[Freeipa-devel] [freeipa PR#382][synchronized] [WIP] Py3 ipa-server-install fixes
URL: https://github.com/freeipa/freeipa/pull/382 Author: mbasti-rh Title: #382: [WIP] Py3 ipa-server-install fixes Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/382/head:pr382 git checkout pr382 From 0ba8877d4f0a6e96d4e338a88f8638d00ad980b1 Mon Sep 17 00:00:00 2001 From: Martin BastiDate: Mon, 9 Jan 2017 11:53:59 +0100 Subject: [PATCH 01/16] py3: create_cert_db: write to file in a compatible way Py3 expect bytes to be writed using os.write. Instead of that using io module is more pythonic. https://fedorahosted.org/freeipa/ticket/4985 --- ipaserver/install/httpinstance.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py index bacd5fc..ded0553 100644 --- a/ipaserver/install/httpinstance.py +++ b/ipaserver/install/httpinstance.py @@ -19,6 +19,7 @@ from __future__ import print_function +import io import os import os.path import pwd @@ -314,9 +315,8 @@ def create_cert_db(self): # Create the password file for this db password = ipautil.ipa_generate_password() -f = os.open(pwd_file, os.O_CREAT | os.O_RDWR) -os.write(f, password) -os.close(f) +with io.open(pwd_file, 'w') as f: +f.write(password) ipautil.run([paths.CERTUTIL, "-d", database, "-f", pwd_file, "-N"]) From f97b56d35539dbc091d20282e01b7a804c6f8732 Mon Sep 17 00:00:00 2001 From: Martin Basti Date: Tue, 10 Jan 2017 13:45:11 +0100 Subject: [PATCH 02/16] py3: service.py: replace mkstemp by NamedTemporaryFile NamedTemporaryfile can be used in more pythonic way and file can be opened in textual mode that is required with PY3 https://fedorahosted.org/freeipa/ticket/4985 --- ipapython/ipautil.py | 2 +- ipaserver/install/service.py | 9 + 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/ipapython/ipautil.py b/ipapython/ipautil.py index e3e4611..34d10ef 100644 --- a/ipapython/ipautil.py +++ b/ipapython/ipautil.py @@ -852,7 +852,7 @@ def ipa_generate_password(entropy_bits=256, uppercase=1, lowercase=1, digits=1, rnd = random.SystemRandom() todo_entropy = entropy_bits -password = '' +password = u'' # Generate required character classes: # The order of generated characters is fixed to comply with check in # NSS function sftk_newPinCheck() in nss/lib/softoken/fipstokn.c. diff --git a/ipaserver/install/service.py b/ipaserver/install/service.py index 6451f92..c96cd8b 100644 --- a/ipaserver/install/service.py +++ b/ipaserver/install/service.py @@ -208,10 +208,11 @@ def _ldap_mod(self, ldif, sub_dict=None, raise_on_err=True, args += ["-H", ldap_uri] if dm_password: -[pw_fd, pw_name] = tempfile.mkstemp() -os.write(pw_fd, dm_password) -os.close(pw_fd) -auth_parms = ["-x", "-D", "cn=Directory Manager", "-y", pw_name] +with tempfile.NamedTemporaryFile( +mode='w', delete=False) as pw_file: +pw_name = pw_file.name +pw_file.write(dm_password) +auth_parms = ["-x", "-D", "cn=Directory Manager", "-y", pw_name] # Use GSSAPI auth when not using DM password or not being root elif os.getegid() != 0: auth_parms = ["-Y", "GSSAPI"] From 381a6570f75a581d01e8ed57d701654ae36d388e Mon Sep 17 00:00:00 2001 From: Martin Basti Date: Mon, 9 Jan 2017 12:42:23 +0100 Subject: [PATCH 03/16] py3: open temporary ldif file in text mode ldif parser uses file in text mode, so we have to open it in text mode in py3 Also values passed to parser should be bytes https://fedorahosted.org/freeipa/ticket/4985 --- ipaserver/install/dsinstance.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py index 89315b6..2721d88 100644 --- a/ipaserver/install/dsinstance.py +++ b/ipaserver/install/dsinstance.py @@ -582,14 +582,15 @@ def __update_dse_ldif(self): 'dse.ldif' ) -with tempfile.NamedTemporaryFile(delete=False) as new_dse_ldif: +with tempfile.NamedTemporaryFile( +mode='w', delete=False) as new_dse_ldif: temp_filename = new_dse_ldif.name with open(dse_filename, "r") as input_file: parser = installutils.ModifyLDIF(input_file, new_dse_ldif) parser.replace_value( 'cn=config,cn=ldbm database,cn=plugins,cn=config', 'nsslapd-db-locks', -['5'] +[b'5'] ) if self.config_ldif: # parse modifications from ldif file supplied by the admin From
[Freeipa-devel] [freeipa PR#382][synchronized] [WIP] Py3 ipa-server-install fixes
URL: https://github.com/freeipa/freeipa/pull/382 Author: mbasti-rh Title: #382: [WIP] Py3 ipa-server-install fixes Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/382/head:pr382 git checkout pr382 From 0ba8877d4f0a6e96d4e338a88f8638d00ad980b1 Mon Sep 17 00:00:00 2001 From: Martin BastiDate: Mon, 9 Jan 2017 11:53:59 +0100 Subject: [PATCH 01/10] py3: create_cert_db: write to file in a compatible way Py3 expect bytes to be writed using os.write. Instead of that using io module is more pythonic. https://fedorahosted.org/freeipa/ticket/4985 --- ipaserver/install/httpinstance.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py index bacd5fc..ded0553 100644 --- a/ipaserver/install/httpinstance.py +++ b/ipaserver/install/httpinstance.py @@ -19,6 +19,7 @@ from __future__ import print_function +import io import os import os.path import pwd @@ -314,9 +315,8 @@ def create_cert_db(self): # Create the password file for this db password = ipautil.ipa_generate_password() -f = os.open(pwd_file, os.O_CREAT | os.O_RDWR) -os.write(f, password) -os.close(f) +with io.open(pwd_file, 'w') as f: +f.write(password) ipautil.run([paths.CERTUTIL, "-d", database, "-f", pwd_file, "-N"]) From f97b56d35539dbc091d20282e01b7a804c6f8732 Mon Sep 17 00:00:00 2001 From: Martin Basti Date: Tue, 10 Jan 2017 13:45:11 +0100 Subject: [PATCH 02/10] py3: service.py: replace mkstemp by NamedTemporaryFile NamedTemporaryfile can be used in more pythonic way and file can be opened in textual mode that is required with PY3 https://fedorahosted.org/freeipa/ticket/4985 --- ipapython/ipautil.py | 2 +- ipaserver/install/service.py | 9 + 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/ipapython/ipautil.py b/ipapython/ipautil.py index e3e4611..34d10ef 100644 --- a/ipapython/ipautil.py +++ b/ipapython/ipautil.py @@ -852,7 +852,7 @@ def ipa_generate_password(entropy_bits=256, uppercase=1, lowercase=1, digits=1, rnd = random.SystemRandom() todo_entropy = entropy_bits -password = '' +password = u'' # Generate required character classes: # The order of generated characters is fixed to comply with check in # NSS function sftk_newPinCheck() in nss/lib/softoken/fipstokn.c. diff --git a/ipaserver/install/service.py b/ipaserver/install/service.py index 6451f92..c96cd8b 100644 --- a/ipaserver/install/service.py +++ b/ipaserver/install/service.py @@ -208,10 +208,11 @@ def _ldap_mod(self, ldif, sub_dict=None, raise_on_err=True, args += ["-H", ldap_uri] if dm_password: -[pw_fd, pw_name] = tempfile.mkstemp() -os.write(pw_fd, dm_password) -os.close(pw_fd) -auth_parms = ["-x", "-D", "cn=Directory Manager", "-y", pw_name] +with tempfile.NamedTemporaryFile( +mode='w', delete=False) as pw_file: +pw_name = pw_file.name +pw_file.write(dm_password) +auth_parms = ["-x", "-D", "cn=Directory Manager", "-y", pw_name] # Use GSSAPI auth when not using DM password or not being root elif os.getegid() != 0: auth_parms = ["-Y", "GSSAPI"] From 381a6570f75a581d01e8ed57d701654ae36d388e Mon Sep 17 00:00:00 2001 From: Martin Basti Date: Mon, 9 Jan 2017 12:42:23 +0100 Subject: [PATCH 03/10] py3: open temporary ldif file in text mode ldif parser uses file in text mode, so we have to open it in text mode in py3 Also values passed to parser should be bytes https://fedorahosted.org/freeipa/ticket/4985 --- ipaserver/install/dsinstance.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py index 89315b6..2721d88 100644 --- a/ipaserver/install/dsinstance.py +++ b/ipaserver/install/dsinstance.py @@ -582,14 +582,15 @@ def __update_dse_ldif(self): 'dse.ldif' ) -with tempfile.NamedTemporaryFile(delete=False) as new_dse_ldif: +with tempfile.NamedTemporaryFile( +mode='w', delete=False) as new_dse_ldif: temp_filename = new_dse_ldif.name with open(dse_filename, "r") as input_file: parser = installutils.ModifyLDIF(input_file, new_dse_ldif) parser.replace_value( 'cn=config,cn=ldbm database,cn=plugins,cn=config', 'nsslapd-db-locks', -['5'] +[b'5'] ) if self.config_ldif: # parse modifications from ldif file supplied by the admin From