On 23.10.2015 15:15, Martin Babinsky wrote:
On 10/23/2015 03:12 PM, Martin Babinsky wrote:
On 10/16/2015 12:41 PM, Martin Basti wrote:
https://fedorahosted.org/freeipa/ticket/5345
Patch attached.
I have tested it on 4-2 branch and it works as expected, ACK.
Obviously, master branch would require a different patch.
I actually missed your check in ipaserver/install/kra.py which can
break ipa-replica-install with --setup-kra, so NACK.
Updated patches attached.
From abdd60a9393df4100dd42097600a8aa8879ec880 Mon Sep 17 00:00:00 2001
From: Martin Basti <mba...@redhat.com>
Date: Fri, 23 Oct 2015 14:15:00 +0200
Subject: [PATCH] KRA: fix check that CA is installed
https://fedorahosted.org/freeipa/ticket/5345
---
ipaserver/install/ipa_kra_install.py | 32 ++++++++++++++++++++------------
1 file changed, 20 insertions(+), 12 deletions(-)
diff --git a/ipaserver/install/ipa_kra_install.py b/ipaserver/install/ipa_kra_install.py
index d75a2427352851fecc045707a8cf73f99d05843b..1ac2ae06dc89325d29b35a040c5c28e9d1048bf2 100644
--- a/ipaserver/install/ipa_kra_install.py
+++ b/ipaserver/install/ipa_kra_install.py
@@ -26,6 +26,7 @@ from ipapython import admintool
from ipapython import dogtag
from ipapython import ipautil
from ipapython.dn import DN
+from ipaserver.install import cainstance
from ipaserver.install import krainstance
from ipaserver.install import installutils
from ipaserver.install.installutils import create_replica_config
@@ -126,22 +127,13 @@ class KRAInstaller(KRAInstall):
" in unattended mode"
)
- self.installing_replica = dogtaginstance.is_installing_replica("KRA")
-
- if self.installing_replica:
- if not self.args:
- self.option_parser.error("A replica file is required.")
- if len(self.args) > 1:
- self.option_parser.error("Too many arguments provided")
-
+ if len(self.args) > 1:
+ self.option_parser.error("Too many arguments provided")
+ elif len(self.args) == 1:
self.replica_file = self.args[0]
if not ipautil.file_exists(self.replica_file):
self.option_parser.error(
"Replica file %s does not exist" % self.replica_file)
- else:
- if self.args:
- self.option_parser.error("Too many parameters provided. "
- "No replica file is required.")
def ask_for_options(self):
super(KRAInstaller, self).ask_for_options()
@@ -156,6 +148,22 @@ class KRAInstaller(KRAInstall):
def _run(self):
super(KRAInstaller, self).run()
+
+ if not cainstance.is_ca_installed_locally():
+ raise RuntimeError("Dogtag CA is not installed. "
+ "Please install the CA first")
+
+ # this check can be done only when CA is installed
+ self.installing_replica = dogtaginstance.is_installing_replica("KRA")
+
+ if self.installing_replica:
+ if not self.args:
+ raise RuntimeError("A replica file is required.")
+ else:
+ if self.args:
+ raise RuntimeError("Too many parameters provided. "
+ "No replica file is required.")
+
print dedent(self.INSTALLER_START_MESSAGE)
if not self.installing_replica:
--
2.4.3
From d4e2841ebb0bba85429f781a2e5780ed8dba140a Mon Sep 17 00:00:00 2001
From: Martin Basti <mba...@redhat.com>
Date: Fri, 23 Oct 2015 14:15:00 +0200
Subject: [PATCH] KRA: fix check that CA is installed
https://fedorahosted.org/freeipa/ticket/5345
---
ipaserver/install/ipa_kra_install.py | 44 +++++++++++++++++++++---------------
1 file changed, 26 insertions(+), 18 deletions(-)
diff --git a/ipaserver/install/ipa_kra_install.py b/ipaserver/install/ipa_kra_install.py
index 1ae361edc3df3c572a5a8d6900ba5425300443c1..c1d0e04d29a12ac89838b3e31c1c7b7ff6796d79 100755
--- a/ipaserver/install/ipa_kra_install.py
+++ b/ipaserver/install/ipa_kra_install.py
@@ -32,6 +32,7 @@ from ipapython import dogtag
from ipapython import ipautil
from ipapython.dn import DN
from ipaserver.install import service
+from ipaserver.install import cainstance
from ipaserver.install import krainstance
from ipaserver.install import dsinstance
from ipaserver.install import installutils
@@ -134,28 +135,13 @@ class KRAInstaller(KRAInstall):
" in unattended mode"
)
- self.installing_replica = dogtaginstance.is_installing_replica("KRA")
- self.options.promote = False
-
- if self.installing_replica:
- domain_level = dsinstance.get_domain_level(api)
- if domain_level > DOMAIN_LEVEL_0:
- self.options.promote = True
- return
-
- if not self.args:
- self.option_parser.error("A replica file is required.")
- if len(self.args) > 1:
- self.option_parser.error("Too many arguments provided")
-
+ if len(self.args) > 1:
+ self.option_parser.error("Too many arguments provided")
+ elif len(self.args) == 1:
self.replica_file = self.args[0]
if not ipautil.file_exists(self.replica_file):
self.option_parser.error(
"Replica file %s does not exist" % self.replica_file)
- else:
- if self.args:
- self.option_parser.error("Too many parameters provided. "
- "No replica file is required.")
def ask_for_options(self):
super(KRAInstaller, self).ask_for_options()
@@ -170,6 +156,28 @@ class KRAInstaller(KRAInstall):
def _run(self):
super(KRAInstaller, self).run()
+
+ if not cainstance.is_ca_installed_locally():
+ raise RuntimeError("Dogtag CA is not installed. "
+ "Please install the CA first")
+
+ # this check can be done only when CA is installed
+ self.installing_replica = dogtaginstance.is_installing_replica("KRA")
+ self.options.promote = False
+
+ if self.installing_replica:
+ domain_level = dsinstance.get_domain_level(api)
+ if domain_level > DOMAIN_LEVEL_0:
+ self.options.promote = True
+ return
+
+ if not self.args:
+ raise RuntimeError("A replica file is required.")
+ else:
+ if self.args:
+ raise RuntimeError("Too many parameters provided. "
+ "No replica file is required.")
+
print(dedent(self.INSTALLER_START_MESSAGE))
self.options.dm_password = self.options.password
--
2.4.3
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
