[Freeipa-devel] [PATCH 8 of 8] Add ipa-server-install --uninstall
Mark McLoughlin
markmc at redhat.com
Fri Jan 11 12:00:45 UTC 2008
# HG changeset patch
# User Mark McLoughlin <markmc at redhat.com>
# Date 1200052656 0
# Node ID 3f47b8dc521125eb72e567883b4b3460390020e2
# Parent 8640eee04855769ce8d0592e0fd7580e63d81dcf
Add ipa-server-install --uninstall
Add a --uninstall option to ipa-server-install which tries to
restore the system to the way it was before ipa-server-install
was run using the state backed up through sysrestore.py.
Signed-off-by: Mark McLoughlin <markmc at redhat.com>
diff -r 8640eee04855 -r 3f47b8dc5211 ipa-server/ipa-install/ipa-server-install
--- a/ipa-server/ipa-install/ipa-server-install Fri Jan 11 11:06:33 2008 +0000
+++ b/ipa-server/ipa-install/ipa-server-install Fri Jan 11 11:57:36 2008 +0000
@@ -74,15 +74,21 @@ def parse_options():
default=False, help="configure bind with our zone file")
parser.add_option("-U", "--unattended", dest="unattended", action="store_true",
default=False, help="unattended installation never prompts the user")
+ parser.add_option("", "--uninstall", dest="uninstall", action="store_true",
+ default=False, help="uninstall an existing installation")
options, args = parser.parse_args()
- if options.unattended and (not options.ds_user or
- not options.realm_name or
- not options.dm_password or
- not options.admin_password or
- not options.master_password):
- parser.error("error: In unattended mode you need to provide at least -u, -r, -p and -P options")
+ if options.uninstall:
+ if (options.ds_user or options.realm_name or
+ options.dm_password or options.admin_password or
+ options.master_password):
+ parser.error("error: In uninstall mode, -u, r, -p and -P options are not allowed")
+ elif options.unattended:
+ if (not options.ds_user or not options.realm_name or
+ not options.dm_password or not options.admin_password or
+ not options.master_password):
+ parser.error("error: In unattended mode you need to provide at least -u, -r, -p and -P options")
return options
@@ -241,6 +247,17 @@ def read_admin_password():
admin_password = read_password("IPA admin")
return admin_password
+def uninstall():
+ ipaserver.ntpinstance.NTPInstance().uninstall()
+ ipaserver.bindinstance.BindInstance().uninstall()
+ ipaserver.webguiinstance.WebGuiInstance().uninstall()
+ ipaserver.httpinstance.HTTPInstance().uninstall()
+ ipaserver.krbinstance.KrbInstance().uninstall()
+ ipaserver.dsinstance.DsInstance().uninstall()
+ sysrestore.restore_file("/etc/hosts")
+ sysrestore.restore_file("/etc/ipa/ipa.conf")
+ return 0
+
def main():
global ds
ds = None
@@ -255,6 +272,9 @@ def main():
signal.signal(signal.SIGINT, signal_handler)
standard_logging_setup("ipaserver-install.log", options.debug)
+
+ if options.uninstall:
+ return uninstall()
print "=============================================================================="
print "This program will setup the FreeIPA Server."
diff -r 8640eee04855 -r 3f47b8dc5211 ipa-server/ipaserver/bindinstance.py
--- a/ipa-server/ipaserver/bindinstance.py Fri Jan 11 11:06:33 2008 +0000
+++ b/ipa-server/ipaserver/bindinstance.py Fri Jan 11 11:57:36 2008 +0000
@@ -110,3 +110,18 @@ class BindInstance(service.Service):
resolve_fd.write(resolve_txt)
resolve_fd.close()
+ def uninstall(self):
+ running = self.restore_state("running")
+ domain = self.restore_state("domain")
+
+ if not running is None:
+ self.stop()
+
+ if not domain is None:
+ sysrestore.restore_file(os.path.join ("/var/named/", self.domain + ".zone.db"))
+
+ sysrestore.restore_file('/etc/named.conf')
+ sysrestore.restore_file('/etc/resolve.conf')
+
+ if not running is None and running:
+ self.start()
diff -r 8640eee04855 -r 3f47b8dc5211 ipa-server/ipaserver/dsinstance.py
--- a/ipa-server/ipaserver/dsinstance.py Fri Jan 11 11:06:33 2008 +0000
+++ b/ipa-server/ipaserver/dsinstance.py Fri Jan 11 11:57:36 2008 +0000
@@ -333,3 +333,28 @@ class DsInstance(service.Service):
print "Unable to set admin password", e
logging.debug("Unable to set admin password %s" % e)
+ def uninstall(self):
+ running = self.restore_state("running")
+ enabled = self.restore_state("enabled")
+
+ if not running is None:
+ self.stop()
+
+ if not enabled is None and not enabled:
+ self.chkconfig_off()
+
+ serverid = self.restore_state("serverid")
+ if not serverid is None:
+ erase_ds_instance_data(serverid)
+
+ ds_user = self.restore_state("user")
+ user_exists = self.restore_state("user_exists")
+
+ if not ds_user is None and not user_exists is None and not user_exists:
+ try:
+ ipautil.run(["/usr/sbin/userdel", ds_user])
+ except ipautil.CalledProcessError, e:
+ logging.critical("failed to delete user %s" % e)
+
+ if self.restore_state("running"):
+ self.start()
diff -r 8640eee04855 -r 3f47b8dc5211 ipa-server/ipaserver/httpinstance.py
--- a/ipa-server/ipaserver/httpinstance.py Fri Jan 11 11:06:33 2008 +0000
+++ b/ipa-server/ipaserver/httpinstance.py Fri Jan 11 11:57:36 2008 +0000
@@ -158,3 +158,26 @@ class HTTPInstance(service.Service):
"-e", ".html",
tmpdir])
shutil.rmtree(tmpdir)
+
+ def uninstall(self):
+ running = self.restore_state("running")
+ enabled = self.restore_state("enabled")
+
+ if not running is None:
+ self.stop()
+
+ if not enabled is None and not enabled:
+ self.chkconfig_off()
+
+ for f in ["/etc/httpd/conf.d/ipa.conf", SSL_CONF, NSS_CONF]:
+ sysrestore.restore_file(f)
+
+ sebool_state = self.restore_state("httpd_can_network_connect")
+ if not sebool_state is None:
+ try:
+ ipautil.run(["/usr/sbin/setsebool", "-P", "httpd_can_network_connect", sebool_state])
+ except:
+ self.print_msg(selinux_warning)
+
+ if not running is None and running:
+ self.start()
diff -r 8640eee04855 -r 3f47b8dc5211 ipa-server/ipaserver/krbinstance.py
--- a/ipa-server/ipaserver/krbinstance.py Fri Jan 11 11:06:33 2008 +0000
+++ b/ipa-server/ipaserver/krbinstance.py Fri Jan 11 11:57:36 2008 +0000
@@ -379,4 +379,37 @@ class KrbInstance(service.Service):
pent = pwd.getpwnam(self.ds_user)
os.chown("/var/kerberos/krb5kdc/kpasswd.keytab", pent.pw_uid, pent.pw_gid)
-
+ def uninstall(self):
+ running = self.restore_state("running")
+ enabled = self.restore_state("enabled")
+
+ kpasswd_running = sysrestore.restore_state("ipa-kpasswd", "running")
+ kpasswd_enabled = sysrestore.restore_state("ipa-kpasswd", "enabled")
+
+ if not running is None:
+ self.stop()
+ if not kpasswd_running is None:
+ service.stop("ipa-kpasswd")
+
+ if not enabled is None and not enabled:
+ self.chkconfig_off()
+ if not kpasswd_enabled is None and not kpasswd_enabled:
+ service.chkconfig_off("ipa-kpasswd")
+
+ for f in ["/var/kerberos/krb5kdc/ldappwd",
+ "/var/kerberos/krb5kdc/kdc.conf",
+ "/etc/krb5.conf",
+ "/usr/share/ipa/html/krb5.ini",
+ "/usr/share/ipa/html/krb.con",
+ "/usr/share/ipa/html/krbrealm.con",
+ "/etc/dirsrv/ds.keytab",
+ "/etc/sysconfig/dirsrv",
+ "/etc/krb5.keytab",
+ "/var/kerberos/krb5kdc/kpasswd.keytab",
+ "/etc/sysconfig/ipa-kpasswd"]:
+ sysrestore.restore_file(f)
+
+ if not running is None and running:
+ self.start()
+ if not kpasswd_running is None and kpasswd_running:
+ service.start("ipa-kpasswd")
diff -r 8640eee04855 -r 3f47b8dc5211 ipa-server/ipaserver/ntpinstance.py
--- a/ipa-server/ipaserver/ntpinstance.py Fri Jan 11 11:06:33 2008 +0000
+++ b/ipa-server/ipaserver/ntpinstance.py Fri Jan 11 11:57:36 2008 +0000
@@ -70,3 +70,17 @@ class NTPInstance(service.Service):
self.step("configuring ntpd to start on boot", self.__enable)
self.start_creation("Configuring ntpd")
+
+ def uninstall(self):
+ running = self.restore_state("running")
+ enabled = self.restore_state("enabled")
+
+ if not running is None:
+ self.stop()
+ if not enabled is None and not enabled:
+ self.chkconfig_off()
+
+ sysrestore.restore_file("/etc/ntp.conf")
+
+ if not running is None and running:
+ self.start()
diff -r 8640eee04855 -r 3f47b8dc5211 ipa-server/ipaserver/service.py
--- a/ipa-server/ipaserver/service.py Fri Jan 11 11:06:33 2008 +0000
+++ b/ipa-server/ipaserver/service.py Fri Jan 11 11:57:36 2008 +0000
@@ -104,6 +104,9 @@ class Service:
def backup_state(self, key, value):
sysrestore.backup_state(self.service_name, key, value)
+ def restore_state(self, key):
+ return sysrestore.restore_state(self.service_name, key)
+
def print_msg(self, message):
print_msg(message, self.output_fd)
diff -r 8640eee04855 -r 3f47b8dc5211 ipa-server/ipaserver/webguiinstance.py
--- a/ipa-server/ipaserver/webguiinstance.py Fri Jan 11 11:06:33 2008 +0000
+++ b/ipa-server/ipaserver/webguiinstance.py Fri Jan 11 11:57:36 2008 +0000
@@ -35,3 +35,12 @@ class WebGuiInstance(service.Service):
def __enable(self):
self.backup_state("enabled", self.is_enabled())
self.chkconfig_on()
+
+ def uninstall(self):
+ running = self.restore_state("running")
+ enabled = not self.restore_state("enabled")
+
+ if not running is None and not running:
+ self.stop()
+ if not enabled is None and not enabled:
+ self.chkconfig_off()
More information about the Freeipa-devel
mailing list