On 12/01/2015 04:33 PM, Jan Cholasta wrote:
On 1.12.2015 16:19, Tomas Babej wrote:
On 12/01/2015 08:19 AM, Jan Cholasta wrote:
On 30.11.2015 19:17, Simo Sorce wrote:
On Mon, 2015-11-30 at 12:25 +0100, Tomas Babej wrote:
+ # Perform only if we have the necessary options
+ if not any([installer.admin_password, installer.keytab]):
+ sys.exit("IPA client is not configured on this system.\n"
+ "You must use a replica file or join the system "
+ "either by using by running 'ipa-client-install'. "
+ "Alternatively, you may specify enrollment related
options "
+ "directly, see man ipa-replica-install.")
+
There is a typo "either by using by "
Also this seem to be run in promote_check, so you should not mention
replica files, as promotion can only be run at domain level 1 where
replica files cannot be used.
One more thing from me: admin password should be passed to
ipa-client-install through stdin. Apply the following changes (tested
and working) to make it so:
args.extend(["--hostname", installer.host_name])
if installer.admin_password:
- args.extend(["--password", installer.admin_password])
args.extend(["--principal", installer.principal or
"admin"])
if installer.keytab:
args.extend(["--keytab", installer.keytab])
@@ -792,7 +791,13 @@ def ensure_enrolled(installer):
args.append("--no-sshd")
if installer.mkhomedir:
args.append("--mkhomedir")
- ipautil.run(args)
+
+ if installer.admin_password:
+ stdin = installer.admin_password
+ else:
+ stdin = None
+
+ ipautil.run(args, stdin=stdin)
except Exception as e:
sys.exit("Configuration of client side components failed!\n"
"ipa-client-install returned: " + str(e))
Both Simo's and Jan's suggestions make sense, thanks.
Updated patch attached.
Thank you, ACK.
Pushed to master: 034e76062fd897dc67b5a395735a5471257bfc8b
It would be nice if we could update ipa-replica-install manpage and
document all three different ways to set up a replica
(ipa-replica-install w/ replica file in domain level 0,
ipa-client-install & ipa-replica-install via promotion in domain level
1, single ipa-replica-install w/ client-specific options in domain level 1).
Especially in the latter case it was not obvious to me which options
should I use to set up client and replica in one go without peeking in
the source code.
--
Martin^3 Babinsky
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code