Martin Kosek wrote:
On Fri, 2011-10-21 at 15:29 -0400, Rob Crittenden wrote:
Rob Crittenden wrote:
We don't need to prohibit existing 389-ds instances when installing IPA,
just that the ports we need are available. Remove this check.
For master only.
rob
Re-based patch against master.
rob
Works ok, I was able to install IPA server next to other dirsrv sitting
on another port. The installation could get to trouble if another DS
would sit on a standard port but would be stopped at the moment, i.e.
ports 389 and 636 would be free. But I think this is a risk we can take.
My only concern is with uninstallation - we shutdown all dirsrv
instances during the process. Thus, in the end the custom dirsrv
instance remains stopped.
Martin
We track state of existing instance installations and restart them if
necessary (though there was a bug preventing this, my patch fixes it).
Instances installed afterward are another matter. This is about the best
we can do. We do our best to restore state but we can only take it so far.
rob
>From ad6e4ce1978c6e037ce75cdcc334a59e8b7b39cc Mon Sep 17 00:00:00 2001
From: Rob Crittenden <[email protected]>
Date: Fri, 21 Oct 2011 15:25:21 -0400
Subject: [PATCH] Don't check for 389-instances.
We no longer need to enforce that no 389-ds instances exist on an IPA
server. Checking that the ports exist should be enough.
This used to be one mechanism we used to check to see if IPA was already
installed. We have a better mechanism now.
https://fedorahosted.org/freeipa/ticket/1735
---
install/tools/ipa-replica-install | 19 -------------------
install/tools/ipa-server-install | 31 ++-----------------------------
ipaserver/install/dsinstance.py | 14 +-------------
3 files changed, 3 insertions(+), 61 deletions(-)
diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install
index c2018f4..da0f28d 100755
--- a/install/tools/ipa-replica-install
+++ b/install/tools/ipa-replica-install
@@ -119,7 +119,6 @@ def set_owner(config, dir):
os.chown(dir, pw.pw_uid, pw.pw_gid)
def install_replica_ds(config):
- dsinstance.check_existing_installation()
dsinstance.check_ports()
# if we have a pkcs12 file, create the cert db from
@@ -249,24 +248,6 @@ def install_dns_records(config, options):
object.__setattr__(api.Backend.ldap2, 'ldap_uri', cur_uri)
def check_dirsrv():
- serverids = dsinstance.check_existing_installation()
- if serverids:
- print ""
- print "An existing Directory Server has been detected."
- if not ipautil.user_input("Do you wish to remove it and create a new one?", False):
- print ""
- print "Only a single Directory Server instance is allowed on an IPA"
- print "server, the one used by IPA itself."
- sys.exit(1)
-
- try:
- ipaservices.knownservices.dirsrv.stop()
- except:
- pass
-
- for serverid in serverids:
- dsinstance.erase_ds_instance_data(serverid)
-
(ds_unsecure, ds_secure) = dsinstance.check_ports()
if not ds_unsecure or not ds_secure:
print "IPA requires ports 389 and 636 for the Directory Server."
diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install
index 4c56b66..961c86c 100755
--- a/install/tools/ipa-server-install
+++ b/install/tools/ipa-server-install
@@ -416,24 +416,6 @@ def read_admin_password():
return admin_password
def check_dirsrv(unattended):
- serverids = dsinstance.check_existing_installation()
- if serverids:
- print ""
- print "An existing Directory Server has been detected."
- if unattended or not user_input("Do you wish to remove it and create a new one?", False):
- print ""
- print "Only a single Directory Server instance is allowed on an IPA"
- print "server, the one used by IPA itself."
- sys.exit(1)
-
- try:
- ipaservices.knownservices.dirsrv.stop()
- except:
- pass
-
- for serverid in serverids:
- dsinstance.erase_ds_instance_data(serverid)
-
(ds_unsecure, ds_secure) = dsinstance.check_ports()
if not ds_unsecure or not ds_secure:
print "IPA requires ports 389 and 636 for the Directory Server."
@@ -505,13 +487,6 @@ def uninstall():
except CalledProcessError, e:
print >>sys.stderr, "Failed to set this machine hostname back to %s (%s)." % (old_hostname, str(e))
- # Now for some sanity checking. Make sure everything was really
- # uninstalled.
- serverids = dsinstance.check_existing_installation()
- if len(serverids):
- rv = 1
- logging.error('IPA cannot be re-installed without removing existing 389-ds instance(s)')
-
if fstore.has_files():
logging.error('Some files have not been restored, see /var/lib/ipa/sysrestore/sysrestore.index')
has_state = False
@@ -690,10 +665,8 @@ def main():
print "To accept the default shown in brackets, press the Enter key."
print ""
- if not options.external_ca and not options.external_cert_file:
- # Let it past if there is an external_cert_file defined on the chance
- # that we are coming in without a cache file.
- check_dirsrv(options.unattended)
+ # Make sure the 389-ds ports are available
+ check_dirsrv(options.unattended)
realm_name = ""
host_name = ""
diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py
index 15de54e..a34522e 100644
--- a/ipaserver/install/dsinstance.py
+++ b/ipaserver/install/dsinstance.py
@@ -90,18 +90,6 @@ def erase_ds_instance_data(serverid):
# except:
# pass
-def check_existing_installation():
- dirs = glob.glob("/etc/dirsrv/slapd-*")
- if not dirs:
- return []
-
- serverids = []
- for d in dirs:
- logging.debug('Found existing 389-ds instance %s' % d)
- serverids.append(os.path.basename(d).split("slapd-", 1)[1])
-
- return serverids
-
def check_ports():
ds_unsecure = installutils.port_available(389)
ds_secure = installutils.port_available(636)
@@ -642,7 +630,7 @@ class DsInstance(service.Service):
self.restore_state('nsslapd-security')
self.restore_state('nsslapd-ldapiautobind')
- if self.restore_state("running"):
+ if running:
self.start()
# we could probably move this function into the service.Service
--
1.7.6.4
_______________________________________________
Freeipa-devel mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/freeipa-devel
