[Freeipa-devel] [PATCHSET] Replica promotion patches

Simo Sorce simo at redhat.com
Wed Oct 21 19:24:42 UTC 2015 

On 21/10/15 11:46, Martin Babinsky wrote:
> On 10/20/2015 07:24 PM, Simo Sorce wrote:
>> On 20/10/15 06:32, Martin Babinsky wrote:
>>> On 10/15/2015 08:14 PM, Simo Sorce wrote:
>>>> On 15/10/15 11:39, Martin Basti wrote:
>>>>> Without this patch the ipa-ca-install is broken in current master.
>>>>> Unexpected error - see /var/log/ipareplica-ca-install.log for details:
>>>>> AttributeError: Values instance has no attribute 'promote'
>>>>
>>>> Should be fixed with the attached patches.
>>>>
>>>>
>>>>
>>> NACK, in patch 551 you add a test for non-existent CLI option into main
>>> method:
>>>
>>> @@ -198,10 +251,20 @@ def main():
>>>       if os.geteuid() != 0:
>>>           sys.exit("\nYou must be root to run this script.\n")
>>>
>>> -    if filename is not None:
>>> -        install_replica(safe_options, options, filename)
>>> -    else:
>>> -        install_master(safe_options, options)
>>> +    try:
>>> +        if options.replica or filename is not None:
>>> +            install_replica(safe_options, options, filename)
>>> +        else:
>>> +            install_master(safe_options, options)
>>> +
>>> +    finally:
>>> +        # Clean up if we created custom credentials
>>> +        created_ccache_file = getattr(options, 'created_ccache_file',
>>> None)
>>> +        if created_ccache_file is not None:
>>> +            try:
>>> +                os.unlink(created_ccache_file)
>>> +            except OSError:
>>> +                pass
>>>
>>> I guess you wanted to add '--replica' option to the CA installer but
>>> since it was not added to option parser the installer explodes.
>>>
>>> # ipa-ca-install
>>>
>>> Your system may be partly configured.
>>> Run /usr/sbin/ipa-server-install --uninstall to clean up.
>>>
>>> Unexpected error - see /var/log/ipareplica-ca-install.log for details:
>>> AttributeError: Values instance has no attribute 'replica'
>>>
>>
>> The attached patch should address this problem now.
>>
>> Simo.
>>
>
> Thanks, the patch enables CA install on promoted replica.
>
> I have one minor nitpick though:
>
> When running ipa-ca-install on domain level 0 replica w/o replica file,
> the installer issues the following error:
>
> # ipa-ca-install
> Replica file None does not exist
>
> I guess you should separately handle the case when no replica file is
> specified and issue a corresponding error message like "A replica file
> is required".

Done.
Simo.


-- 
Simo Sorce * Red Hat, Inc * New York
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-simo-551-5-Allow-ipa-ca-install-to-use-the-new-promotion-code.patch
Type: text/x-patch
Size: 9277 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20151021/e846f07a/attachment.bin>

More information about the Freeipa-devel mailing list