From 3283ba88cdd7821a430132dec23a788ea4241f76 Mon Sep 17 00:00:00 2001
From: Christian Heimes <cheimes@redhat.com>
Date: Wed, 27 Mar 2019 11:03:00 +0100
Subject: [PATCH] Use api.env.container_masters
Replace occurences of ('cn', 'masters'), ('cn', 'ipa'), ('cn', 'etc')
with api.env.container_masters.
Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Thomas Woerner <twoerner@redhat.com>
---
ipaserver/install/bindinstance.py | 3 +--
ipaserver/install/cainstance.py | 7 +++----
ipaserver/install/dns.py | 4 ++--
ipaserver/install/ipa_backup.py | 3 ++-
ipaserver/install/ipa_restore.py | 3 ++-
ipaserver/install/krbinstance.py | 6 +-----
ipaserver/install/plugins/ca_renewal_master.py | 3 +--
ipaserver/install/replication.py | 3 +--
ipaserver/install/server/upgrade.py | 4 ++--
ipaserver/install/service.py | 11 +++++------
ipaserver/plugins/baseldap.py | 2 +-
ipaserver/plugins/domainlevel.py | 13 +++----------
12 files changed, 24 insertions(+), 38 deletions(-)
diff --git a/ipaserver/install/bindinstance.py b/ipaserver/install/bindinstance.py
index c175ca4f23b4f4440e1acaac2495276388daf3ae..6156ecdfbd1a62d5b1e0a26db47ef2b9a9448bc1 100644
--- a/ipaserver/install/bindinstance.py
+++ b/ipaserver/install/bindinstance.py
@@ -862,8 +862,7 @@ class BindInstance(service.Service):
def __add_others(self):
entries = api.Backend.ldap2.get_entries(
- DN(('cn', 'masters'), ('cn', 'ipa'), ('cn', 'etc'),
- self.suffix),
+ DN(api.env.container_masters, self.suffix),
api.Backend.ldap2.SCOPE_ONELEVEL, None, ['dn'])
for entry in entries:
diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py
index f424e7cd76d24a5a633a4f4babf3e112537be92c..2946b5cc2b4b8b708a060aa79d1b7ab0e7b4e651 100644
--- a/ipaserver/install/cainstance.py
+++ b/ipaserver/install/cainstance.py
@@ -1173,8 +1173,8 @@ class CAInstance(DogtagInstance):
if fqdn is None:
fqdn = api.env.host
- dn = DN(('cn', 'CA'), ('cn', fqdn), ('cn', 'masters'), ('cn', 'ipa'),
- ('cn', 'etc'), api.env.basedn)
+ dn = DN(('cn', 'CA'), ('cn', fqdn), api.env.container_masters,
+ api.env.basedn)
renewal_filter = '(ipaConfigString=caRenewalMaster)'
try:
api.Backend.ldap2.get_entries(base_dn=dn, filter=renewal_filter,
@@ -1188,8 +1188,7 @@ class CAInstance(DogtagInstance):
if fqdn is None:
fqdn = api.env.host
- base_dn = DN(('cn', 'masters'), ('cn', 'ipa'), ('cn', 'etc'),
- api.env.basedn)
+ base_dn = DN(api.env.container_masters, api.env.basedn)
filter = '(&(cn=CA)(ipaConfigString=caRenewalMaster))'
try:
entries = api.Backend.ldap2.get_entries(
diff --git a/ipaserver/install/dns.py b/ipaserver/install/dns.py
index b17848a80c4300ed74aedc1e29a0dedbee79e6d9..930e038e4d7629563d2cea39fe581987dd0edfef 100644
--- a/ipaserver/install/dns.py
+++ b/ipaserver/install/dns.py
@@ -98,8 +98,8 @@ def _disable_dnssec():
api.env.basedn)
conn = api.Backend.ldap2
- dn = DN(('cn', 'DNSSEC'), ('cn', api.env.host), ('cn', 'masters'),
- ('cn', 'ipa'), ('cn', 'etc'), api.env.basedn)
+ dn = DN(('cn', 'DNSSEC'), ('cn', api.env.host),
+ api.env.container_masters, api.env.basedn)
try:
entry = conn.get_entry(dn)
except errors.NotFound:
diff --git a/ipaserver/install/ipa_backup.py b/ipaserver/install/ipa_backup.py
index 789955a67dfc255285a2c82d9a8060495c3469e2..cef01d30454ea1adb8bf9c68f428b9555f1b9557 100644
--- a/ipaserver/install/ipa_backup.py
+++ b/ipaserver/install/ipa_backup.py
@@ -576,7 +576,8 @@ class Backup(admintool.AdminTool):
config.set('ipa', 'ipa_version', str(version.VERSION))
config.set('ipa', 'version', '1')
- dn = DN(('cn', api.env.host), ('cn', 'masters'), ('cn', 'ipa'), ('cn', 'etc'), api.env.basedn)
+ dn = DN(('cn', api.env.host), api.env.container_masters,
+ api.env.basedn)
services_cns = []
try:
conn = self.get_connection()
diff --git a/ipaserver/install/ipa_restore.py b/ipaserver/install/ipa_restore.py
index 8b2f5bef7c9b1b8e2e2bae4e88850cf18b67b889..bd065a038db4d523048f0566f65458402d801e18 100644
--- a/ipaserver/install/ipa_restore.py
+++ b/ipaserver/install/ipa_restore.py
@@ -507,7 +507,8 @@ class Restore(admintool.AdminTool):
master, e)
continue
- master_dn = DN(('cn', master), ('cn', 'masters'), ('cn', 'ipa'), ('cn', 'etc'), api.env.basedn)
+ master_dn = DN(('cn', master), api.env.container_masters,
+ api.env.basedn)
try:
services = repl.conn.get_entries(master_dn,
repl.conn.SCOPE_ONELEVEL)
diff --git a/ipaserver/install/krbinstance.py b/ipaserver/install/krbinstance.py
index aa9243dc69674a00f2e1bcdc3e71d44ae8862fbe..319eeb82bcbe61acd70b2943982b6fec6fa33f92 100644
--- a/ipaserver/install/krbinstance.py
+++ b/ipaserver/install/krbinstance.py
@@ -470,11 +470,7 @@ class KrbInstance(service.Service):
unadvertise enabled PKINIT feature in master's KDC entry in LDAP
"""
ldap = api.Backend.ldap2
- dn = DN(('cn', 'KDC'),
- ('cn', self.fqdn),
- ('cn', 'masters'),
- ('cn', 'ipa'),
- ('cn', 'etc'),
+ dn = DN(('cn', 'KDC'), ('cn', self.fqdn), api.env.container_masters,
self.suffix)
entry = ldap.get_entry(dn, ['ipaConfigString'])
diff --git a/ipaserver/install/plugins/ca_renewal_master.py b/ipaserver/install/plugins/ca_renewal_master.py
index 618f51244019c2a77a9d0a93437f95c037f1a728..259bd5a991d39adb9f30fe5b22e59c7eef09cfc6 100644
--- a/ipaserver/install/plugins/ca_renewal_master.py
+++ b/ipaserver/install/plugins/ca_renewal_master.py
@@ -46,8 +46,7 @@ class update_ca_renewal_master(Updater):
return False, []
ldap = self.api.Backend.ldap2
- base_dn = DN(('cn', 'masters'), ('cn', 'ipa'), ('cn', 'etc'),
- self.api.env.basedn)
+ base_dn = DN(self.api.env.container_masters, self.api.env.basedn)
dn = DN(('cn', 'CA'), ('cn', self.api.env.host), base_dn)
filter = '(&(cn=CA)(ipaConfigString=caRenewalMaster))'
try:
diff --git a/ipaserver/install/replication.py b/ipaserver/install/replication.py
index 70629b4528f033908c584bfaf0793cfa4ce259d4..8644b9ff618d28614a319d6da6a2041fea3c1c1f 100644
--- a/ipaserver/install/replication.py
+++ b/ipaserver/install/replication.py
@@ -1419,8 +1419,7 @@ class ReplicationManager(object):
# delete master entry with all active services
try:
- dn = DN(('cn', replica), ('cn', 'masters'), ('cn', 'ipa'),
- ('cn', 'etc'), self.suffix)
+ dn = DN(('cn', replica), api.env.container_masters, self.suffix)
entries = self.conn.get_entries(dn, ldap.SCOPE_SUBTREE)
if entries:
entries.sort(key=lambda x: len(x.dn), reverse=True)
diff --git a/ipaserver/install/server/upgrade.py b/ipaserver/install/server/upgrade.py
index 57c70ea9250bf6fcf027665304e02cc6def8e442..f4389d37909fc0b5aed960638de67243906b634d 100644
--- a/ipaserver/install/server/upgrade.py
+++ b/ipaserver/install/server/upgrade.py
@@ -1244,8 +1244,8 @@ def uninstall_dogtag_9(ds, http):
logger.debug('Dogtag is version 10 or above')
return
- dn = DN(('cn', 'CA'), ('cn', api.env.host), ('cn', 'masters'),
- ('cn', 'ipa'), ('cn', 'etc'), api.env.basedn)
+ dn = DN(('cn', 'CA'), ('cn', api.env.host), api.env.container_masters,
+ api.env.basedn)
try:
api.Backend.ldap2.delete_entry(dn)
except ipalib.errors.PublicError as e:
diff --git a/ipaserver/install/service.py b/ipaserver/install/service.py
index a030801175491f65dc83aa9d42afdb1dfdb65b0f..261eedc85be24478b99e5ae8886aec7bc23a80ed 100644
--- a/ipaserver/install/service.py
+++ b/ipaserver/install/service.py
@@ -134,8 +134,7 @@ def set_service_entry_config(name, fqdn, config_values,
assert isinstance(ldap_suffix, DN)
entry_name = DN(
- ('cn', name), ('cn', fqdn), ('cn', 'masters'),
- ('cn', 'ipa'), ('cn', 'etc'), ldap_suffix)
+ ('cn', name), ('cn', fqdn), api.env.container_masters, ldap_suffix)
# enable disabled service
try:
@@ -577,8 +576,8 @@ class Service(object):
def ldap_disable(self, name, fqdn, ldap_suffix):
assert isinstance(ldap_suffix, DN)
- entry_dn = DN(('cn', name), ('cn', fqdn), ('cn', 'masters'),
- ('cn', 'ipa'), ('cn', 'etc'), ldap_suffix)
+ entry_dn = DN(('cn', name), ('cn', fqdn), api.env.container_masters,
+ ldap_suffix)
search_kw = {'ipaConfigString': ENABLED_SERVICE}
filter = api.Backend.ldap2.make_filter(search_kw)
try:
@@ -611,8 +610,8 @@ class Service(object):
logger.debug("service %s startup entry disabled", name)
def ldap_remove_service_container(self, name, fqdn, ldap_suffix):
- entry_dn = DN(('cn', name), ('cn', fqdn), ('cn', 'masters'),
- ('cn', 'ipa'), ('cn', 'etc'), ldap_suffix)
+ entry_dn = DN(('cn', name), ('cn', fqdn),
+ self.api.env.container_masters, ldap_suffix)
try:
api.Backend.ldap2.delete_entry(entry_dn)
except errors.NotFound:
diff --git a/ipaserver/plugins/baseldap.py b/ipaserver/plugins/baseldap.py
index 08ddc6d10d6431f51296bca9ae28aca8fa8586b2..25449b5aec72cbdbfb57527aa834cc69291398d6 100644
--- a/ipaserver/plugins/baseldap.py
+++ b/ipaserver/plugins/baseldap.py
@@ -497,7 +497,7 @@ def host_is_master(ldap, fqdn):
Raises an exception if a master, otherwise returns nothing.
"""
- master_dn = DN(('cn', fqdn), ('cn', 'masters'), ('cn', 'ipa'), ('cn', 'etc'), api.env.basedn)
+ master_dn = DN(('cn', fqdn), api.env.container_masters, api.env.basedn)
try:
ldap.get_entry(master_dn, ['objectclass'])
raise errors.ValidationError(name='hostname', error=_('An IPA master host cannot be deleted or disabled'))
diff --git a/ipaserver/plugins/domainlevel.py b/ipaserver/plugins/domainlevel.py
index 306ca0a6d147b2c0dc7a91ee1aefc0e7a5c98048..0d36dc08c07612dc565417a66ab9c467eb7f0555 100644
--- a/ipaserver/plugins/domainlevel.py
+++ b/ipaserver/plugins/domainlevel.py
@@ -72,25 +72,18 @@ def check_conflict_entries(ldap, api, desired_value):
except errors.NotFound:
pass
+
def get_master_entries(ldap, api):
"""
Returns list of LDAPEntries representing IPA masters.
"""
-
- container_masters = DN(
- ('cn', 'masters'),
- ('cn', 'ipa'),
- ('cn', 'etc'),
- api.env.basedn
- )
-
+ dn = DN(api.env.container_masters, api.env.basedn)
masters, _dummy = ldap.find_entries(
filter="(cn=*)",
- base_dn=container_masters,
+ base_dn=dn,
scope=ldap.SCOPE_ONELEVEL,
paged_search=True, # we need to make sure to get all of them
)
-
return masters
--
2.20.1