Re: [Freeipa-devel] [PATCH 470] install: Fix server and replica install options

2015-08-12 Thread Tomas Babej 


On 08/12/2015 03:42 PM, Martin Babinsky wrote:
 On 08/12/2015 07:52 AM, Jan Cholasta wrote:
 Hi,

 the attached patch fixes https://fedorahosted.org/freeipa/ticket/5184.

 Honza



 
 ACK
 

master: a651be3eec2a08bd2865b16b0eed767db69aab0f
ipa-4-2: 8e1a9b49397ee9dbef9fce4b61277246ea65ca8d

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Re: [Freeipa-devel] [PATCH 470] install: Fix server and replica install options

2015-08-12 Thread Martin Babinsky 

On 08/12/2015 07:52 AM, Jan Cholasta wrote:

Hi,

the attached patch fixes https://fedorahosted.org/freeipa/ticket/5184.

Honza





ACK

--
Martin^3 Babinsky

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

[Freeipa-devel] [PATCH 470] install: Fix server and replica install options

2015-08-11 Thread Jan Cholasta 

Hi,

the attached patch fixes https://fedorahosted.org/freeipa/ticket/5184.

Honza

--
Jan Cholasta
From f1011015be39e58564f7c3b84ddcc3e7fd04e157 Mon Sep 17 00:00:00 2001
From: Jan Cholasta jchol...@redhat.com
Date: Wed, 12 Aug 2015 07:49:53 +0200
Subject: [PATCH] install: Fix server and replica install options

https://fedorahosted.org/freeipa/ticket/5184
---
 ipaserver/install/server/install.py| 55 ++
 ipaserver/install/server/replicainstall.py | 36 ---
 2 files changed, 17 insertions(+), 74 deletions(-)

diff --git a/ipaserver/install/server/install.py b/ipaserver/install/server/install.py
index 015050a..2ef1876 100644
--- a/ipaserver/install/server/install.py
+++ b/ipaserver/install/server/install.py
@@ -1137,18 +1137,6 @@ def uninstall(installer):
 class ServerCA(common.Installable, core.Group, core.Composite):
 description = certificate system
 
-setup_ca = Knob(
-bool, False,
-initializable=False,
-description=configure a dogtag CA,
-)
-
-setup_kra = Knob(
-bool, False,
-initializable=False,
-description=configure a dogtag KRA,
-)
-
 external_ca = Knob(
 bool, False,
 description=(Generate a CSR for the IPA CA certificate to be signed 
@@ -1163,7 +1151,7 @@ class ServerCA(common.Installable, core.Group, core.Composite):
 external_cert_files = Knob(
 (list, str), None,
 description=(File containing the IPA CA certificate and the external 
- CA certificate chain (can be specified multiple times)),
+ CA certificate chain),
 cli_name='external-cert-file',
 cli_aliases=['external_cert_file', 'external_ca_file'],
 cli_metavar='FILE',
@@ -1308,6 +1296,7 @@ class ServerDNS(common.Installable, core.Group, core.Composite):
 description=(The reverse DNS zone to use. This option can be used 
  multiple times),
 cli_name='reverse-zone',
+cli_metavar='REVERSE_ZONE',
 )
 
 no_reverse = Knob(
@@ -1320,31 +1309,6 @@ class ServerDNS(common.Installable, core.Group, core.Composite):
 description=Disable DNSSEC validation,
 )
 
-dnssec_master = Knob(
-bool, False,
-initializable=False,
-description=Setup server to be DNSSEC key master,
-)
-
-disable_dnssec_master = Knob(
-bool, False,
-initializable=False,
-description=Disable the DNSSEC master on this server,
-)
-
-kasp_db_file = Knob(
-str, None,
-initializable=False,
-description=Copy OpenDNSSEC metadata from the specified file (will 
-not create a new kasp.db file),
-)
-
-force = Knob(
-bool, False,
-initializable=False,
-description=Force install,
-)
-
 zonemgr = Knob(
 str, None,
 description=(DNS zone manager e-mail address. Defaults to 
@@ -1416,7 +1380,6 @@ class Server(common.Installable, common.Interactive, core.Composite):
 master_password = Knob(
 str, None,
 sensitive=True,
-deprecated=True,
 description=kerberos master password (normally autogenerated),
 cli_short_name='P',
 )
@@ -1466,11 +1429,13 @@ class Server(common.Installable, common.Interactive, core.Composite):
 description=(Master Server IP Address. This option can be used 
  multiple times),
 cli_name='ip-address',
+cli_metavar='IP_ADDRESS',
 )
 
 no_ntp = Knob(
 bool, False,
 description=do not configure ntp,
+cli_short_name='N',
 )
 
 idstart = Knob(
@@ -1615,8 +1580,8 @@ class Server(common.Installable, common.Interactive, core.Composite):
 # Automatically disable pkinit w/ dogtag until that is supported
 self.ca.no_pkinit = True
 
-self.setup_ca = self.ca.setup_ca
-self.setup_kra = self.ca.setup_kra
+self.setup_ca = False
+self.setup_kra = False
 self.external_ca = self.ca.external_ca
 self.external_ca_type = self.ca.external_ca_type
 self.external_cert_files = self.ca.external_cert_files
@@ -1639,10 +1604,10 @@ class Server(common.Installable, common.Interactive, core.Composite):
 self.reverse_zones = self.dns.reverse_zones
 self.no_reverse = self.dns.no_reverse
 self.no_dnssec_validation = self.dns.no_dnssec_validation
-self.dnssec_master = self.dns.dnssec_master
-self.disable_dnssec_master = self.dns.disable_dnssec_master
-self.kasp_db_file = self.dns.kasp_db_file
-self.force = self.dns.force
+self.dnssec_master = False
+self.disable_dnssec_master = False
+self.kasp_db_file = None
+self.force = False
 self.zonemgr = self.dns.zonemgr
 self.no_host_dns = self.dns.no_host_dns
 self.no_dns_sshfp = self.dns.no_dns_sshfp
diff --git