pgreco / rpms / ipa

Forked from forks/areguera/rpms/ipa 4 years ago
Clone

Blame SOURCES/0106-Installer-do-not-modify-etc-hosts-before-user-agreem.patch

590d18
From b6c7247319575a376ac9a480ae6ceda39a2bd968 Mon Sep 17 00:00:00 2001
590d18
From: Martin Basti <mbasti@redhat.com>
590d18
Date: Tue, 1 Sep 2015 19:05:01 +0200
590d18
Subject: [PATCH] Installer: do not modify /etc/hosts before user agreement
590d18
590d18
https://fedorahosted.org/freeipa/ticket/4561
590d18
590d18
As side effect this also fixes:
590d18
https://fedorahosted.org/freeipa/ticket/5266
590d18
590d18
Reviewed-By: David Kupka <dkupka@redhat.com>
590d18
---
590d18
 ipaserver/install/dns.py                   |  9 ++++++--
590d18
 ipaserver/install/installutils.py          | 36 +++++++++++++++++++-----------
590d18
 ipaserver/install/server/install.py        | 14 ++++++++++--
590d18
 ipaserver/install/server/replicainstall.py | 12 +++++++++-
590d18
 4 files changed, 53 insertions(+), 18 deletions(-)
590d18
590d18
diff --git a/ipaserver/install/dns.py b/ipaserver/install/dns.py
590d18
index 538e99fbe01a34cee627f1cebd938be19777c134..099e35dc331722607c8ca02cdbc7a0e66f8c4754 100644
590d18
--- a/ipaserver/install/dns.py
590d18
+++ b/ipaserver/install/dns.py
590d18
@@ -19,6 +19,7 @@ from ipapython.ipaldap import AUTOBIND_ENABLED
590d18
 from ipapython.ipautil import user_input
590d18
 from ipaserver.install.installutils import get_server_ip_address
590d18
 from ipaserver.install.installutils import read_dns_forwarders
590d18
+from ipaserver.install.installutils import update_hosts_file
590d18
 from ipaserver.install import bindinstance
590d18
 from ipaserver.install import dnskeysyncinstance
590d18
 from ipaserver.install import ntpinstance
590d18
@@ -225,8 +226,8 @@ def install_check(standalone, replica, options, hostname):
590d18
                 "the original kasp.db file." %
590d18
                 ", ".join([str(zone) for zone in dnssec_zones]))
590d18
 
590d18
-    ip_addresses = get_server_ip_address(
590d18
-        hostname, fstore, options.unattended, True, options.ip_addresses)
590d18
+    ip_addresses = get_server_ip_address(hostname, options.unattended,
590d18
+                                         True, options.ip_addresses)
590d18
 
590d18
     if options.no_forwarders:
590d18
         dns_forwarders = ()
590d18
@@ -277,6 +278,10 @@ def install(standalone, replica, options):
590d18
 
590d18
     conf_ntp = ntpinstance.NTPInstance(fstore).is_enabled()
590d18
 
590d18
+    if standalone:
590d18
+        # otherwise this is done by server/replica installer
590d18
+        update_hosts_file(ip_addresses, api.env.host, fstore)
590d18
+
590d18
     bind = bindinstance.BindInstance(fstore, ldapi=True,
590d18
                                      autobind=AUTOBIND_ENABLED)
590d18
     bind.setup(api.env.host, ip_addresses, api.env.realm, api.env.domain,
590d18
diff --git a/ipaserver/install/installutils.py b/ipaserver/install/installutils.py
590d18
index 02e8526317dbab909ed48a1823000922ce6e6b7a..81a025597c97b41377c35a6714bf1d3001c868cc 100644
590d18
--- a/ipaserver/install/installutils.py
590d18
+++ b/ipaserver/install/installutils.py
590d18
@@ -264,7 +264,8 @@ def read_ip_address(host_name, fstore):
590d18
 
590d18
     return ip_parsed
590d18
 
590d18
-def read_ip_addresses(host_name, fstore):
590d18
+
590d18
+def read_ip_addresses():
590d18
     ips = []
590d18
     print "Enter the IP address to use, or press Enter to finish."
590d18
     while True:
590d18
@@ -470,7 +471,7 @@ def get_host_name(no_host_dns):
590d18
     verify_fqdn(hostname, no_host_dns)
590d18
     return hostname
590d18
 
590d18
-def get_server_ip_address(host_name, fstore, unattended, setup_dns, ip_addresses):
590d18
+def get_server_ip_address(host_name, unattended, setup_dns, ip_addresses):
590d18
     # Check we have a public IP that is associated with the hostname
590d18
     try:
590d18
         hostaddr = resolve_host(host_name)
590d18
@@ -483,8 +484,6 @@ def get_server_ip_address(host_name, fstore, unattended, setup_dns, ip_addresses
590d18
         print >> sys.stderr, "Please fix your /etc/hosts file and restart the setup program"
590d18
         sys.exit(1)
590d18
 
590d18
-    ip_add_to_hosts = False
590d18
-
590d18
     ips = []
590d18
     if len(hostaddr):
590d18
         for ha in hostaddr:
590d18
@@ -495,7 +494,7 @@ def get_server_ip_address(host_name, fstore, unattended, setup_dns, ip_addresses
590d18
 
590d18
     if not ips and not ip_addresses:
590d18
         if not unattended:
590d18
-            ip_addresses = read_ip_addresses(host_name, fstore)
590d18
+            ip_addresses = read_ip_addresses()
590d18
 
590d18
     if ip_addresses:
590d18
         if setup_dns:
590d18
@@ -511,22 +510,16 @@ def get_server_ip_address(host_name, fstore, unattended, setup_dns, ip_addresses
590d18
                 print >>sys.stderr, "Provided but not resolved address(es): %s" % \
590d18
                                     ", ".join(str(ip) for ip in (set(ip_addresses) - set(ips)))
590d18
                 sys.exit(1)
590d18
-        ip_add_to_hosts = True
590d18
 
590d18
     if not ips:
590d18
         print >> sys.stderr, "No usable IP address provided nor resolved."
590d18
         sys.exit(1)
590d18
 
590d18
     for ip_address in ips:
590d18
-        # check /etc/hosts sanity, add a record when needed
590d18
+        # check /etc/hosts sanity
590d18
         hosts_record = record_in_hosts(str(ip_address))
590d18
 
590d18
-        if hosts_record is None:
590d18
-            if ip_add_to_hosts or setup_dns:
590d18
-                print "Adding ["+str(ip_address)+" "+host_name+"] to your /etc/hosts file"
590d18
-                fstore.backup_file(paths.HOSTS)
590d18
-                add_record_to_hosts(str(ip_address), host_name)
590d18
-        else:
590d18
+        if hosts_record is not None:
590d18
             primary_host = hosts_record[1][0]
590d18
             if primary_host != host_name:
590d18
                 print >>sys.stderr, "Error: there is already a record in /etc/hosts for IP address %s:" \
590d18
@@ -539,6 +532,23 @@ def get_server_ip_address(host_name, fstore, unattended, setup_dns, ip_addresses
590d18
 
590d18
     return ips
590d18
 
590d18
+
590d18
+def update_hosts_file(ip_addresses, host_name, fstore):
590d18
+    """
590d18
+    Update hosts with specified addresses
590d18
+    :param ip_addresses: list of IP addresses
590d18
+    :return:
590d18
+    """
590d18
+    if not fstore.has_file(paths.HOSTS):
590d18
+        fstore.backup_file(paths.HOSTS)
590d18
+    for ip_address in ip_addresses:
590d18
+        if record_in_hosts(str(ip_address)):
590d18
+            continue
590d18
+        print "Adding [{address!s} {name}] to your /etc/hosts file".format(
590d18
+            address=ip_address, name=host_name)
590d18
+        add_record_to_hosts(str(ip_address), host_name)
590d18
+
590d18
+
590d18
 def expand_replica_info(filename, password):
590d18
     """
590d18
     Decrypt and expand a replica installation file into a temporary
590d18
diff --git a/ipaserver/install/server/install.py b/ipaserver/install/server/install.py
590d18
index ff517513473a458a84f63c5c1308a8cc0b8699f8..9d7036a7786a35e6aa2429254d62c8afb30970db 100644
590d18
--- a/ipaserver/install/server/install.py
590d18
+++ b/ipaserver/install/server/install.py
590d18
@@ -32,7 +32,8 @@ from ipaserver.install import (
590d18
     otpdinstance, replication, service, sysupgrade)
590d18
 from ipaserver.install.installutils import (
590d18
     IPA_MODULES, BadHostError, get_fqdn, get_server_ip_address,
590d18
-    is_ipa_configured, load_pkcs12, read_password, verify_fqdn)
590d18
+    is_ipa_configured, load_pkcs12, read_password, verify_fqdn,
590d18
+    update_hosts_file)
590d18
 from ipaserver.plugins.ldap2 import ldap2
590d18
 try:
590d18
     from ipaserver.install import adtrustinstance
590d18
@@ -607,10 +608,15 @@ def install_check(installer):
590d18
         dns.install_check(False, False, options, host_name)
590d18
         ip_addresses = dns.ip_addresses
590d18
     else:
590d18
-        ip_addresses = get_server_ip_address(host_name, fstore,
590d18
+        ip_addresses = get_server_ip_address(host_name,
590d18
                                              not installer.interactive, False,
590d18
                                              options.ip_addresses)
590d18
 
590d18
+    # installer needs to update hosts file when DNS subsystem will be
590d18
+    # installed or custom addresses are used
590d18
+    if options.ip_addresses or options.setup_dns:
590d18
+        installer._update_hosts_file = True
590d18
+
590d18
     print
590d18
     print "The IPA Master Server will be configured with:"
590d18
     print "Hostname:       %s" % host_name
590d18
@@ -709,6 +715,9 @@ def install(installer):
590d18
         # configure /etc/sysconfig/network to contain the custom hostname
590d18
         tasks.backup_and_replace_hostname(fstore, sstore, host_name)
590d18
 
590d18
+    if installer._update_hosts_file:
590d18
+        update_hosts_file(ip_addresses, host_name, fstore)
590d18
+
590d18
     # Create DS user/group if it doesn't exist yet
590d18
     dsinstance.create_ds_user()
590d18
 
590d18
@@ -1494,6 +1503,7 @@ class Server(common.Installable, common.Interactive, core.Composite):
590d18
         self._external_cert_file = None
590d18
         self._external_ca_file = None
590d18
         self._ca_cert = None
590d18
+        self._update_hosts_file = False
590d18
 
590d18
         #pylint: disable=no-member
590d18
 
590d18
diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py
590d18
index 0725c7763e505ca0cc5a8892414a3c36c557cf1d..6f9a6141fe9af44806244ce52df59c191dc966b0 100644
590d18
--- a/ipaserver/install/server/replicainstall.py
590d18
+++ b/ipaserver/install/server/replicainstall.py
590d18
@@ -502,11 +502,17 @@ def install_check(installer):
590d18
 
590d18
     if options.setup_dns:
590d18
         dns.install_check(False, True, options, config.host_name)
590d18
+        config.ips = dns.ip_addresses
590d18
     else:
590d18
         config.ips = installutils.get_server_ip_address(
590d18
-            config.host_name, fstore, not installer.interactive, False,
590d18
+            config.host_name, not installer.interactive, False,
590d18
             options.ip_addresses)
590d18
 
590d18
+    # installer needs to update hosts file when DNS subsystem will be
590d18
+    # installed or custom addresses are used
590d18
+    if options.setup_dns or options.ip_addresses:
590d18
+        installer._update_hosts_file = True
590d18
+
590d18
     # check connection
590d18
     if not options.skip_conncheck:
590d18
         replica_conn_check(
590d18
@@ -528,6 +534,9 @@ def install(installer):
590d18
 
590d18
     dogtag_constants = dogtag.install_constants
590d18
 
590d18
+    if installer._update_hosts_file:
590d18
+        installutils.update_hosts_file(config.ips, config.host_name, fstore)
590d18
+
590d18
     # Create DS user/group if it doesn't exist yet
590d18
     dsinstance.create_ds_user()
590d18
 
590d18
@@ -785,6 +794,7 @@ class Replica(common.Installable, common.Interactive, core.Composite):
590d18
 
590d18
         self._top_dir = None
590d18
         self._config = None
590d18
+        self._update_hosts_file = False
590d18
 
590d18
         #pylint: disable=no-member
590d18
 
590d18
-- 
590d18
2.5.1
590d18