subject:"Re\: \[Freeipa\-devel\] \[PATCH 0100\] replica promotion\: modify default.conf even if DS configuration fails"

Re: [Freeipa-devel] [PATCH 0100] replica promotion: modify default.conf even if DS configuration fails

2015-11-27 Thread Martin Basti




On 26.11.2015 15:07, Petr Vobornik wrote:

On 11/26/2015 10:56 AM, Martin Babinsky wrote:

On 11/20/2015 10:46 AM, Martin Babinsky wrote:

On 11/20/2015 10:19 AM, Martin Babinsky wrote:

Fixes https://fedorahosted.org/freeipa/ticket/5417


Sorry forgot to add the patch.




Attaching new version of patch rebased for current master and bumping
for review.



ACK

Works for me too
Pushed to master: 7978c214731edfa4e05d64ffd2079d327e7b34d4

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Re: [Freeipa-devel] [PATCH 0100] replica promotion: modify default.conf even if DS configuration fails

2015-11-26 Thread Martin Babinsky


On 11/20/2015 10:46 AM, Martin Babinsky wrote:

On 11/20/2015 10:19 AM, Martin Babinsky wrote:

Fixes https://fedorahosted.org/freeipa/ticket/5417


Sorry forgot to add the patch.



Attaching new version of patch rebased for current master and bumping 
for review.


--
Martin^3 Babinsky
From 84d32dc14ae3cf486b9054c1b90a18d9ec998b5d Mon Sep 17 00:00:00 2001
From: Martin Babinsky 
Date: Fri, 20 Nov 2015 09:57:05 +0100
Subject: [PATCH 1/2] replica promotion: modify default.conf even if DS
 configuration fails

When we promote an IPA client to replica, we need to write master-like
default.conf once we start configuring directory server instance. This way
even if DS configuration fails for some reason the server uninstall code can
work properly and clean up partially configured replica.

https://fedorahosted.org/freeipa/ticket/5417
---
 ipaserver/install/server/replicainstall.py | 51 --
 1 file changed, 28 insertions(+), 23 deletions(-)

diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py
index 4b811105be3409e7c673fb55f96c8b3e58be63b5..e6d96bbe62c6960ebe94c529a8dac9dd0468d734 100644
--- a/ipaserver/install/server/replicainstall.py
+++ b/ipaserver/install/server/replicainstall.py
@@ -1001,34 +1001,39 @@ def promote(installer):
 ntp = ntpinstance.NTPInstance()
 ntp.create_instance()
 
-# Configure dirsrv
-ds = install_replica_ds(config, options, promote=True)
+try:
+# Configure dirsrv
+ds = install_replica_ds(config, options, promote=True)
 
-# Always try to install DNS records
-install_dns_records(config, options, api)
+# Always try to install DNS records
+install_dns_records(config, options, api)
 
-# Must install http certs before changing ipa configuration file
-# or certmonger will fail to contact the peer master
-install_http_certs(config, fstore)
+# Must install http certs before changing ipa configuration file
+# or certmonger will fail to contact the peer master
+install_http_certs(config, fstore)
 
-ldapi_uri = installutils.realm_to_ldapi_uri(config.realm_name)
+finally:
+# Create the management framework config file
+# do this regardless of the state of DS installation. Even if it fails,
+# we need to have master-like configuration in order to perform a
+# successful uninstallation
+ldapi_uri = installutils.realm_to_ldapi_uri(config.realm_name)
 
-# Create the management framework config file
-gopts = [
-ipaconf.setOption('host', config.host_name),
-ipaconf.rmOption('server'),
-ipaconf.setOption('xmlrpc_uri',
-  'https://%s/ipa/xml' %
-  ipautil.format_netloc(config.host_name)),
-ipaconf.setOption('ldap_uri', ldapi_uri),
-ipaconf.setOption('mode', 'production'),
-ipaconf.setOption('enable_ra', 'True'),
-ipaconf.setOption('ra_plugin', 'dogtag'),
-ipaconf.setOption('dogtag_version', '10')]
-opts = [ipaconf.setSection('global', gopts)]
+gopts = [
+ipaconf.setOption('host', config.host_name),
+ipaconf.rmOption('server'),
+ipaconf.setOption('xmlrpc_uri',
+  'https://%s/ipa/xml' %
+  ipautil.format_netloc(config.host_name)),
+ipaconf.setOption('ldap_uri', ldapi_uri),
+ipaconf.setOption('mode', 'production'),
+ipaconf.setOption('enable_ra', 'True'),
+ipaconf.setOption('ra_plugin', 'dogtag'),
+ipaconf.setOption('dogtag_version', '10')]
+opts = [ipaconf.setSection('global', gopts)]
 
-ipaconf.changeConf(target_fname, opts)
-os.chmod(target_fname, 0o644)   # must be readable for httpd
+ipaconf.changeConf(target_fname, opts)
+os.chmod(target_fname, 0o644)   # must be readable for httpd
 
 custodia = custodiainstance.CustodiaInstance(config.host_name,
  config.realm_name)
-- 
2.4.3

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Re: [Freeipa-devel] [PATCH 0100] replica promotion: modify default.conf even if DS configuration fails

2015-11-26 Thread Petr Vobornik


On 11/26/2015 10:56 AM, Martin Babinsky wrote:

On 11/20/2015 10:46 AM, Martin Babinsky wrote:

On 11/20/2015 10:19 AM, Martin Babinsky wrote:

Fixes https://fedorahosted.org/freeipa/ticket/5417


Sorry forgot to add the patch.




Attaching new version of patch rebased for current master and bumping
for review.



ACK
--
Petr Vobornik

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Re: [Freeipa-devel] [PATCH 0100] replica promotion: modify default.conf even if DS configuration fails

2015-11-20 Thread Martin Babinsky


On 11/20/2015 10:19 AM, Martin Babinsky wrote:

Fixes https://fedorahosted.org/freeipa/ticket/5417


Sorry forgot to add the patch.

--
Martin^3 Babinsky
From f6235e6b1bcb2dfe08b0d92a9f0b834d45801ab9 Mon Sep 17 00:00:00 2001
From: Martin Babinsky 
Date: Fri, 20 Nov 2015 09:57:05 +0100
Subject: [PATCH] replica promotion: modify default.conf even if DS
 configuration fails

When we promote an IPA client to replica, we need to write master-like
default.conf once we start configuring directory server instance. This way
even if DS configuration fails for some reason the server uninstall code can
work properly and clean up partially configured replica.

https://fedorahosted.org/freeipa/ticket/5417
---
 ipaserver/install/server/replicainstall.py | 53 --
 1 file changed, 29 insertions(+), 24 deletions(-)

diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py
index 5ce9eb7092b5349cc9db13b465b3d5b033538ab6..c8d951f373518b6c06b96cb56fcf2acbb57cca73 100644
--- a/ipaserver/install/server/replicainstall.py
+++ b/ipaserver/install/server/replicainstall.py
@@ -1006,35 +1006,40 @@ def promote(installer):
 ntp = ntpinstance.NTPInstance()
 ntp.create_instance()
 
-# Configure dirsrv
-ds = install_replica_ds(config, options, promote=True)
+try:
+# Configure dirsrv
+ds = install_replica_ds(config, options, promote=True)
 
-# Always try to install DNS records
-install_dns_records(config, options, api)
+# Always try to install DNS records
+install_dns_records(config, options, api)
 
-# Must install http certs before changing ipa configuration file
-# or certmonger will fail to contact the peer master
-install_http_certs(config, fstore)
+# Must install http certs before changing ipa configuration file
+# or certmonger will fail to contact the peer master
+install_http_certs(config, fstore)
 
-ldapi_uri = installutils.realm_to_ldapi_uri(config.realm_name)
+finally:
+# Create the management framework config file
+# do this regardless of the state of DS installation. Even if it fails,
+# we need to have master-like configuration in order to perform a
+# successful uninstallation
+ldapi_uri = installutils.realm_to_ldapi_uri(config.realm_name)
 
-# Create the management framework config file
-gopts = [
-ipaconf.setOption('host', config.host_name),
-ipaconf.rmOption('server'),
-ipaconf.setOption('xmlrpc_uri',
-  'https://%s/ipa/xml' %
-  ipautil.format_netloc(config.host_name)),
-ipaconf.setOption('ldap_uri', ldapi_uri),
-ipaconf.setOption('mode', 'production'),
-ipaconf.setOption('enable_ra', 'True'),
-ipaconf.setOption('ra_plugin', 'dogtag'),
-ipaconf.setOption('dogtag_version',
-  dogtag.install_constants.DOGTAG_VERSION)]
-opts = [ipaconf.setSection('global', gopts)]
+gopts = [
+ipaconf.setOption('host', config.host_name),
+ipaconf.rmOption('server'),
+ipaconf.setOption('xmlrpc_uri',
+  'https://%s/ipa/xml' %
+  ipautil.format_netloc(config.host_name)),
+ipaconf.setOption('ldap_uri', ldapi_uri),
+ipaconf.setOption('mode', 'production'),
+ipaconf.setOption('enable_ra', 'True'),
+ipaconf.setOption('ra_plugin', 'dogtag'),
+ipaconf.setOption('dogtag_version',
+  dogtag.install_constants.DOGTAG_VERSION)]
+opts = [ipaconf.setSection('global', gopts)]
 
-ipaconf.changeConf(target_fname, opts)
-os.chmod(target_fname, 0o644)   # must be readable for httpd
+ipaconf.changeConf(target_fname, opts)
+os.chmod(target_fname, 0o644)   # must be readable for httpd
 
 custodia = custodiainstance.CustodiaInstance(config.host_name,
  config.realm_name)
-- 
2.4.3

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Re: [Freeipa-devel] [PATCH 0100] replica promotion: modify default.conf even if DS configuration fails

Re: [Freeipa-devel] [PATCH 0100] replica promotion: modify default.conf even if DS configuration fails

Re: [Freeipa-devel] [PATCH 0100] replica promotion: modify default.conf even if DS configuration fails

Re: [Freeipa-devel] [PATCH 0100] replica promotion: modify default.conf even if DS configuration fails

4 matches

Site Navigation

Mail list logo

Footer information