[Freeipa-devel] [PATCH] 616 handle client-install wget failure

[Rob Crittenden]

In the client installer we fetch the CA from the IPA server. Wrap this 
to catch any failures that might occur (like there is an iptables rule 
denying access to the IPA server).

I tested this by shutting down the httpd service on the IPA server and 
running ipa-client-install on a client.

rob
>From 1bef93968eab8aa1d4f165ef5e7f55fee159eafa Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcrit...@redhat.com>
Date: Fri, 19 Nov 2010 23:12:42 -0500
Subject: [PATCH] Handle wget failures trying to retrieve the CA during the client install

ticket 405
---
 ipa-client/ipa-install/ipa-client-install |    6 +++++-
 1 files changed, 5 insertions(+), 1 deletions(-)

diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install
index fa9d275..98fd245 100755
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -618,7 +618,11 @@ def main():
         os.remove("/etc/ipa/ca.crt")
     except:
         pass
-    run(["/usr/bin/wget", "-O", "/etc/ipa/ca.crt", "http://%s/ipa/config/ca.crt"; % cli_server])
+
+    try:
+        run(["/usr/bin/wget", "-O", "/etc/ipa/ca.crt", "http://%s/ipa/config/ca.crt"; % cli_server])
+    except CalledProcessError, e:
+        sys.exit('Retrieving CA from %s failed.\n%s' % (cli_server, str(e)))
 
     if not options.on_master:
         # First test out the kerberos configuration
-- 
1.7.2.1

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel