[Freeipa-devel] [freeipa PR#382][synchronized] [WIP] Py3 ipa-server-install fixes

2017-01-11 Thread mbasti-rh 
   URL: https://github.com/freeipa/freeipa/pull/382
Author: mbasti-rh
 Title: #382: [WIP] Py3 ipa-server-install fixes
Action: synchronized

To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/382/head:pr382
git checkout pr382
From 0ba8877d4f0a6e96d4e338a88f8638d00ad980b1 Mon Sep 17 00:00:00 2001
From: Martin Basti 
Date: Mon, 9 Jan 2017 11:53:59 +0100
Subject: [PATCH 01/16] py3: create_cert_db: write to file in a compatible way

Py3 expect bytes to be writed using os.write. Instead of that using
io module is more pythonic.

https://fedorahosted.org/freeipa/ticket/4985
---
 ipaserver/install/httpinstance.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py
index bacd5fc..ded0553 100644
--- a/ipaserver/install/httpinstance.py
+++ b/ipaserver/install/httpinstance.py
@@ -19,6 +19,7 @@
 
 from __future__ import print_function
 
+import io
 import os
 import os.path
 import pwd
@@ -314,9 +315,8 @@ def create_cert_db(self):
 
 # Create the password file for this db
 password = ipautil.ipa_generate_password()
-f = os.open(pwd_file, os.O_CREAT | os.O_RDWR)
-os.write(f, password)
-os.close(f)
+with io.open(pwd_file, 'w') as f:
+f.write(password)
 
 ipautil.run([paths.CERTUTIL, "-d", database, "-f", pwd_file, "-N"])
 

From f97b56d35539dbc091d20282e01b7a804c6f8732 Mon Sep 17 00:00:00 2001
From: Martin Basti 
Date: Tue, 10 Jan 2017 13:45:11 +0100
Subject: [PATCH 02/16] py3: service.py: replace mkstemp by NamedTemporaryFile

NamedTemporaryfile can be used in more pythonic way and file can be
opened in textual mode that is required with PY3

https://fedorahosted.org/freeipa/ticket/4985
---
 ipapython/ipautil.py | 2 +-
 ipaserver/install/service.py | 9 +
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/ipapython/ipautil.py b/ipapython/ipautil.py
index e3e4611..34d10ef 100644
--- a/ipapython/ipautil.py
+++ b/ipapython/ipautil.py
@@ -852,7 +852,7 @@ def ipa_generate_password(entropy_bits=256, uppercase=1, lowercase=1, digits=1,
 rnd = random.SystemRandom()
 
 todo_entropy = entropy_bits
-password = ''
+password = u''
 # Generate required character classes:
 # The order of generated characters is fixed to comply with check in
 # NSS function sftk_newPinCheck() in nss/lib/softoken/fipstokn.c.
diff --git a/ipaserver/install/service.py b/ipaserver/install/service.py
index 6451f92..c96cd8b 100644
--- a/ipaserver/install/service.py
+++ b/ipaserver/install/service.py
@@ -208,10 +208,11 @@ def _ldap_mod(self, ldif, sub_dict=None, raise_on_err=True,
 args += ["-H", ldap_uri]
 
 if dm_password:
-[pw_fd, pw_name] = tempfile.mkstemp()
-os.write(pw_fd, dm_password)
-os.close(pw_fd)
-auth_parms = ["-x", "-D", "cn=Directory Manager", "-y", pw_name]
+with tempfile.NamedTemporaryFile(
+mode='w', delete=False) as pw_file:
+pw_name = pw_file.name
+pw_file.write(dm_password)
+auth_parms = ["-x", "-D", "cn=Directory Manager", "-y", pw_name]
 # Use GSSAPI auth when not using DM password or not being root
 elif os.getegid() != 0:
 auth_parms = ["-Y", "GSSAPI"]

From 381a6570f75a581d01e8ed57d701654ae36d388e Mon Sep 17 00:00:00 2001
From: Martin Basti 
Date: Mon, 9 Jan 2017 12:42:23 +0100
Subject: [PATCH 03/16] py3: open temporary ldif file in text mode

ldif parser uses file in text mode, so we have to open it in text mode
in py3

Also values passed to parser should be bytes

https://fedorahosted.org/freeipa/ticket/4985
---
 ipaserver/install/dsinstance.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py
index 89315b6..2721d88 100644
--- a/ipaserver/install/dsinstance.py
+++ b/ipaserver/install/dsinstance.py
@@ -582,14 +582,15 @@ def __update_dse_ldif(self):
 'dse.ldif'
 )
 
-with tempfile.NamedTemporaryFile(delete=False) as new_dse_ldif:
+with tempfile.NamedTemporaryFile(
+mode='w', delete=False) as new_dse_ldif:
 temp_filename = new_dse_ldif.name
 with open(dse_filename, "r") as input_file:
 parser = installutils.ModifyLDIF(input_file, new_dse_ldif)
 parser.replace_value(
 'cn=config,cn=ldbm database,cn=plugins,cn=config',
 'nsslapd-db-locks',
-['5']
+[b'5']
 )
 if self.config_ldif:
 # parse modifications from ldif file supplied by the admin

From

[Freeipa-devel] [freeipa PR#382][synchronized] [WIP] Py3 ipa-server-install fixes

2017-01-10 Thread mbasti-rh 
   URL: https://github.com/freeipa/freeipa/pull/382
Author: mbasti-rh
 Title: #382: [WIP] Py3 ipa-server-install fixes
Action: synchronized

To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/382/head:pr382
git checkout pr382
From 0ba8877d4f0a6e96d4e338a88f8638d00ad980b1 Mon Sep 17 00:00:00 2001
From: Martin Basti 
Date: Mon, 9 Jan 2017 11:53:59 +0100
Subject: [PATCH 01/10] py3: create_cert_db: write to file in a compatible way

Py3 expect bytes to be writed using os.write. Instead of that using
io module is more pythonic.

https://fedorahosted.org/freeipa/ticket/4985
---
 ipaserver/install/httpinstance.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py
index bacd5fc..ded0553 100644
--- a/ipaserver/install/httpinstance.py
+++ b/ipaserver/install/httpinstance.py
@@ -19,6 +19,7 @@
 
 from __future__ import print_function
 
+import io
 import os
 import os.path
 import pwd
@@ -314,9 +315,8 @@ def create_cert_db(self):
 
 # Create the password file for this db
 password = ipautil.ipa_generate_password()
-f = os.open(pwd_file, os.O_CREAT | os.O_RDWR)
-os.write(f, password)
-os.close(f)
+with io.open(pwd_file, 'w') as f:
+f.write(password)
 
 ipautil.run([paths.CERTUTIL, "-d", database, "-f", pwd_file, "-N"])
 

From f97b56d35539dbc091d20282e01b7a804c6f8732 Mon Sep 17 00:00:00 2001
From: Martin Basti 
Date: Tue, 10 Jan 2017 13:45:11 +0100
Subject: [PATCH 02/10] py3: service.py: replace mkstemp by NamedTemporaryFile

NamedTemporaryfile can be used in more pythonic way and file can be
opened in textual mode that is required with PY3

https://fedorahosted.org/freeipa/ticket/4985
---
 ipapython/ipautil.py | 2 +-
 ipaserver/install/service.py | 9 +
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/ipapython/ipautil.py b/ipapython/ipautil.py
index e3e4611..34d10ef 100644
--- a/ipapython/ipautil.py
+++ b/ipapython/ipautil.py
@@ -852,7 +852,7 @@ def ipa_generate_password(entropy_bits=256, uppercase=1, lowercase=1, digits=1,
 rnd = random.SystemRandom()
 
 todo_entropy = entropy_bits
-password = ''
+password = u''
 # Generate required character classes:
 # The order of generated characters is fixed to comply with check in
 # NSS function sftk_newPinCheck() in nss/lib/softoken/fipstokn.c.
diff --git a/ipaserver/install/service.py b/ipaserver/install/service.py
index 6451f92..c96cd8b 100644
--- a/ipaserver/install/service.py
+++ b/ipaserver/install/service.py
@@ -208,10 +208,11 @@ def _ldap_mod(self, ldif, sub_dict=None, raise_on_err=True,
 args += ["-H", ldap_uri]
 
 if dm_password:
-[pw_fd, pw_name] = tempfile.mkstemp()
-os.write(pw_fd, dm_password)
-os.close(pw_fd)
-auth_parms = ["-x", "-D", "cn=Directory Manager", "-y", pw_name]
+with tempfile.NamedTemporaryFile(
+mode='w', delete=False) as pw_file:
+pw_name = pw_file.name
+pw_file.write(dm_password)
+auth_parms = ["-x", "-D", "cn=Directory Manager", "-y", pw_name]
 # Use GSSAPI auth when not using DM password or not being root
 elif os.getegid() != 0:
 auth_parms = ["-Y", "GSSAPI"]

From 381a6570f75a581d01e8ed57d701654ae36d388e Mon Sep 17 00:00:00 2001
From: Martin Basti 
Date: Mon, 9 Jan 2017 12:42:23 +0100
Subject: [PATCH 03/10] py3: open temporary ldif file in text mode

ldif parser uses file in text mode, so we have to open it in text mode
in py3

Also values passed to parser should be bytes

https://fedorahosted.org/freeipa/ticket/4985
---
 ipaserver/install/dsinstance.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py
index 89315b6..2721d88 100644
--- a/ipaserver/install/dsinstance.py
+++ b/ipaserver/install/dsinstance.py
@@ -582,14 +582,15 @@ def __update_dse_ldif(self):
 'dse.ldif'
 )
 
-with tempfile.NamedTemporaryFile(delete=False) as new_dse_ldif:
+with tempfile.NamedTemporaryFile(
+mode='w', delete=False) as new_dse_ldif:
 temp_filename = new_dse_ldif.name
 with open(dse_filename, "r") as input_file:
 parser = installutils.ModifyLDIF(input_file, new_dse_ldif)
 parser.replace_value(
 'cn=config,cn=ldbm database,cn=plugins,cn=config',
 'nsslapd-db-locks',
-['5']
+[b'5']
 )
 if self.config_ldif:
 # parse modifications from ldif file supplied by the admin

From