Re: [Freeipa-devel] [PATCH 0006] Improves sssd.conf handling during ipa-client uninstall
On 09/18/2012 11:21 AM, Tomas Babej wrote:
On 09/12/2012 05:29 PM, Martin Kosek wrote:
On 08/29/2012 02:54 PM, Tomas Babej wrote:
On 08/27/2012 04:55 PM, Martin Kosek wrote:
On 08/27/2012 03:37 PM, Jakub Hrozek wrote:
On Mon, Aug 27, 2012 at 02:57:44PM +0200, Martin Kosek wrote:
I think that the right behavior of SSSD conf uninstall should be the
following:
* sssd.conf existed before IPA install + non-IPA domains in sssd.conf
found:
- move backed conf up sssd.conf.bkp (and inform the user)
- use SSSDConfig delete_domain function to remove ipa domain from
sssd.conf
- restart sssd afterwards
I'm confused here, which of the files is the original
pre-ipa-client-install file?
This is the backed up sssd.conf. I thought that it may be useful for
user to
still have an access to it after uninstall.
How does the non-ipa domain end up in the sssd.conf file? Does it have
to be configured manually or does ipa-client-install merge the list of
domains on installation?
ipa-client-install merge the list of the domains. It overrides the old
sssd.conf only when we cannot parse the sssd.conf and --preserve-sssd
option
was not set.
Martin
Hi,
The sssd.conf file is no longer left behind in case sssd was not
configured before the installation. However, the patch goes behind
the scope of this ticked and improves the handling of sssd.conf
during the ipa-client-install --uninstall in general.
The current behaviour (well documented in source code) is as follows:
- In general, the IPA domain is simply removed from the sssd.conf
file, instead of sssd.conf being rewritten from the backup. This
preserves any domains added after installation.
- If sssd.conf existed before the installation, it is restored to
sssd.conf.bkp. However, any IPA domains from pre-installation
sssd.conf should have been merged during the installation.
- If sssd.conf did not exist before the installation, and no other
domains than IPA domain exist in it, the patch makes sure that
sssd.conf is moved to sssd.conf.deleted so user experiences no
crash during any next installation due to its existence.
https://fedorahosted.org/freeipa/ticket/2740
Tomas
Good job, SSSD uninstall process now looks more consistent and better
documented. I just found the following (mainly minor) issues. Comments in the
patch:
diff --git a/ipa-client/ipa-install/ipa-client-install
b/ipa-client/ipa-install/ipa-client-install
index
2e65921e8de2dfe68443f5b5875954d71dd48ed2..c5cef15e1fb3a3e1d7cfd070f4288d3839accfc8
100755
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -183,6 +183,36 @@ def nssldap_exists():
return (retval, files_found)
+# helper function for uninstall
+# deletes IPA domain from sssd.conf
+def delete_IPA_domain():
Function names should be lowercase - delete_ipa_domain
+sssd = ipaservices.service('sssd')
+try:
+sssdconfig = SSSDConfig.SSSDConfig()
+sssdconfig.import_config()
+domains = sssdconfig.list_active_domains()
+
+IPA_domain_name = None
Variables should be lowercase - ipa_domain_name
+
+for name in domains:
+domain = sssdconfig.get_domain(name)
+try:
+provider = domain.get_option('id_provider')
+if provider == ipa:
+IPA_domain_name = name
+break
+except SSSDConfig.NoOptionError:
+continue
+
+if IPA_domain_name != None:
Do not use != with None, True, False - use is not None.
+sssdconfig.delete_domain(IPA_domain_name)
+sssdconfig.write()
+else:
+root_logger.warning(IPA domain could not be found in +
+sssd.conf and therefore not deleted)
+except IOError:
+root_logger.warning(IPA domain could not be deleted. No access to
the
sssd.conf file.)
There should be full path to sssd.conf in this error message. It is very
useful
sometimes.
+
def uninstall(options, env):
if not fstore.has_files():
@@ -212,7 +242,12 @@ def uninstall(options, env):
sssdconfig = SSSDConfig.SSSDConfig()
sssdconfig.import_config()
domains = sssdconfig.list_active_domains()
-if len(domains) 1:
+all_domains = sssdconfig.list_domains()
+
+# we consider all the domains, because handling sssd.conf
+# during uninstall is dependant on was_sssd_configured flag
+# so the user does not lose info about inactive domains
+if len(all_domains) 1:
# There was more than IPA domain configured
was_sssd_configured = True
for name in domains:
@@ -349,6 +384,62 @@ def uninstall(options, env):
Failed to remove krb5/LDAP configuration: %s, str(e))
return
Re: [Freeipa-devel] [PATCH 0006] Improves sssd.conf handling during ipa-client uninstall
On 09/20/2012 02:42 PM, Martin Kosek wrote:
On 09/18/2012 11:21 AM, Tomas Babej wrote:
On 09/12/2012 05:29 PM, Martin Kosek wrote:
On 08/29/2012 02:54 PM, Tomas Babej wrote:
On 08/27/2012 04:55 PM, Martin Kosek wrote:
On 08/27/2012 03:37 PM, Jakub Hrozek wrote:
On Mon, Aug 27, 2012 at 02:57:44PM +0200, Martin Kosek wrote:
I think that the right behavior of SSSD conf uninstall should be the
following:
* sssd.conf existed before IPA install + non-IPA domains in sssd.conf found:
- move backed conf up sssd.conf.bkp (and inform the user)
- use SSSDConfig delete_domain function to remove ipa domain from
sssd.conf
- restart sssd afterwards
I'm confused here, which of the files is the original
pre-ipa-client-install file?
This is the backed up sssd.conf. I thought that it may be useful for user to
still have an access to it after uninstall.
How does the non-ipa domain end up in the sssd.conf file? Does it have
to be configured manually or does ipa-client-install merge the list of
domains on installation?
ipa-client-install merge the list of the domains. It overrides the old
sssd.conf only when we cannot parse the sssd.conf and --preserve-sssd option
was not set.
Martin
Hi,
The sssd.conf file is no longer left behind in case sssd was not
configured before the installation. However, the patch goes behind
the scope of this ticked and improves the handling of sssd.conf
during the ipa-client-install --uninstall in general.
The current behaviour (well documented in source code) is as follows:
- In general, the IPA domain is simply removed from the sssd.conf
file, instead of sssd.conf being rewritten from the backup. This
preserves any domains added after installation.
- If sssd.conf existed before the installation, it is restored to
sssd.conf.bkp. However, any IPA domains from pre-installation
sssd.conf should have been merged during the installation.
- If sssd.conf did not exist before the installation, and no other
domains than IPA domain exist in it, the patch makes sure that
sssd.conf is moved to sssd.conf.deleted so user experiences no
crash during any next installation due to its existence.
https://fedorahosted.org/freeipa/ticket/2740
Tomas
Good job, SSSD uninstall process now looks more consistent and better
documented. I just found the following (mainly minor) issues. Comments in the
patch:
diff --git a/ipa-client/ipa-install/ipa-client-install
b/ipa-client/ipa-install/ipa-client-install
index
2e65921e8de2dfe68443f5b5875954d71dd48ed2..c5cef15e1fb3a3e1d7cfd070f4288d3839accfc8
100755
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -183,6 +183,36 @@ def nssldap_exists():
return (retval, files_found)
+# helper function for uninstall
+# deletes IPA domain from sssd.conf
+def delete_IPA_domain():
Function names should be lowercase - delete_ipa_domain
+sssd = ipaservices.service('sssd')
+try:
+sssdconfig = SSSDConfig.SSSDConfig()
+sssdconfig.import_config()
+domains = sssdconfig.list_active_domains()
+
+IPA_domain_name = None
Variables should be lowercase - ipa_domain_name
+
+for name in domains:
+domain = sssdconfig.get_domain(name)
+try:
+provider = domain.get_option('id_provider')
+if provider == ipa:
+IPA_domain_name = name
+break
+except SSSDConfig.NoOptionError:
+continue
+
+if IPA_domain_name != None:
Do not use != with None, True, False - use is not None.
+sssdconfig.delete_domain(IPA_domain_name)
+sssdconfig.write()
+else:
+root_logger.warning(IPA domain could not be found in +
+sssd.conf and therefore not deleted)
+except IOError:
+root_logger.warning(IPA domain could not be deleted. No access to the
sssd.conf file.)
There should be full path to sssd.conf in this error message. It is very useful
sometimes.
+
def uninstall(options, env):
if not fstore.has_files():
@@ -212,7 +242,12 @@ def uninstall(options, env):
sssdconfig = SSSDConfig.SSSDConfig()
sssdconfig.import_config()
domains = sssdconfig.list_active_domains()
-if len(domains) 1:
+all_domains = sssdconfig.list_domains()
+
+# we consider all the domains, because handling sssd.conf
+# during uninstall is dependant on was_sssd_configured flag
+# so the user does not lose info about inactive domains
+if len(all_domains) 1:
# There was more than IPA domain configured
was_sssd_configured = True
for name in domains:
@@ -349,6 +384,62 @@ def uninstall(options, env):
Failed to remove krb5/LDAP configuration: %s, str(e))
return CLIENT_INSTALL_ERROR
+# Next if-elif-elif
Re: [Freeipa-devel] [PATCH 0006] Improves sssd.conf handling during ipa-client uninstall
On Thu, 2012-09-20 at 16:20 +0200, Tomas Babej wrote:
On 09/20/2012 02:42 PM, Martin Kosek wrote:
On 09/18/2012 11:21 AM, Tomas Babej wrote:
On 09/12/2012 05:29 PM, Martin Kosek wrote:
On 08/29/2012 02:54 PM, Tomas Babej wrote:
On 08/27/2012 04:55 PM, Martin Kosek wrote:
On 08/27/2012 03:37 PM, Jakub Hrozek wrote:
On Mon, Aug 27, 2012 at 02:57:44PM +0200, Martin Kosek wrote:
I think that the right behavior of SSSD conf uninstall should be the
following:
* sssd.conf existed before IPA install + non-IPA domains in sssd.conf
found:
- move backed conf up sssd.conf.bkp (and inform the user)
- use SSSDConfig delete_domain function to remove ipa domain from
sssd.conf
- restart sssd afterwards
I'm confused here, which of the files is the original
pre-ipa-client-install file?
This is the backed up sssd.conf. I thought that it may be useful for
user to
still have an access to it after uninstall.
How does the non-ipa domain end up in the sssd.conf file? Does it have
to be configured manually or does ipa-client-install merge the list of
domains on installation?
ipa-client-install merge the list of the domains. It overrides the old
sssd.conf only when we cannot parse the sssd.conf and --preserve-sssd
option
was not set.
Martin
Hi,
The sssd.conf file is no longer left behind in case sssd was not
configured before the installation. However, the patch goes behind
the scope of this ticked and improves the handling of sssd.conf
during the ipa-client-install --uninstall in general.
The current behaviour (well documented in source code) is as follows:
- In general, the IPA domain is simply removed from the sssd.conf
file, instead of sssd.conf being rewritten from the backup. This
preserves any domains added after installation.
- If sssd.conf existed before the installation, it is restored to
sssd.conf.bkp. However, any IPA domains from pre-installation
sssd.conf should have been merged during the installation.
- If sssd.conf did not exist before the installation, and no other
domains than IPA domain exist in it, the patch makes sure that
sssd.conf is moved to sssd.conf.deleted so user experiences no
crash during any next installation due to its existence.
https://fedorahosted.org/freeipa/ticket/2740
Tomas
Good job, SSSD uninstall process now looks more consistent and better
documented. I just found the following (mainly minor) issues. Comments in
the
patch:
diff --git a/ipa-client/ipa-install/ipa-client-install
b/ipa-client/ipa-install/ipa-client-install
index
2e65921e8de2dfe68443f5b5875954d71dd48ed2..c5cef15e1fb3a3e1d7cfd070f4288d3839accfc8
100755
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -183,6 +183,36 @@ def nssldap_exists():
return (retval, files_found)
+# helper function for uninstall
+# deletes IPA domain from sssd.conf
+def delete_IPA_domain():
Function names should be lowercase - delete_ipa_domain
+sssd = ipaservices.service('sssd')
+try:
+sssdconfig = SSSDConfig.SSSDConfig()
+sssdconfig.import_config()
+domains = sssdconfig.list_active_domains()
+
+IPA_domain_name = None
Variables should be lowercase - ipa_domain_name
+
+for name in domains:
+domain = sssdconfig.get_domain(name)
+try:
+provider = domain.get_option('id_provider')
+if provider == ipa:
+IPA_domain_name = name
+break
+except SSSDConfig.NoOptionError:
+continue
+
+if IPA_domain_name != None:
Do not use != with None, True, False - use is not None.
+sssdconfig.delete_domain(IPA_domain_name)
+sssdconfig.write()
+else:
+root_logger.warning(IPA domain could not be found in +
+sssd.conf and therefore not deleted)
+except IOError:
+root_logger.warning(IPA domain could not be deleted. No access
to the
sssd.conf file.)
There should be full path to sssd.conf in this error message. It is very
useful
sometimes.
+
def uninstall(options, env):
if not fstore.has_files():
@@ -212,7 +242,12 @@ def uninstall(options, env):
sssdconfig = SSSDConfig.SSSDConfig()
sssdconfig.import_config()
domains = sssdconfig.list_active_domains()
-if len(domains) 1:
+all_domains = sssdconfig.list_domains()
+
+# we consider all the domains, because handling sssd.conf
+# during uninstall is dependant on was_sssd_configured flag
+# so the user does not lose info about inactive domains
+if len(all_domains) 1:
# There was more
Re: [Freeipa-devel] [PATCH 0006] Improves sssd.conf handling during ipa-client uninstall
On 09/12/2012 05:29 PM, Martin Kosek wrote:
On 08/29/2012 02:54 PM, Tomas Babej wrote:
On 08/27/2012 04:55 PM, Martin Kosek wrote:
On 08/27/2012 03:37 PM, Jakub Hrozek wrote:
On Mon, Aug 27, 2012 at 02:57:44PM +0200, Martin Kosek wrote:
I think that the right behavior of SSSD conf uninstall should be the
following:
* sssd.conf existed before IPA install + non-IPA domains in sssd.conf found:
- move backed conf up sssd.conf.bkp (and inform the user)
- use SSSDConfig delete_domain function to remove ipa domain from sssd.conf
- restart sssd afterwards
I'm confused here, which of the files is the original
pre-ipa-client-install file?
This is the backed up sssd.conf. I thought that it may be useful for user to
still have an access to it after uninstall.
How does the non-ipa domain end up in the sssd.conf file? Does it have
to be configured manually or does ipa-client-install merge the list of
domains on installation?
ipa-client-install merge the list of the domains. It overrides the old
sssd.conf only when we cannot parse the sssd.conf and --preserve-sssd option
was not set.
Martin
Hi,
The sssd.conf file is no longer left behind in case sssd was not
configured before the installation. However, the patch goes behind
the scope of this ticked and improves the handling of sssd.conf
during the ipa-client-install --uninstall in general.
The current behaviour (well documented in source code) is as follows:
- In general, the IPA domain is simply removed from the sssd.conf
file, instead of sssd.conf being rewritten from the backup. This
preserves any domains added after installation.
- If sssd.conf existed before the installation, it is restored to
sssd.conf.bkp. However, any IPA domains from pre-installation
sssd.conf should have been merged during the installation.
- If sssd.conf did not exist before the installation, and no other
domains than IPA domain exist in it, the patch makes sure that
sssd.conf is moved to sssd.conf.deleted so user experiences no
crash during any next installation due to its existence.
https://fedorahosted.org/freeipa/ticket/2740
Tomas
Good job, SSSD uninstall process now looks more consistent and better
documented. I just found the following (mainly minor) issues. Comments in the
patch:
diff --git a/ipa-client/ipa-install/ipa-client-install
b/ipa-client/ipa-install/ipa-client-install
index
2e65921e8de2dfe68443f5b5875954d71dd48ed2..c5cef15e1fb3a3e1d7cfd070f4288d3839accfc8
100755
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -183,6 +183,36 @@ def nssldap_exists():
return (retval, files_found)
+# helper function for uninstall
+# deletes IPA domain from sssd.conf
+def delete_IPA_domain():
Function names should be lowercase - delete_ipa_domain
+sssd = ipaservices.service('sssd')
+try:
+sssdconfig = SSSDConfig.SSSDConfig()
+sssdconfig.import_config()
+domains = sssdconfig.list_active_domains()
+
+IPA_domain_name = None
Variables should be lowercase - ipa_domain_name
+
+for name in domains:
+domain = sssdconfig.get_domain(name)
+try:
+provider = domain.get_option('id_provider')
+if provider == ipa:
+IPA_domain_name = name
+break
+except SSSDConfig.NoOptionError:
+continue
+
+if IPA_domain_name != None:
Do not use != with None, True, False - use is not None.
+sssdconfig.delete_domain(IPA_domain_name)
+sssdconfig.write()
+else:
+root_logger.warning(IPA domain could not be found in +
+sssd.conf and therefore not deleted)
+except IOError:
+root_logger.warning(IPA domain could not be deleted. No access to the
sssd.conf file.)
There should be full path to sssd.conf in this error message. It is very useful
sometimes.
+
def uninstall(options, env):
if not fstore.has_files():
@@ -212,7 +242,12 @@ def uninstall(options, env):
sssdconfig = SSSDConfig.SSSDConfig()
sssdconfig.import_config()
domains = sssdconfig.list_active_domains()
-if len(domains) 1:
+all_domains = sssdconfig.list_domains()
+
+# we consider all the domains, because handling sssd.conf
+# during uninstall is dependant on was_sssd_configured flag
+# so the user does not lose info about inactive domains
+if len(all_domains) 1:
# There was more than IPA domain configured
was_sssd_configured = True
for name in domains:
@@ -349,6 +384,62 @@ def uninstall(options, env):
Failed to remove krb5/LDAP configuration: %s, str(e))
return CLIENT_INSTALL_ERROR
+# Next if-elif-elif construction deals with sssd.conf file.
+# Old pre-IPA domains are preserved due merging the old sssd.conf
+#
Re: [Freeipa-devel] [PATCH 0006] Improves sssd.conf handling during ipa-client uninstall
On 08/29/2012 02:54 PM, Tomas Babej wrote:
On 08/27/2012 04:55 PM, Martin Kosek wrote:
On 08/27/2012 03:37 PM, Jakub Hrozek wrote:
On Mon, Aug 27, 2012 at 02:57:44PM +0200, Martin Kosek wrote:
I think that the right behavior of SSSD conf uninstall should be the
following:
* sssd.conf existed before IPA install + non-IPA domains in sssd.conf
found:
- move backed conf up sssd.conf.bkp (and inform the user)
- use SSSDConfig delete_domain function to remove ipa domain from
sssd.conf
- restart sssd afterwards
I'm confused here, which of the files is the original
pre-ipa-client-install file?
This is the backed up sssd.conf. I thought that it may be useful for user
to
still have an access to it after uninstall.
How does the non-ipa domain end up in the sssd.conf file? Does it have
to be configured manually or does ipa-client-install merge the list of
domains on installation?
ipa-client-install merge the list of the domains. It overrides the old
sssd.conf only when we cannot parse the sssd.conf and --preserve-sssd option
was not set.
Martin
Hi,
The sssd.conf file is no longer left behind in case sssd was not
configured before the installation. However, the patch goes behind
the scope of this ticked and improves the handling of sssd.conf
during the ipa-client-install --uninstall in general.
The current behaviour (well documented in source code) is as follows:
- In general, the IPA domain is simply removed from the sssd.conf
file, instead of sssd.conf being rewritten from the backup. This
preserves any domains added after installation.
- If sssd.conf existed before the installation, it is restored to
sssd.conf.bkp. However, any IPA domains from pre-installation
sssd.conf should have been merged during the installation.
- If sssd.conf did not exist before the installation, and no other
domains than IPA domain exist in it, the patch makes sure that
sssd.conf is moved to sssd.conf.deleted so user experiences no
crash during any next installation due to its existence.
https://fedorahosted.org/freeipa/ticket/2740
Tomas
Good job, SSSD uninstall process now looks more consistent and better
documented. I just found the following (mainly minor) issues. Comments in the
patch:
diff --git a/ipa-client/ipa-install/ipa-client-install
b/ipa-client/ipa-install/ipa-client-install
index
2e65921e8de2dfe68443f5b5875954d71dd48ed2..c5cef15e1fb3a3e1d7cfd070f4288d3839accfc8
100755
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -183,6 +183,36 @@ def nssldap_exists():
return (retval, files_found)
+# helper function for uninstall
+# deletes IPA domain from sssd.conf
+def delete_IPA_domain():
Function names should be lowercase - delete_ipa_domain
+sssd = ipaservices.service('sssd')
+try:
+sssdconfig = SSSDConfig.SSSDConfig()
+sssdconfig.import_config()
+domains = sssdconfig.list_active_domains()
+
+IPA_domain_name = None
Variables should be lowercase - ipa_domain_name
+
+for name in domains:
+domain = sssdconfig.get_domain(name)
+try:
+provider = domain.get_option('id_provider')
+if provider == ipa:
+IPA_domain_name = name
+break
+except SSSDConfig.NoOptionError:
+continue
+
+if IPA_domain_name != None:
Do not use != with None, True, False - use is not None.
+sssdconfig.delete_domain(IPA_domain_name)
+sssdconfig.write()
+else:
+root_logger.warning(IPA domain could not be found in +
+sssd.conf and therefore not deleted)
+except IOError:
+root_logger.warning(IPA domain could not be deleted. No access to the
sssd.conf file.)
There should be full path to sssd.conf in this error message. It is very useful
sometimes.
+
def uninstall(options, env):
if not fstore.has_files():
@@ -212,7 +242,12 @@ def uninstall(options, env):
sssdconfig = SSSDConfig.SSSDConfig()
sssdconfig.import_config()
domains = sssdconfig.list_active_domains()
-if len(domains) 1:
+all_domains = sssdconfig.list_domains()
+
+# we consider all the domains, because handling sssd.conf
+# during uninstall is dependant on was_sssd_configured flag
+# so the user does not lose info about inactive domains
+if len(all_domains) 1:
# There was more than IPA domain configured
was_sssd_configured = True
for name in domains:
@@ -349,6 +384,62 @@ def uninstall(options, env):
Failed to remove krb5/LDAP configuration: %s, str(e))
return CLIENT_INSTALL_ERROR
+# Next if-elif-elif construction deals with sssd.conf file.
+# Old pre-IPA domains are preserved due merging the old sssd.conf
+# during the installation of
[Freeipa-devel] [PATCH 0006] Improves sssd.conf handling during ipa-client uninstall
On 08/27/2012 04:55 PM, Martin Kosek wrote:
On 08/27/2012 03:37 PM, Jakub Hrozek wrote:
On Mon, Aug 27, 2012 at 02:57:44PM +0200, Martin Kosek wrote:
I think that the right behavior of SSSD conf uninstall should be the following:
* sssd.conf existed before IPA install + non-IPA domains in sssd.conf found:
- move backed conf up sssd.conf.bkp (and inform the user)
- use SSSDConfig delete_domain function to remove ipa domain from sssd.conf
- restart sssd afterwards
I'm confused here, which of the files is the original
pre-ipa-client-install file?
This is the backed up sssd.conf. I thought that it may be useful for user to
still have an access to it after uninstall.
How does the non-ipa domain end up in the sssd.conf file? Does it have
to be configured manually or does ipa-client-install merge the list of
domains on installation?
ipa-client-install merge the list of the domains. It overrides the old
sssd.conf only when we cannot parse the sssd.conf and --preserve-sssd option
was not set.
Martin
Hi,
The sssd.conf file is no longer left behind in case sssd was not
configured before the installation. However, the patch goes behind
the scope of this ticked and improves the handling of sssd.conf
during the ipa-client-install --uninstall in general.
The current behaviour (well documented in source code) is as follows:
- In general, the IPA domain is simply removed from the sssd.conf
file, instead of sssd.conf being rewritten from the backup. This
preserves any domains added after installation.
- If sssd.conf existed before the installation, it is restored to
sssd.conf.bkp. However, any IPA domains from pre-installation
sssd.conf should have been merged during the installation.
- If sssd.conf did not exist before the installation, and no other
domains than IPA domain exist in it, the patch makes sure that
sssd.conf is moved to sssd.conf.deleted so user experiences no
crash during any next installation due to its existence.
https://fedorahosted.org/freeipa/ticket/2740
Tomas
From fac8d676d2e727977a8a52bdd2990eb2839b54c4 Mon Sep 17 00:00:00 2001
From: Tomas Babej tba...@redhat.com
Date: Fri, 17 Aug 2012 08:56:45 -0400
Subject: [PATCH] Improves sssd.conf handling during ipa-client uninstall
The sssd.conf file is no longer left behind in case sssd was not
configured before the installation. However, the patch goes behind
the scope of this ticked and improves the handling of sssd.conf
during the ipa-client-install --uninstall in general.
The current behaviour (well documented in source code) is as follows:
- In general, the IPA domain is simply removed from the sssd.conf
file, instead of sssd.conf being rewritten from the backup. This
preserves any domains added after installation.
- If sssd.conf existed before the installation, it is restored to
sssd.conf.bkp. However, any IPA domains from pre-installation
sssd.conf should have been merged during the installation.
- If sssd.conf did not exist before the installation, and no other
domains than IPA domain exist in it, the patch makes sure that
sssd.conf is moved to sssd.conf.deleted so user experiences no
crash during any next installation due to its existence.
https://fedorahosted.org/freeipa/ticket/2740
---
ipa-client/ipa-install/ipa-client-install | 107 +-
1 file changed, 92 insertions(+), 15 deletions(-)
diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install
index 2e65921e8de2dfe68443f5b5875954d71dd48ed2..c5cef15e1fb3a3e1d7cfd070f4288d3839accfc8 100755
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -183,6 +183,36 @@ def nssldap_exists():
return (retval, files_found)
+# helper function for uninstall
+# deletes IPA domain from sssd.conf
+def delete_IPA_domain():
+sssd = ipaservices.service('sssd')
+try:
+sssdconfig = SSSDConfig.SSSDConfig()
+sssdconfig.import_config()
+domains = sssdconfig.list_active_domains()
+
+IPA_domain_name = None
+
+for name in domains:
+domain = sssdconfig.get_domain(name)
+try:
+provider = domain.get_option('id_provider')
+if provider == ipa:
+IPA_domain_name = name
+break
+except SSSDConfig.NoOptionError:
+continue
+
+if IPA_domain_name != None:
+sssdconfig.delete_domain(IPA_domain_name)
+sssdconfig.write()
+else:
+root_logger.warning(IPA domain could not be found in +
+sssd.conf and therefore not deleted)
+except IOError:
+root_logger.warning(IPA domain could not be deleted. No access to the sssd.conf file.)
+
def uninstall(options, env):
if not fstore.has_files():
@@ -212,7 +242,12 @@ def uninstall(options, env):
sssdconfig =
