Hi,
the attached patch fixes https://fedorahosted.org/freeipa/ticket/5184.
Honza
--
Jan Cholasta
From f1011015be39e58564f7c3b84ddcc3e7fd04e157 Mon Sep 17 00:00:00 2001
From: Jan Cholasta jchol...@redhat.com
Date: Wed, 12 Aug 2015 07:49:53 +0200
Subject: [PATCH] install: Fix server and replica install options
https://fedorahosted.org/freeipa/ticket/5184
---
ipaserver/install/server/install.py| 55 ++
ipaserver/install/server/replicainstall.py | 36 ---
2 files changed, 17 insertions(+), 74 deletions(-)
diff --git a/ipaserver/install/server/install.py b/ipaserver/install/server/install.py
index 015050a..2ef1876 100644
--- a/ipaserver/install/server/install.py
+++ b/ipaserver/install/server/install.py
@@ -1137,18 +1137,6 @@ def uninstall(installer):
class ServerCA(common.Installable, core.Group, core.Composite):
description = certificate system
-setup_ca = Knob(
-bool, False,
-initializable=False,
-description=configure a dogtag CA,
-)
-
-setup_kra = Knob(
-bool, False,
-initializable=False,
-description=configure a dogtag KRA,
-)
-
external_ca = Knob(
bool, False,
description=(Generate a CSR for the IPA CA certificate to be signed
@@ -1163,7 +1151,7 @@ class ServerCA(common.Installable, core.Group, core.Composite):
external_cert_files = Knob(
(list, str), None,
description=(File containing the IPA CA certificate and the external
- CA certificate chain (can be specified multiple times)),
+ CA certificate chain),
cli_name='external-cert-file',
cli_aliases=['external_cert_file', 'external_ca_file'],
cli_metavar='FILE',
@@ -1308,6 +1296,7 @@ class ServerDNS(common.Installable, core.Group, core.Composite):
description=(The reverse DNS zone to use. This option can be used
multiple times),
cli_name='reverse-zone',
+cli_metavar='REVERSE_ZONE',
)
no_reverse = Knob(
@@ -1320,31 +1309,6 @@ class ServerDNS(common.Installable, core.Group, core.Composite):
description=Disable DNSSEC validation,
)
-dnssec_master = Knob(
-bool, False,
-initializable=False,
-description=Setup server to be DNSSEC key master,
-)
-
-disable_dnssec_master = Knob(
-bool, False,
-initializable=False,
-description=Disable the DNSSEC master on this server,
-)
-
-kasp_db_file = Knob(
-str, None,
-initializable=False,
-description=Copy OpenDNSSEC metadata from the specified file (will
-not create a new kasp.db file),
-)
-
-force = Knob(
-bool, False,
-initializable=False,
-description=Force install,
-)
-
zonemgr = Knob(
str, None,
description=(DNS zone manager e-mail address. Defaults to
@@ -1416,7 +1380,6 @@ class Server(common.Installable, common.Interactive, core.Composite):
master_password = Knob(
str, None,
sensitive=True,
-deprecated=True,
description=kerberos master password (normally autogenerated),
cli_short_name='P',
)
@@ -1466,11 +1429,13 @@ class Server(common.Installable, common.Interactive, core.Composite):
description=(Master Server IP Address. This option can be used
multiple times),
cli_name='ip-address',
+cli_metavar='IP_ADDRESS',
)
no_ntp = Knob(
bool, False,
description=do not configure ntp,
+cli_short_name='N',
)
idstart = Knob(
@@ -1615,8 +1580,8 @@ class Server(common.Installable, common.Interactive, core.Composite):
# Automatically disable pkinit w/ dogtag until that is supported
self.ca.no_pkinit = True
-self.setup_ca = self.ca.setup_ca
-self.setup_kra = self.ca.setup_kra
+self.setup_ca = False
+self.setup_kra = False
self.external_ca = self.ca.external_ca
self.external_ca_type = self.ca.external_ca_type
self.external_cert_files = self.ca.external_cert_files
@@ -1639,10 +1604,10 @@ class Server(common.Installable, common.Interactive, core.Composite):
self.reverse_zones = self.dns.reverse_zones
self.no_reverse = self.dns.no_reverse
self.no_dnssec_validation = self.dns.no_dnssec_validation
-self.dnssec_master = self.dns.dnssec_master
-self.disable_dnssec_master = self.dns.disable_dnssec_master
-self.kasp_db_file = self.dns.kasp_db_file
-self.force = self.dns.force
+self.dnssec_master = False
+self.disable_dnssec_master = False
+self.kasp_db_file = None
+self.force = False
self.zonemgr = self.dns.zonemgr
self.no_host_dns = self.dns.no_host_dns
self.no_dns_sshfp = self.dns.no_dns_sshfp
diff --git