|
 |
590d18 |
From 9bf3e3efe51ccda418afd2340a113f39144851c3 Mon Sep 17 00:00:00 2001
|
|
|
590d18 |
From: Martin Basti <mbasti@redhat.com>
|
|
|
590d18 |
Date: Wed, 1 Jul 2015 15:05:45 +0200
|
|
|
590d18 |
Subject: [PATCH] DNS: check if DNS package is installed
|
|
|
590d18 |
|
|
|
590d18 |
Instead of separate checking of DNS required packages, we need just
|
|
|
590d18 |
check if IPA DNS package is installed.
|
|
|
590d18 |
|
|
|
590d18 |
https://fedorahosted.org/freeipa/ticket/4058
|
|
|
590d18 |
|
|
|
590d18 |
Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
|
|
|
590d18 |
Reviewed-By: Petr Spacek <pspacek@redhat.com>
|
|
|
590d18 |
Reviewed-By: Tomas Babej <tbabej@redhat.com>
|
|
|
590d18 |
---
|
|
|
590d18 |
ipaplatform/base/constants.py | 2 +-
|
|
|
590d18 |
ipaplatform/base/paths.py | 1 +
|
|
|
590d18 |
ipaplatform/rhel/constants.py | 2 +-
|
|
|
590d18 |
ipaserver/install/bindinstance.py | 19 +------------------
|
|
|
590d18 |
ipaserver/install/dns.py | 11 ++++++-----
|
|
|
590d18 |
ipaserver/install/dnskeysyncinstance.py | 6 ------
|
|
|
590d18 |
ipaserver/install/opendnssecinstance.py | 8 --------
|
|
|
590d18 |
7 files changed, 10 insertions(+), 39 deletions(-)
|
|
|
590d18 |
|
|
|
590d18 |
diff --git a/ipaplatform/base/constants.py b/ipaplatform/base/constants.py
|
|
|
590d18 |
index 70485055fa5a12fac878ace3dea11ea442ebe6be..cef829e2d3886db00ae6d0299ddcf325d1add80e 100644
|
|
|
590d18 |
--- a/ipaplatform/base/constants.py
|
|
|
590d18 |
+++ b/ipaplatform/base/constants.py
|
|
|
590d18 |
@@ -8,4 +8,4 @@ This base platform module exports platform dependant constants.
|
|
|
590d18 |
|
|
|
590d18 |
|
|
|
590d18 |
class BaseConstantsNamespace(object):
|
|
|
590d18 |
- pass
|
|
|
590d18 |
+ IPA_DNS_PACKAGE_NAME = "freeipa-server-dns"
|
|
|
590d18 |
diff --git a/ipaplatform/base/paths.py b/ipaplatform/base/paths.py
|
|
|
590d18 |
index 5756040172126438d42275b734f4d766d53048fe..4c93c1f7162b0aeb4f798ef84e1ac8db4573518b 100644
|
|
|
590d18 |
--- a/ipaplatform/base/paths.py
|
|
|
590d18 |
+++ b/ipaplatform/base/paths.py
|
|
|
590d18 |
@@ -218,6 +218,7 @@ class BasePathNamespace(object):
|
|
|
590d18 |
GROUPADD = "/usr/sbin/groupadd"
|
|
|
590d18 |
HTTPD = "/usr/sbin/httpd"
|
|
|
590d18 |
IPA_CLIENT_INSTALL = "/usr/sbin/ipa-client-install"
|
|
|
590d18 |
+ IPA_DNS_INSTALL = "/usr/sbin/ipa-dns-install"
|
|
|
590d18 |
SBIN_IPA_JOIN = "/usr/sbin/ipa-join"
|
|
|
590d18 |
IPA_REPLICA_CONNCHECK = "/usr/sbin/ipa-replica-conncheck"
|
|
|
590d18 |
IPA_RMKEYTAB = "/usr/sbin/ipa-rmkeytab"
|
|
|
590d18 |
diff --git a/ipaplatform/rhel/constants.py b/ipaplatform/rhel/constants.py
|
|
|
590d18 |
index eaca48030fa28804c70c161b07228646a95fc1a3..17abde1f861778bec83067cb01e9a1faae325527 100644
|
|
|
590d18 |
--- a/ipaplatform/rhel/constants.py
|
|
|
590d18 |
+++ b/ipaplatform/rhel/constants.py
|
|
|
590d18 |
@@ -11,6 +11,6 @@ from ipaplatform.redhat.constants import RedHatConstantsNamespace
|
|
|
590d18 |
|
|
|
590d18 |
|
|
|
590d18 |
class RHELConstantsNamespace(RedHatConstantsNamespace):
|
|
|
590d18 |
- pass
|
|
|
590d18 |
+ IPA_DNS_PACKAGE_NAME = "ipa-server-dns"
|
|
|
590d18 |
|
|
|
590d18 |
constants = RHELConstantsNamespace()
|
|
|
590d18 |
diff --git a/ipaserver/install/bindinstance.py b/ipaserver/install/bindinstance.py
|
|
|
590d18 |
index 2228342dc40ee415d1adf2687a7ae91a5963d3c7..9705e845a76191a252bfa963b54d9c31d83ad18e 100644
|
|
|
590d18 |
--- a/ipaserver/install/bindinstance.py
|
|
|
590d18 |
+++ b/ipaserver/install/bindinstance.py
|
|
|
590d18 |
@@ -62,25 +62,8 @@ named_conf_arg_options_template_nonstr = "%(indent)s%(name)s %(value)s;\n"
|
|
|
590d18 |
named_conf_include_re = re.compile(r'\s*include\s+"(?P<path>)"\s*;')
|
|
|
590d18 |
named_conf_include_template = "include \"%(path)s\";\n"
|
|
|
590d18 |
|
|
|
590d18 |
-def check_inst(unattended):
|
|
|
590d18 |
- has_bind = True
|
|
|
590d18 |
- named = services.knownservices.named
|
|
|
590d18 |
- if not os.path.exists(named.get_binary_path()):
|
|
|
590d18 |
- print "BIND was not found on this system"
|
|
|
590d18 |
- print ("Please install the '%s' package and start the installation again"
|
|
|
590d18 |
- % named.get_package_name())
|
|
|
590d18 |
- has_bind = False
|
|
|
590d18 |
-
|
|
|
590d18 |
- # Also check for the LDAP BIND plug-in
|
|
|
590d18 |
- if not os.path.exists(paths.BIND_LDAP_SO) and \
|
|
|
590d18 |
- not os.path.exists(paths.BIND_LDAP_SO_64):
|
|
|
590d18 |
- print "The BIND LDAP plug-in was not found on this system"
|
|
|
590d18 |
- print "Please install the 'bind-dyndb-ldap' package and start the installation again"
|
|
|
590d18 |
- has_bind = False
|
|
|
590d18 |
-
|
|
|
590d18 |
- if not has_bind:
|
|
|
590d18 |
- return False
|
|
|
590d18 |
|
|
|
590d18 |
+def check_inst(unattended):
|
|
|
590d18 |
if not unattended and os.path.exists(NAMED_CONF):
|
|
|
590d18 |
msg = "Existing BIND configuration detected, overwrite?"
|
|
|
590d18 |
return ipautil.user_input(msg, False)
|
|
|
590d18 |
diff --git a/ipaserver/install/dns.py b/ipaserver/install/dns.py
|
|
|
590d18 |
index d22bce7a7cd2e0e8a7ffe0ab4aa496634465903b..9430d189978b0984b0b71d7d754516a4135053fb 100644
|
|
|
590d18 |
--- a/ipaserver/install/dns.py
|
|
|
590d18 |
+++ b/ipaserver/install/dns.py
|
|
|
590d18 |
@@ -9,6 +9,7 @@ from subprocess import CalledProcessError
|
|
|
590d18 |
from ipalib import api
|
|
|
590d18 |
from ipalib import errors
|
|
|
590d18 |
from ipaplatform.paths import paths
|
|
|
590d18 |
+from ipaplatform.constants import constants
|
|
|
590d18 |
from ipaplatform import services
|
|
|
590d18 |
from ipapython import ipautil
|
|
|
590d18 |
from ipapython import sysrestore
|
|
|
590d18 |
@@ -96,6 +97,10 @@ def install_check(standalone, replica, options, hostname):
|
|
|
590d18 |
global reverse_zones
|
|
|
590d18 |
fstore = sysrestore.FileStore(paths.SYSRESTORE)
|
|
|
590d18 |
|
|
|
590d18 |
+ if not ipautil.file_exists(paths.IPA_DNS_INSTALL):
|
|
|
590d18 |
+ raise RuntimeError("Integrated DNS requires '%s' package" %
|
|
|
590d18 |
+ constants.IPA_DNS_PACKAGE_NAME)
|
|
|
590d18 |
+
|
|
|
590d18 |
if standalone:
|
|
|
590d18 |
print "=============================================================================="
|
|
|
590d18 |
print "This program will setup DNS for the FreeIPA Server."
|
|
|
590d18 |
@@ -141,8 +146,7 @@ def install_check(standalone, replica, options, hostname):
|
|
|
590d18 |
sys.exit("Aborted")
|
|
|
590d18 |
|
|
|
590d18 |
# Check bind packages are installed
|
|
|
590d18 |
- if not (bindinstance.check_inst(options.unattended) and
|
|
|
590d18 |
- dnskeysyncinstance.check_inst()):
|
|
|
590d18 |
+ if not bindinstance.check_inst(options.unattended):
|
|
|
590d18 |
sys.exit("Aborting installation.")
|
|
|
590d18 |
|
|
|
590d18 |
if options.disable_dnssec_master:
|
|
|
590d18 |
@@ -177,9 +181,6 @@ def install_check(standalone, replica, options, hostname):
|
|
|
590d18 |
sys.exit("Only one DNSSEC key master is supported in current "
|
|
|
590d18 |
"version.")
|
|
|
590d18 |
|
|
|
590d18 |
- # check opendnssec packages are installed
|
|
|
590d18 |
- if not opendnssecinstance.check_inst():
|
|
|
590d18 |
- sys.exit("Aborting installation")
|
|
|
590d18 |
if options.kasp_db_file:
|
|
|
590d18 |
dnskeysyncd = services.service('ipa-dnskeysyncd')
|
|
|
590d18 |
|
|
|
590d18 |
diff --git a/ipaserver/install/dnskeysyncinstance.py b/ipaserver/install/dnskeysyncinstance.py
|
|
|
590d18 |
index eb6d07f014bce296a5b094f499194286c31c2489..7d1351ccc57a5dbd7d537741545ad44d0dcd5eb1 100644
|
|
|
590d18 |
--- a/ipaserver/install/dnskeysyncinstance.py
|
|
|
590d18 |
+++ b/ipaserver/install/dnskeysyncinstance.py
|
|
|
590d18 |
@@ -30,12 +30,6 @@ softhsm_token_label = u'ipaDNSSEC'
|
|
|
590d18 |
softhsm_slot = 0
|
|
|
590d18 |
replica_keylabel_template = u"dnssec-replica:%s"
|
|
|
590d18 |
|
|
|
590d18 |
-def check_inst():
|
|
|
590d18 |
- if not os.path.exists(paths.DNSSEC_KEYFROMLABEL):
|
|
|
590d18 |
- print ("Please install the 'bind-pkcs11-utils' package and start "
|
|
|
590d18 |
- "the installation again")
|
|
|
590d18 |
- return False
|
|
|
590d18 |
- return True
|
|
|
590d18 |
|
|
|
590d18 |
def dnssec_container_exists(fqdn, suffix, dm_password=None, ldapi=False,
|
|
|
590d18 |
realm=None, autobind=ipaldap.AUTOBIND_DISABLED):
|
|
|
590d18 |
diff --git a/ipaserver/install/opendnssecinstance.py b/ipaserver/install/opendnssecinstance.py
|
|
|
590d18 |
index d68691fa32f135c7527ce28ed771757eadab4831..0f1af828ea245046330fdfab77db130ca14faba3 100644
|
|
|
590d18 |
--- a/ipaserver/install/opendnssecinstance.py
|
|
|
590d18 |
+++ b/ipaserver/install/opendnssecinstance.py
|
|
|
590d18 |
@@ -55,14 +55,6 @@ def get_dnssec_key_masters(conn):
|
|
|
590d18 |
return keymasters_list
|
|
|
590d18 |
|
|
|
590d18 |
|
|
|
590d18 |
-def check_inst():
|
|
|
590d18 |
- if not os.path.exists(paths.ODS_KSMUTIL):
|
|
|
590d18 |
- print ("Please install the 'opendnssec' package and start "
|
|
|
590d18 |
- "the installation again")
|
|
|
590d18 |
- return False
|
|
|
590d18 |
- return True
|
|
|
590d18 |
-
|
|
|
590d18 |
-
|
|
|
590d18 |
class OpenDNSSECInstance(service.Service):
|
|
|
590d18 |
def __init__(self, fstore=None, dm_password=None, ldapi=False,
|
|
|
590d18 |
start_tls=False, autobind=ipaldap.AUTOBIND_ENABLED):
|
|
|
590d18 |
--
|
|
|
590d18 |
2.4.3
|
|
|
590d18 |
|