|
|
b01884 |
From c64030a357401467d74e77d610d3bc268412220d Mon Sep 17 00:00:00 2001
|
|
|
b01884 |
From: Rob Crittenden <rcritten@redhat.com>
|
|
|
b01884 |
Date: Tue, 16 Oct 2018 13:58:00 -0400
|
|
|
b01884 |
Subject: [PATCH] Remove the authselect profile warning if sssd was not
|
|
|
b01884 |
configured.
|
|
|
b01884 |
|
|
|
b01884 |
On a plain uninstall there should not be a bunch of confusing
|
|
|
b01884 |
warning/error messages.
|
|
|
b01884 |
|
|
|
b01884 |
Related to https://pagure.io/freeipa/issue/7729
|
|
|
b01884 |
|
|
|
b01884 |
Signed-off-by: Rob Crittenden <rcritten@redhat.com>
|
|
|
b01884 |
Reviewed-By: Christian Heimes <cheimes@redhat.com>
|
|
|
b01884 |
---
|
|
|
b01884 |
ipatests/test_integration/test_authselect.py | 1 -
|
|
|
b01884 |
1 file changed, 1 deletion(-)
|
|
|
b01884 |
|
|
|
b01884 |
diff --git a/ipatests/test_integration/test_authselect.py b/ipatests/test_integration/test_authselect.py
|
|
|
b01884 |
index 5eb3fdbf02..5ce56fa21e 100644
|
|
|
b01884 |
--- a/ipatests/test_integration/test_authselect.py
|
|
|
b01884 |
+++ b/ipatests/test_integration/test_authselect.py
|
|
|
b01884 |
@@ -136,7 +136,6 @@ def test_uninstall_client_no_preconfigured_profile(self):
|
|
|
b01884 |
# by default
|
|
|
b01884 |
result = self._uninstall_client()
|
|
|
b01884 |
assert result.returncode == 0
|
|
|
b01884 |
- assert self.msg_warn_uninstall in result.stderr_text
|
|
|
b01884 |
check_authselect_profile(self.client, default_profile)
|
|
|
b01884 |
|
|
|
b01884 |
def test_install_client_preconfigured_profile(self):
|
|
|
b01884 |
From ec5e821f05cbc20517af6c9578e813f1963a9e8c Mon Sep 17 00:00:00 2001
|
|
|
b01884 |
From: Rob Crittenden <rcritten@redhat.com>
|
|
|
b01884 |
Date: Wed, 10 Oct 2018 14:07:33 -0400
|
|
|
b01884 |
Subject: [PATCH] Fix misleading errors during client install rollback
|
|
|
b01884 |
|
|
|
b01884 |
Some incorrect errors are possible if a client installation
|
|
|
b01884 |
fails and a configuration rollback is required.
|
|
|
b01884 |
|
|
|
b01884 |
These include:
|
|
|
b01884 |
|
|
|
b01884 |
1. Unconfigured automount client failed: CalledProcessError(Command
|
|
|
b01884 |
['/usr/sbin/ipa-client-automount', '--uninstall', '--debug']
|
|
|
b01884 |
returned non-zero exit status 1: '')
|
|
|
b01884 |
|
|
|
b01884 |
Caused by check_client_configuration() not returning the correct
|
|
|
b01884 |
return value (2).
|
|
|
b01884 |
|
|
|
b01884 |
2. WARNING: Unable to revert to the pre-installation state ('authconfig'
|
|
|
b01884 |
tool has been deprecated in favor of 'authselect'). The default sssd
|
|
|
b01884 |
profile will be used instead.
|
|
|
b01884 |
The authconfig arguments would have been: authconfig --disableldap
|
|
|
b01884 |
--disablekrb5 --disablesssdauth --disablemkhomedir
|
|
|
b01884 |
|
|
|
b01884 |
If installation fails before SSSD is configured there is no state
|
|
|
b01884 |
to roll back to. Detect this condition.
|
|
|
b01884 |
|
|
|
b01884 |
3. An error occurred while removing SSSD's cache.Please remove the
|
|
|
b01884 |
cache manually by executing sssctl cache-remove -o.
|
|
|
b01884 |
|
|
|
b01884 |
Again, if SSSD is not configured yet then there is no cache to
|
|
|
b01884 |
remove. Also correct the missing space after the period.
|
|
|
b01884 |
|
|
|
b01884 |
https://pagure.io/freeipa/issue/7729
|
|
|
b01884 |
|
|
|
b01884 |
Signed-off-by: Rob Crittenden <rcritten@redhat.com>
|
|
|
b01884 |
Reviewed-By: Christian Heimes <cheimes@redhat.com>
|
|
|
b01884 |
---
|
|
|
b01884 |
ipaclient/install/client.py | 18 ++++++-----
|
|
|
b01884 |
ipalib/util.py | 5 +++-
|
|
|
b01884 |
ipaplatform/redhat/authconfig.py | 2 +-
|
|
|
b01884 |
.../test_replica_promotion.py | 30 +++++++++++++++++++
|
|
|
b01884 |
4 files changed, 45 insertions(+), 10 deletions(-)
|
|
|
b01884 |
|
|
|
b01884 |
diff --git a/ipaclient/install/client.py b/ipaclient/install/client.py
|
|
|
b01884 |
index 0dcd1ec744..05255fe61b 100644
|
|
|
b01884 |
--- a/ipaclient/install/client.py
|
|
|
b01884 |
+++ b/ipaclient/install/client.py
|
|
|
b01884 |
@@ -3284,13 +3284,14 @@ def uninstall(options):
|
|
|
b01884 |
remove_file(paths.SSSD_MC_GROUP)
|
|
|
b01884 |
remove_file(paths.SSSD_MC_PASSWD)
|
|
|
b01884 |
|
|
|
b01884 |
- try:
|
|
|
b01884 |
- run([paths.SSSCTL, "cache-remove", "-o", "--stop", "--start"])
|
|
|
b01884 |
- except Exception:
|
|
|
b01884 |
- logger.info(
|
|
|
b01884 |
- "An error occurred while removing SSSD's cache."
|
|
|
b01884 |
- "Please remove the cache manually by executing "
|
|
|
b01884 |
- "sssctl cache-remove -o.")
|
|
|
b01884 |
+ if was_sssd_installed:
|
|
|
b01884 |
+ try:
|
|
|
b01884 |
+ run([paths.SSSCTL, "cache-remove", "-o", "--stop", "--start"])
|
|
|
b01884 |
+ except Exception:
|
|
|
b01884 |
+ logger.info(
|
|
|
b01884 |
+ "An error occurred while removing SSSD's cache."
|
|
|
b01884 |
+ "Please remove the cache manually by executing "
|
|
|
b01884 |
+ "sssctl cache-remove -o.")
|
|
|
b01884 |
|
|
|
b01884 |
if ipa_domain:
|
|
|
b01884 |
sssd_domain_ldb = "cache_" + ipa_domain + ".ldb"
|
|
|
b01884 |
@@ -3354,7 +3355,8 @@ def uninstall(options):
|
|
|
b01884 |
|
|
|
b01884 |
# SSSD was not installed before our installation, and no other domains
|
|
|
b01884 |
# than IPA are configured in sssd.conf - make sure config file is removed
|
|
|
b01884 |
- elif not was_sssd_installed and not was_sssd_configured:
|
|
|
b01884 |
+ elif not was_sssd_installed and not was_sssd_configured \
|
|
|
b01884 |
+ and os.path.exists(paths.SSSD_CONF):
|
|
|
b01884 |
try:
|
|
|
b01884 |
os.rename(paths.SSSD_CONF, paths.SSSD_CONF_DELETED)
|
|
|
b01884 |
except OSError:
|
|
|
b01884 |
diff --git a/ipalib/util.py b/ipalib/util.py
|
|
|
b01884 |
index 3e8fab49d6..68857baec7 100644
|
|
|
b01884 |
--- a/ipalib/util.py
|
|
|
b01884 |
+++ b/ipalib/util.py
|
|
|
b01884 |
@@ -1125,11 +1125,14 @@ def ensure_krbcanonicalname_set(ldap, entry_attrs):
|
|
|
b01884 |
def check_client_configuration():
|
|
|
b01884 |
"""
|
|
|
b01884 |
Check if IPA client is configured on the system.
|
|
|
b01884 |
+
|
|
|
b01884 |
+ Hardcode return code to avoid recursive imports
|
|
|
b01884 |
"""
|
|
|
b01884 |
if (not os.path.isfile(paths.IPA_DEFAULT_CONF) or
|
|
|
b01884 |
not os.path.isdir(paths.IPA_CLIENT_SYSRESTORE) or
|
|
|
b01884 |
not os.listdir(paths.IPA_CLIENT_SYSRESTORE)):
|
|
|
b01884 |
- raise ScriptError('IPA client is not configured on this system')
|
|
|
b01884 |
+ raise ScriptError('IPA client is not configured on this system',
|
|
|
b01884 |
+ 2) # CLIENT_NOT_CONFIGURED
|
|
|
b01884 |
|
|
|
b01884 |
|
|
|
b01884 |
def check_principal_realm_in_trust_namespace(api_instance, *keys):
|
|
|
b01884 |
diff --git a/ipaplatform/redhat/authconfig.py b/ipaplatform/redhat/authconfig.py
|
|
|
b01884 |
index ab3775e9e9..e456d9ec6e 100644
|
|
|
b01884 |
--- a/ipaplatform/redhat/authconfig.py
|
|
|
b01884 |
+++ b/ipaplatform/redhat/authconfig.py
|
|
|
b01884 |
@@ -141,7 +141,7 @@ def configure(self, sssd, mkhomedir, statestore, sudo=True):
|
|
|
b01884 |
def unconfigure(
|
|
|
b01884 |
self, fstore, statestore, was_sssd_installed, was_sssd_configured
|
|
|
b01884 |
):
|
|
|
b01884 |
- if not statestore.has_state('authselect'):
|
|
|
b01884 |
+ if not statestore.has_state('authselect') and was_sssd_installed:
|
|
|
b01884 |
logger.warning(
|
|
|
b01884 |
"WARNING: Unable to revert to the pre-installation state "
|
|
|
b01884 |
"('authconfig' tool has been deprecated in favor of "
|
|
|
b01884 |
diff --git a/ipatests/test_integration/test_replica_promotion.py b/ipatests/test_integration/test_replica_promotion.py
|
|
|
b01884 |
index 265cbfb139..7803c34dcc 100644
|
|
|
b01884 |
--- a/ipatests/test_integration/test_replica_promotion.py
|
|
|
b01884 |
+++ b/ipatests/test_integration/test_replica_promotion.py
|
|
|
b01884 |
@@ -207,6 +207,36 @@ def test_upcase_client_domain(self):
|
|
|
b01884 |
assert(result1.returncode == 0), (
|
|
|
b01884 |
'Failed to promote the client installed with the upcase domain name')
|
|
|
b01884 |
|
|
|
b01884 |
+ def test_client_rollback(self):
|
|
|
b01884 |
+ """Test that bogus error msgs are not in output on rollback.
|
|
|
b01884 |
+
|
|
|
b01884 |
+ FIXME: including in this suite to avoid setting up a
|
|
|
b01884 |
+ master just to test a client install failure. If
|
|
|
b01884 |
+ a pure client install suite is added this can be
|
|
|
b01884 |
+ moved.
|
|
|
b01884 |
+
|
|
|
b01884 |
+ Ticket https://pagure.io/freeipa/issue/7729
|
|
|
b01884 |
+ """
|
|
|
b01884 |
+ client = self.replicas[0]
|
|
|
b01884 |
+
|
|
|
b01884 |
+ # Cleanup previous run
|
|
|
b01884 |
+ client.run_command(['ipa-server-install',
|
|
|
b01884 |
+ '--uninstall', '-U'], raiseonerr=False)
|
|
|
b01884 |
+
|
|
|
b01884 |
+ result = client.run_command(['ipa-client-install', '-U',
|
|
|
b01884 |
+ '--server', self.master.hostname,
|
|
|
b01884 |
+ '--domain', client.domain.name,
|
|
|
b01884 |
+ '-w', 'foo'], raiseonerr=False)
|
|
|
b01884 |
+
|
|
|
b01884 |
+ assert(result.returncode == 1)
|
|
|
b01884 |
+
|
|
|
b01884 |
+ assert("Unconfigured automount client failed" not in
|
|
|
b01884 |
+ result.stdout_text)
|
|
|
b01884 |
+
|
|
|
b01884 |
+ assert("WARNING: Unable to revert" not in result.stdout_text)
|
|
|
b01884 |
+
|
|
|
b01884 |
+ assert("An error occurred while removing SSSD" not in
|
|
|
b01884 |
+ result.stdout_text)
|
|
|
b01884 |
|
|
|
b01884 |
class TestRenewalMaster(IntegrationTest):
|
|
|
b01884 |
|
|
|
b01884 |
From db960e32f155412c34807e204add4858090d3e94 Mon Sep 17 00:00:00 2001
|
|
|
b01884 |
From: Rob Crittenden <rcritten@redhat.com>
|
|
|
b01884 |
Date: Tue, 16 Oct 2018 14:07:25 -0400
|
|
|
b01884 |
Subject: [PATCH] Collect the client and server uninstall logs in tests
|
|
|
b01884 |
|
|
|
b01884 |
When running the integration tests capture the uninstallation
|
|
|
b01884 |
logs as well as the installation logs.
|
|
|
b01884 |
|
|
|
b01884 |
Reviewed-By: Christian Heimes <cheimes@redhat.com>
|
|
|
b01884 |
---
|
|
|
b01884 |
ipatests/pytest_ipa/integration/tasks.py | 3 ++-
|
|
|
b01884 |
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
b01884 |
|
|
|
b01884 |
diff --git a/ipatests/pytest_ipa/integration/tasks.py b/ipatests/pytest_ipa/integration/tasks.py
|
|
|
b01884 |
index f0c61381b6..620ed28c96 100644
|
|
|
b01884 |
--- a/ipatests/pytest_ipa/integration/tasks.py
|
|
|
b01884 |
+++ b/ipatests/pytest_ipa/integration/tasks.py
|
|
|
b01884 |
@@ -69,11 +69,12 @@ def setup_server_logs_collecting(host):
|
|
|
b01884 |
|
|
|
b01884 |
# IPA install logs
|
|
|
b01884 |
host.collect_log(paths.IPASERVER_INSTALL_LOG)
|
|
|
b01884 |
+ host.collect_log(paths.IPASERVER_UNINSTALL_LOG)
|
|
|
b01884 |
host.collect_log(paths.IPACLIENT_INSTALL_LOG)
|
|
|
b01884 |
+ host.collect_log(paths.IPACLIENT_UNINSTALL_LOG)
|
|
|
b01884 |
host.collect_log(paths.IPAREPLICA_INSTALL_LOG)
|
|
|
b01884 |
host.collect_log(paths.IPAREPLICA_CONNCHECK_LOG)
|
|
|
b01884 |
host.collect_log(paths.IPAREPLICA_CA_INSTALL_LOG)
|
|
|
b01884 |
- host.collect_log(paths.IPACLIENT_INSTALL_LOG)
|
|
|
b01884 |
host.collect_log(paths.IPASERVER_KRA_INSTALL_LOG)
|
|
|
b01884 |
host.collect_log(paths.IPA_CUSTODIA_AUDIT_LOG)
|
|
|
b01884 |
|