Re: [Freeipa-devel] [PATCH 0012-0013] Improve ipaplatform.constants
On 23.03.2016 13:14, David Kupka wrote:
On 23/03/16 07:17, Timo Aaltonen wrote:
22.03.2016, 21:10, Timo Aaltonen kirjoitti:
18.03.2016, 12:30, Timo Aaltonen kirjoitti:
Fix some hardcoded uid/gid strings to help with porting.
rebased and simplified against current master.
bah, the second patch needs to use constants.{ODS_USER,ODS_GROUP} now.
Hello, thanks for the patches. I've done few minor changes:
- using constants.ODS_{USER,GROUP} in second patch as you've mentioned
- added ticket URL to commit messages for future reference
- rebased the first patch to ipa-4-3 branch
Now it works for me, ACK.
Pushed to:
ipa-4-3:
* 813dde8ef15f2f16bb0b3451f2b96e16fbbe30ba ipaplatform: Move remaining
user/group constants to ipaplatform.constants.
* 13e9af3b6f85127645eee17f8fab0e8e60169a4b Use ODS_USER/ODS_GROUP in
opendnssec_conf.template
master:
* 2a2d63669d740396eabc6f46906b8625f001ad3c ipaplatform: Move remaining
user/group constants to ipaplatform.constants.
* f761051411a83dc15a97c53309cc08652a24d80a Use ODS_USER/ODS_GROUP in
opendnssec_conf.template
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Re: [Freeipa-devel] [PATCH 0012-0013] Improve ipaplatform.constants
On 23/03/16 07:17, Timo Aaltonen wrote:
22.03.2016, 21:10, Timo Aaltonen kirjoitti:
18.03.2016, 12:30, Timo Aaltonen kirjoitti:
Fix some hardcoded uid/gid strings to help with porting.
rebased and simplified against current master.
bah, the second patch needs to use constants.{ODS_USER,ODS_GROUP} now.
Hello, thanks for the patches. I've done few minor changes:
- using constants.ODS_{USER,GROUP} in second patch as you've mentioned
- added ticket URL to commit messages for future reference
- rebased the first patch to ipa-4-3 branch
Now it works for me, ACK.
--
David Kupka
--
David Kupka
From f8d4597106c06bec40c8c232671e2b8e7ba55203 Mon Sep 17 00:00:00 2001
From: Timo Aaltonen
Date: Fri, 18 Mar 2016 12:22:33 +0200
Subject: [PATCH 1/3] ipaplatform: Move remaining user/group constants to
ipaplatform.constants.
Use ipaplatform.constants in every corner instead of importing other bits or calling
some platform specific things, and remove most of the remaining hardcoded uid's.
https://fedorahosted.org/freeipa/ticket/5343
---
install/oddjob/com.redhat.idm.trust-fetch-domains | 3 ++-
ipaplatform/base/constants.py | 5 +
ipaplatform/base/services.py | 12 ---
ipaplatform/redhat/services.py| 26 ---
ipaserver/install/bindinstance.py | 2 +-
ipaserver/install/dns.py | 4 ++--
ipaserver/install/dnskeysyncinstance.py | 9
ipaserver/install/dogtaginstance.py | 1 -
ipaserver/install/httpinstance.py | 2 +-
ipaserver/install/odsexporterinstance.py | 5 +++--
ipaserver/install/opendnssecinstance.py | 15 +++--
11 files changed, 27 insertions(+), 57 deletions(-)
diff --git a/install/oddjob/com.redhat.idm.trust-fetch-domains b/install/oddjob/com.redhat.idm.trust-fetch-domains
index ea82e086ef5bade9be3b9f30ae50504c4fcd5db7..4c50c43065b365e7997f222d5e72041dfd32e034 100755
--- a/install/oddjob/com.redhat.idm.trust-fetch-domains
+++ b/install/oddjob/com.redhat.idm.trust-fetch-domains
@@ -8,6 +8,7 @@ from ipapython.dn import DN
from ipalib.config import Env
from ipalib.constants import DEFAULT_CONFIG
from ipapython.ipautil import kinit_keytab
+from ipaplatform.constants import constants
import sys
import os, pwd
@@ -30,7 +31,7 @@ def retrieve_keytab(api, ccache_name, oneway_keytab_name, oneway_principal):
raiseonerr=False)
# Make sure SSSD is able to read the keytab
try:
-sssd = pwd.getpwnam('sssd')
+sssd = pwd.getpwnam(constants.SSSD_USER)
os.chown(oneway_keytab_name, sssd[2], sssd[3])
except KeyError as e:
# If user 'sssd' does not exist, we don't need to chown from root to sssd
diff --git a/ipaplatform/base/constants.py b/ipaplatform/base/constants.py
index 52af12429d090dcc0d7eed14b76e8b651360f283..3e1c4c6f761444bf1e8d527691aa53282e46f17e 100644
--- a/ipaplatform/base/constants.py
+++ b/ipaplatform/base/constants.py
@@ -12,12 +12,17 @@ class BaseConstantsNamespace(object):
DS_GROUP = 'dirsrv'
HTTPD_USER = "apache"
IPA_DNS_PACKAGE_NAME = "freeipa-server-dns"
+KDCPROXY_USER = "kdcproxy"
NAMED_USER = "named"
+NAMED_GROUP = "named"
PKI_USER = 'pkiuser'
PKI_GROUP = 'pkiuser'
# ntpd init variable used for daemon options
NTPD_OPTS_VAR = "OPTIONS"
# quote used for daemon options
NTPD_OPTS_QUOTE = "\""
+ODS_USER = "ods"
+ODS_GROUP = "ods"
# nfsd init variable used to enable kerberized NFS
SECURE_NFS_VAR = "SECURE_NFS"
+SSSD_USER = "sssd"
diff --git a/ipaplatform/base/services.py b/ipaplatform/base/services.py
index 2ec84cdb21607cb51df6ad5fcd2ae515898bee44..9c1b30c0b3c536a58627d6a12f4632dfa4be5c6a 100644
--- a/ipaplatform/base/services.py
+++ b/ipaplatform/base/services.py
@@ -181,18 +181,6 @@ class PlatformService(object):
def get_config_dir(self, instance_name=""):
return
-def get_user_name(self, instance_name=""):
-return
-
-def get_group_name(self, instance_name=""):
-return
-
-def get_binary_path(self):
-return
-
-def get_package_name(self):
-return
-
class SystemdService(PlatformService):
SYSTEMD_SRV_TARGET = "%s.target.wants"
diff --git a/ipaplatform/redhat/services.py b/ipaplatform/redhat/services.py
index ca2a9481ef46b1dc22d898a583ed0fef98e306e1..4774dbf0deb3df50e1a3284353e47b2fb0bebc75 100644
--- a/ipaplatform/redhat/services.py
+++ b/ipaplatform/redhat/services.py
@@ -247,28 +247,6 @@ class RedHatCAService(RedHatService):
self.wait_until_running()
-class RedHatNamedService(RedHatService):
-def get_user_name(self):
-return u'named'
-
-def get_group_name(self):
-return u'named'
-
-def get_binary_path(self):
-return paths.NAMED_PKCS11
-
-def get_package_name(self):
-return u"bind-pkcs11"
-
-
-class RedHatODSEn
Re: [Freeipa-devel] [PATCH 0012-0013] Improve ipaplatform.constants
22.03.2016, 21:10, Timo Aaltonen kirjoitti:
> 18.03.2016, 12:30, Timo Aaltonen kirjoitti:
>>
>> Fix some hardcoded uid/gid strings to help with porting.
>
> rebased and simplified against current master.
bah, the second patch needs to use constants.{ODS_USER,ODS_GROUP} now.
--
t
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Re: [Freeipa-devel] [PATCH 0012-0013] Improve ipaplatform.constants
18.03.2016, 12:30, Timo Aaltonen kirjoitti:
>
> Fix some hardcoded uid/gid strings to help with porting.
rebased and simplified against current master.
--
t
From 424d3cf28f92a624b9970701a341dfa26370f616 Mon Sep 17 00:00:00 2001
From: Timo Aaltonen
Date: Fri, 18 Mar 2016 12:22:33 +0200
Subject: [PATCH] ipaplatform: Move remaining user/group constants to
ipaplatform.constants.
Use ipaplatform.constants in every corner instead of importing other bits or calling
some platform specific things, and remove most of the remaining hardcoded uid's.
---
install/oddjob/com.redhat.idm.trust-fetch-domains | 3 ++-
ipaplatform/base/constants.py | 5 +
ipaplatform/base/services.py | 12 ---
ipaplatform/redhat/services.py| 26 ---
ipaserver/install/bindinstance.py | 2 +-
ipaserver/install/dns.py | 4 ++--
ipaserver/install/dnskeysyncinstance.py | 9
ipaserver/install/dogtaginstance.py | 1 -
ipaserver/install/httpinstance.py | 2 +-
ipaserver/install/odsexporterinstance.py | 5 +++--
ipaserver/install/opendnssecinstance.py | 15 +++--
11 files changed, 27 insertions(+), 57 deletions(-)
diff --git a/install/oddjob/com.redhat.idm.trust-fetch-domains b/install/oddjob/com.redhat.idm.trust-fetch-domains
index 6e8bfc6..7c70c41 100755
--- a/install/oddjob/com.redhat.idm.trust-fetch-domains
+++ b/install/oddjob/com.redhat.idm.trust-fetch-domains
@@ -8,6 +8,7 @@ from ipapython.dn import DN
from ipalib.config import Env
from ipalib.constants import DEFAULT_CONFIG
from ipapython.ipautil import kinit_keytab
+from ipaplatform.constants import constants
import sys
import os
import pwd
@@ -31,7 +32,7 @@ def retrieve_keytab(api, ccache_name, oneway_keytab_name, oneway_principal):
raiseonerr=False)
# Make sure SSSD is able to read the keytab
try:
-sssd = pwd.getpwnam('sssd')
+sssd = pwd.getpwnam(constants.SSSD_USER)
os.chown(oneway_keytab_name, sssd[2], sssd[3])
except KeyError as e:
# If user 'sssd' does not exist, we don't need to chown from root to sssd
diff --git a/ipaplatform/base/constants.py b/ipaplatform/base/constants.py
index 52af124..3e1c4c6 100644
--- a/ipaplatform/base/constants.py
+++ b/ipaplatform/base/constants.py
@@ -12,12 +12,17 @@ class BaseConstantsNamespace(object):
DS_GROUP = 'dirsrv'
HTTPD_USER = "apache"
IPA_DNS_PACKAGE_NAME = "freeipa-server-dns"
+KDCPROXY_USER = "kdcproxy"
NAMED_USER = "named"
+NAMED_GROUP = "named"
PKI_USER = 'pkiuser'
PKI_GROUP = 'pkiuser'
# ntpd init variable used for daemon options
NTPD_OPTS_VAR = "OPTIONS"
# quote used for daemon options
NTPD_OPTS_QUOTE = "\""
+ODS_USER = "ods"
+ODS_GROUP = "ods"
# nfsd init variable used to enable kerberized NFS
SECURE_NFS_VAR = "SECURE_NFS"
+SSSD_USER = "sssd"
diff --git a/ipaplatform/base/services.py b/ipaplatform/base/services.py
index 11d0c2a..641a654 100644
--- a/ipaplatform/base/services.py
+++ b/ipaplatform/base/services.py
@@ -181,18 +181,6 @@ class PlatformService(object):
def get_config_dir(self, instance_name=""):
return
-def get_user_name(self, instance_name=""):
-return
-
-def get_group_name(self, instance_name=""):
-return
-
-def get_binary_path(self):
-return
-
-def get_package_name(self):
-return
-
class SystemdService(PlatformService):
SYSTEMD_SRV_TARGET = "%s.target.wants"
diff --git a/ipaplatform/redhat/services.py b/ipaplatform/redhat/services.py
index 3c18dbc..92dae45 100644
--- a/ipaplatform/redhat/services.py
+++ b/ipaplatform/redhat/services.py
@@ -223,28 +223,6 @@ class RedHatCAService(RedHatService):
self.wait_until_running()
-class RedHatNamedService(RedHatService):
-def get_user_name(self):
-return u'named'
-
-def get_group_name(self):
-return u'named'
-
-def get_binary_path(self):
-return paths.NAMED_PKCS11
-
-def get_package_name(self):
-return u"bind-pkcs11"
-
-
-class RedHatODSEnforcerdService(RedHatService):
-def get_user_name(self):
-return u'ods'
-
-def get_group_name(self):
-return u'ods'
-
-
# Function that constructs proper Red Hat OS family-specific server classes for
# services of specified name
@@ -257,10 +235,6 @@ def redhat_service_class_factory(name):
return RedHatSSHService(name)
if name in ('pki-tomcatd', 'pki_tomcatd'):
return RedHatCAService(name)
-if name == 'named':
-return RedHatNamedService(name)
-if name in ('ods-enforcerd', 'ods_enforcerd'):
-return RedHatODSEnforcerdService(name)
return RedHatService(name)
diff --git a/ipaserver/install/bindinstance.py b/ipaserver/install/bindinstance.py
index f7d5be4..0b451e5 1006
Re: [Freeipa-devel] [PATCH 0012-0013] Improve ipaplatform.constants
On 18.03.2016 11:30, Timo Aaltonen wrote: Fix some hardcoded uid/gid strings to help with porting. Please note this is part of: https://fedorahosted.org/freeipa/ticket/5343 and ticket should be added to commits before push -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
