URL: https://github.com/freeipa/freeipa/pull/1084 Author: rcritten Title: #1084: Fall back to using configuration to determine server config status Action: opened
PR body: """ The original method for determining whether IPA was configured or not depended on being able to read the sysrestore files which are only readable by root. Add a fallback that uses the IPA config to determine the status. The ldap_uri should only be set on servers and as an extra check look for an ldapi uri. https://pagure.io/freeipa/issue/7157 """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/1084/head:pr1084 git checkout pr1084
From 7be411cb4c23fac794fc621a948606187839fda3 Mon Sep 17 00:00:00 2001 From: Rob Crittenden <rcrit...@redhat.com> Date: Fri, 15 Sep 2017 14:38:45 -0400 Subject: [PATCH] Fall back to using configuration to determine server config status The original method for determining whether IPA was configured or not depended on being able to read the sysrestore files which are only readable by root. Add a fallback that uses the IPA config to determine the status. The ldap_uri should only be set on servers and as an extra check look for an ldapi uri. https://pagure.io/freeipa/issue/7157 --- ipaserver/install/installutils.py | 49 +++++++++++++++++++++++++++------------ 1 file changed, 34 insertions(+), 15 deletions(-) diff --git a/ipaserver/install/installutils.py b/ipaserver/install/installutils.py index 8983718950..f83e9f23f4 100644 --- a/ipaserver/install/installutils.py +++ b/ipaserver/install/installutils.py @@ -50,6 +50,7 @@ from six.moves.configparser import NoOptionError # pylint: enable=import-error +from ipalib import config, constants from ipalib.install import sysrestore from ipalib.install.kinit import kinit_password import ipaplatform @@ -869,27 +870,45 @@ def rmtree(path): def is_ipa_configured(): - """ - Using the state and index install files determine if IPA is already - configured. - """ + """Try to determine whether IPA is configured or not""" installed = False - sstore = sysrestore.StateFile(paths.SYSRESTORE) - fstore = sysrestore.FileStore(paths.SYSRESTORE) + if os.geteuid == 0: + logger.debug('Using root method to determine configured status') + # We are root so use a more robust method to determine status + # Use the state and index install files determine if IPA is + # already configured. + sstore = sysrestore.StateFile(paths.SYSRESTORE) + fstore = sysrestore.FileStore(paths.SYSRESTORE) + + for module in IPA_MODULES: + if sstore.has_state(module): + logger.debug('%s is configured', module) + installed = True + else: + logger.debug('%s is not configured', module) - for module in IPA_MODULES: - if sstore.has_state(module): - logger.debug('%s is configured', module) + if fstore.has_files(): + logger.debug('filestore has files') installed = True else: - logger.debug('%s is not configured', module) - - if fstore.has_files(): - logger.debug('filestore has files') - installed = True + logger.debug('filestore is tracking no files') else: - logger.debug('filestore is tracking no files') + logger.debug('Using config to determine configured status') + # Use the IPA config to try to determine if this is a + # configured server. + if os.path.exists(paths.IPA_DEFAULT_CONF): + # Create a config environment and merge in the context + # config files + cfg = config.Env() + cfg._bootstrap(context='server') + cfg._finalize_core(**dict(constants.DEFAULT_CONFIG)) + try: + installed = True if cfg.ldap_uri.startswith('ldapi') else False + logger.debug('ldap_uri is %s', cfg.ldap_uri) + except AttributeError: + # fall through to fail + logger.debug('no ldap_uri set in configuration') return installed
_______________________________________________ FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org
