On 26.10.2015 10:35, Martin Babinsky wrote:
On 10/23/2015 05:18 PM, Martin Basti wrote:
On 23.10.2015 15:15, Martin Babinsky wrote:
On 10/23/2015 03:12 PM, Martin Babinsky wrote:
On 10/16/2015 12:41 PM, Martin Basti wrote:
https://fedorahosted.org/freeipa/ticket/5345
Patch attached.
I have tested it on 4-2 branch and it works as expected, ACK.
Obviously, master branch would require a different patch.
I actually missed your check in ipaserver/install/kra.py which can
break ipa-replica-install with --setup-kra, so NACK.
Updated patches attached.
NACK on the master-branch patch.
You forgot a 'return' in this code snippet:
+ if self.installing_replica:
+ domain_level = dsinstance.get_domain_level(api)
+ if domain_level > DOMAIN_LEVEL_0:
+ self.options.promote = True
+ return
that would make installation abort when domain level is greter than zero.
Updated patch attached.
From 1829177623561a239c20eb029ed84d1576a59d01 Mon Sep 17 00:00:00 2001
From: Martin Basti <mba...@redhat.com>
Date: Fri, 23 Oct 2015 14:15:00 +0200
Subject: [PATCH] KRA: fix check that CA is installed
https://fedorahosted.org/freeipa/ticket/5345
---
ipaserver/install/ipa_kra_install.py | 42 ++++++++++++++++++++----------------
1 file changed, 24 insertions(+), 18 deletions(-)
diff --git a/ipaserver/install/ipa_kra_install.py b/ipaserver/install/ipa_kra_install.py
index 1ae361edc3df3c572a5a8d6900ba5425300443c1..add8250d4dabfa0cb88ea7c1c291955691b3f22b 100755
--- a/ipaserver/install/ipa_kra_install.py
+++ b/ipaserver/install/ipa_kra_install.py
@@ -32,6 +32,7 @@ from ipapython import dogtag
from ipapython import ipautil
from ipapython.dn import DN
from ipaserver.install import service
+from ipaserver.install import cainstance
from ipaserver.install import krainstance
from ipaserver.install import dsinstance
from ipaserver.install import installutils
@@ -134,28 +135,13 @@ class KRAInstaller(KRAInstall):
" in unattended mode"
)
- self.installing_replica = dogtaginstance.is_installing_replica("KRA")
- self.options.promote = False
-
- if self.installing_replica:
- domain_level = dsinstance.get_domain_level(api)
- if domain_level > DOMAIN_LEVEL_0:
- self.options.promote = True
- return
-
- if not self.args:
- self.option_parser.error("A replica file is required.")
- if len(self.args) > 1:
- self.option_parser.error("Too many arguments provided")
-
+ if len(self.args) > 1:
+ self.option_parser.error("Too many arguments provided")
+ elif len(self.args) == 1:
self.replica_file = self.args[0]
if not ipautil.file_exists(self.replica_file):
self.option_parser.error(
"Replica file %s does not exist" % self.replica_file)
- else:
- if self.args:
- self.option_parser.error("Too many parameters provided. "
- "No replica file is required.")
def ask_for_options(self):
super(KRAInstaller, self).ask_for_options()
@@ -170,6 +156,26 @@ class KRAInstaller(KRAInstall):
def _run(self):
super(KRAInstaller, self).run()
+
+ if not cainstance.is_ca_installed_locally():
+ raise RuntimeError("Dogtag CA is not installed. "
+ "Please install the CA first")
+
+ # this check can be done only when CA is installed
+ self.installing_replica = dogtaginstance.is_installing_replica("KRA")
+ self.options.promote = False
+
+ if self.installing_replica:
+ domain_level = dsinstance.get_domain_level(api)
+ if domain_level > DOMAIN_LEVEL_0:
+ self.options.promote = True
+ elif not self.args:
+ raise RuntimeError("A replica file is required.")
+ else:
+ if self.args:
+ raise RuntimeError("Too many parameters provided. "
+ "No replica file is required.")
+
print(dedent(self.INSTALLER_START_MESSAGE))
self.options.dm_password = self.options.password
--
2.4.3
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
