Re: [Freeipa-devel] [PATCH 0402] Warn user about possibility to loss CA, KRA, DNSSEC master during uninstall

2016-01-14 Thread David Kupka 

On 13/01/16 18:18, Martin Basti wrote:

https://fedorahosted.org/freeipa/ticket/5544

Patch attached.




Thanks for the patch, works for me, ACK.

--
David Kupka

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Re: [Freeipa-devel] [PATCH 0402] Warn user about possibility to loss CA, KRA, DNSSEC master during uninstall

2016-01-14 Thread Martin Basti 



On 14.01.2016 14:18, David Kupka wrote:

On 13/01/16 18:18, Martin Basti wrote:

https://fedorahosted.org/freeipa/ticket/5544

Patch attached.




Thanks for the patch, works for me, ACK.


Pushed to:
master: 58c42ddac0964a8cce7c1e1faa7516da53f028ad
ipa-4-3: 56d921f359a667fc3c5b33ccf6b3767da06f64ab

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

[Freeipa-devel] [PATCH 0402] Warn user about possibility to loss CA, KRA, DNSSEC master during uninstall

2016-01-13 Thread Martin Basti 

https://fedorahosted.org/freeipa/ticket/5544

Patch attached.
From a882c48058cca2564265546e557e9d7d542a9553 Mon Sep 17 00:00:00 2001
From: Martin Basti 
Date: Wed, 13 Jan 2016 17:27:06 +0100
Subject: [PATCH] Warn about potential loss of CA, KRA, DNSSEC during uninstall

If connection do LDAP failed (or LDAP server is down) we cannot verify
if there is any additonal instance of CA, KRA, DNSSEC master.
In this case a user is warned and promted to confirm uninstallation.

https://fedorahosted.org/freeipa/ticket/5544
---
 ipaserver/install/server/install.py | 12 +++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/ipaserver/install/server/install.py b/ipaserver/install/server/install.py
index 8a57886cd91bc4dbb06d30b457844499d3ff6cec..49e97eb667a322898acc3a064f4eae5381ded918 100644
--- a/ipaserver/install/server/install.py
+++ b/ipaserver/install/server/install.py
@@ -1078,8 +1078,18 @@ def uninstall_check(installer):
 msg = ("\nWARNING: Failed to connect to Directory Server to find "
"information about replication agreements. Uninstallation "
"will continue despite the possible existing replication "
-   "agreements.\n\n")
+   "agreements.\n\n"
+   "If this server is the last instance of CA, KRA, or DNSSEC "
+   "master, uninstallation may result in data loss.\n\n"
+)
 print(textwrap.fill(msg, width=80, replace_whitespace=False))
+
+if (installer.interactive and not user_input(
+"Are you sure you want to continue with the uninstall "
+"procedure?", False)):
+print("")
+print("Aborting uninstall operation.")
+sys.exit(1)
 else:
 dns.uninstall_check(options)
 
-- 
2.5.0

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code