = False
     servers = None
     no_wait_for_dns = True
     host_password = None
diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py
index f489e69..9fa6960 100644
--- a/ipaserver/install/server/replicainstall.py
+++ b/ipaserver/install/server/replicainstall.py
@@ -948,6 +948,8 @@ def ensure_enrolled(installer):
             args.append("--no-sshd")
         if installer.mkhomedir:
             args.append("--mkhomedir")
+        if installer.force_join:
+            args.append("--force-join")
 
         ipautil.run(args, stdin=stdin, nolog=nolog, redirect_output=True)
         print()

From 630815740efb8d83de5f9141f111cbbf34e465cd Mon Sep 17 00:00:00 2001
From: Stanislav Laznicka <slazn...@redhat.com>
Date: Wed, 5 Apr 2017 09:57:44 +0200
Subject: [PATCH 2/2] replicainstall: better client install exception handling

The exception handling of client install inside replica installation
was rather promiscuous, hungrily eating any possible exception thrown
at it. Scoped down the try-except block and reduced its promiscuity.
This change should improve the future development experience debugging
this part of the code.

https://pagure.io/freeipa/issue/6183
---
 ipaserver/install/server/replicainstall.py | 83 +++++++++++++++---------------
 1 file changed, 41 insertions(+), 42 deletions(-)

diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py
index 9fa6960..88a01be 100644
--- a/ipaserver/install/server/replicainstall.py
+++ b/ipaserver/install/server/replicainstall.py
@@ -908,52 +908,51 @@ def install_check(installer):
 
 
 def ensure_enrolled(installer):
-    # Call client install script
-    service.print_msg("Configuring client side components")
+    args = [paths.IPA_CLIENT_INSTALL, "--unattended", "--no-ntp"]
+    stdin = None
+    nolog = []
+
+    if installer.domain_name:
+        args.extend(["--domain", installer.domain_name])
+    if installer.server:
+        args.extend(["--server", installer.server])
+    if installer.realm_name:
+        args.extend(["--realm", installer.realm_name])
+    if installer.host_name:
+        args.extend(["--hostname", installer.host_name])
+
+    if installer.password:
+        args.extend(["--password", installer.password])
+        nolog.append(installer.password)
+    else:
+        if installer.admin_password:
+            # Always set principal if password was set explicitly,
+            # the password itself gets passed directly via stdin
+            args.extend(["--principal", installer.principal or "admin"])
+            stdin = installer.admin_password
+        if installer.keytab:
+            args.extend(["--keytab", installer.keytab])
+
+    if installer.no_dns_sshfp:
+        args.append("--no-dns-sshfp")
+    if installer.ssh_trust_dns:
+        args.append("--ssh-trust-dns")
+    if installer.no_ssh:
+        args.append("--no-ssh")
+    if installer.no_sshd:
+        args.append("--no-sshd")
+    if installer.mkhomedir:
+        args.append("--mkhomedir")
+    if installer.force_join:
+        args.append("--force-join")
+
     try:
+        # Call client install script
+        service.print_msg("Configuring client side components")
         installer._enrollment_performed = True
-
-        args = [paths.IPA_CLIENT_INSTALL, "--unattended", "--no-ntp"]
-        stdin = None
-        nolog = []
-
-        if installer.domain_name:
-            args.extend(["--domain", installer.domain_name])
-        if installer.server:
-            args.extend(["--server", installer.server])
-        if installer.realm_name:
-            args.extend(["--realm", installer.realm_name])
-        if installer.host_name:
-            args.extend(["--hostname", installer.host_name])
-
-        if installer.password:
-            args.extend(["--password", installer.password])
-            nolog.append(installer.password)
-        else:
-            if installer.admin_password:
-                # Always set principal if password was set explicitly,
-                # the password itself gets passed directly via stdin
-                args.extend(["--principal", installer.principal or "admin"])
-                stdin = installer.admin_password
-            if installer.keytab:
-                args.extend(["--keytab", installer.keytab])
-
-        if installer.no_dns_sshfp:
-            args.append("--no-dns-sshfp")
-        if installer.ssh_trust_dns:
-            args.append("--ssh-trust-dns")
-        if installer.no_ssh:
-            args.append("--no-ssh")
-        if installer.no_sshd:
-            args.append("--no-sshd")
-        if installer.mkhomedir:
-            args.append("--mkhomedir")
-        if installer.force_join:
-            args.append("--force-join")
-
         ipautil.run(args, stdin=stdin, nolog=nolog, redirect_output=True)
         print()
-    except Exception:
+    except ipautil.CalledProcessError:
         raise ScriptError("Configuration of client side components failed!")
 
 
-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to