Dne 20.5.2015 v 17:27 Jan Cholasta napsal(a):
Hi,
the attached patch implements the initial bits for
https://fedorahosted.org/freeipa/ticket/2888.
Test by running ipa-client-install and then ipa-replica-install on the
same host.
Updated patch attached.
--
Jan Cholasta
From 55ffe67cdcb1f832a87279a2af31de737333b411 Mon Sep 17 00:00:00 2001
From: Jan Cholasta jchol...@redhat.com
Date: Wed, 20 May 2015 15:20:31 +
Subject: [PATCH] replica-install: Allow install on top of already configured
client
https://fedorahosted.org/freeipa/ticket/2888
---
install/tools/ipa-replica-install | 186 --
ipaserver/install/krbinstance.py | 6 +-
2 files changed, 141 insertions(+), 51 deletions(-)
diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install
index 1df782b..7ce9404 100755
--- a/install/tools/ipa-replica-install
+++ b/install/tools/ipa-replica-install
@@ -24,10 +24,12 @@ import socket
import os, pwd, shutil
from optparse import OptionGroup
from contextlib import contextmanager
+from ConfigParser import RawConfigParser
import dns.resolver
import dns.reversename
import dns.exception
+import SSSDConfig
from ipapython import ipautil
@@ -151,6 +153,24 @@ def parse_options():
elif options.reverse_zones and options.no_reverse:
parser.error(You cannot specify a --reverse-zone option together with --no-reverse)
+client_fstore = sysrestore.FileStore(paths.IPA_CLIENT_SYSRESTORE)
+if client_fstore.has_files():
+if options.mkhomedir:
+parser.error(You cannot specify a --mkhomedir option
+ when IPA client is already configured)
+if options.trust_sshfp:
+parser.error(You cannot specify a --ssh-trust-dns option
+ when IPA client is already configured)
+if not options.conf_ssh:
+parser.error(You cannot specify a --no-ssh option
+ when IPA client is already configured)
+if not options.conf_sshd:
+parser.error(You cannot specify a --no-sshd option
+ when IPA client is already configured)
+if not options.create_sshfp:
+parser.error(You cannot specify a --no-dns-sshfp option
+ when IPA client is already configured)
+
options.zonemgr = None
options.dnssec_master = False
@@ -204,7 +224,7 @@ def install_replica_ds(config):
return ds
-def install_krb(config, setup_pkinit=False):
+def install_krb(config, setup_pkinit=False, client_configured=False):
krb = krbinstance.KrbInstance()
#pkinit files
@@ -214,7 +234,7 @@ def install_krb(config, setup_pkinit=False):
krb.create_replica(config.realm_name,
config.master_host_name, config.host_name,
config.domain_name, config.dirman_password,
- setup_pkinit, pkcs12_info)
+ setup_pkinit, pkcs12_info, None, client_configured)
return krb
@@ -418,11 +438,40 @@ def main():
if not ipautil.file_exists(filename):
sys.exit(Replica file %s does not exist % filename)
+if installutils.is_ipa_configured():
+sys.exit(IPA server is already configured on this system.\n
+ If you want to reinstall the IPA server, please uninstall
+ it first using 'ipa-server-install --uninstall'.)
+
client_fstore = sysrestore.FileStore(paths.IPA_CLIENT_SYSRESTORE)
-if client_fstore.has_files():
-sys.exit(IPA client is already configured on this system.\n +
-Please uninstall it first before configuring the replica, +
-using 'ipa-client-install --uninstall'.)
+client_configured = client_fstore.has_files()
+if client_configured:
+try:
+sssdconfig = SSSDConfig.SSSDConfig()
+sssdconfig.import_config()
+
+domains = sssdconfig.list_active_domains()
+for name in domains:
+domain = sssdconfig.get_domain(name)
+try:
+provider = domain.get_option('id_provider')
+except SSSDConfig.NoOptionError:
+continue
+if provider == 'ipa':
+break
+else:
+raise RuntimeError(IPA domain not configured in SSSD)
+
+if not services.service('sssd').is_enabled():
+raise RuntimeError(SSSD is not enabled)
+
+if not services.service('sssd').is_running():
+raise RuntimeError(SSSD is not running)
+except Exception as e:
+root_logger.error(%s, e)
+sys.exit(SSSD is not configured for IPA client on this system.\n
+ Please uninstall IPA client using 'ipa-client-install
+ --uninstall' and re-run ipa-replica-install.)
global sstore
sstore =