From 39426966063b3f3deced90ef3f5d0a87801d7eab Mon Sep 17 00:00:00 2001 From: Martin Basti Date: May 04 2015 11:16:26 +0000 Subject: Server Upgrade: ipa-server-upgrade command https://fedorahosted.org/freeipa/ticket/4904 Reviewed-By: Jan Cholasta Reviewed-By: David Kupka --- diff --git a/freeipa.spec.in b/freeipa.spec.in index 608242b..c661fe5 100644 --- a/freeipa.spec.in +++ b/freeipa.spec.in @@ -660,6 +660,7 @@ fi %{_sbindir}/ipa-replica-manage %{_sbindir}/ipa-csreplica-manage %{_sbindir}/ipa-server-certinstall +%{_sbindir}/ipa-server-upgrade %{_sbindir}/ipa-ldap-updater %{_sbindir}/ipa-otptoken-import %{_sbindir}/ipa-compat-manage @@ -804,6 +805,7 @@ fi %{_mandir}/man1/ipa-replica-prepare.1.gz %{_mandir}/man1/ipa-server-certinstall.1.gz %{_mandir}/man1/ipa-server-install.1.gz +%{_mandir}/man1/ipa-server-upgrade.1.gz %{_mandir}/man1/ipa-dns-install.1.gz %{_mandir}/man1/ipa-ca-install.1.gz %{_mandir}/man1/ipa-kra-install.1.gz diff --git a/install/tools/Makefile.am b/install/tools/Makefile.am index b791a8c..e5d45c4 100644 --- a/install/tools/Makefile.am +++ b/install/tools/Makefile.am @@ -16,6 +16,7 @@ sbin_SCRIPTS = \ ipa-replica-manage \ ipa-csreplica-manage \ ipa-server-certinstall \ + ipa-server-upgrade \ ipactl \ ipa-compat-manage \ ipa-nis-manage \ diff --git a/install/tools/ipa-server-upgrade b/install/tools/ipa-server-upgrade new file mode 100644 index 0000000..781b0d3 --- /dev/null +++ b/install/tools/ipa-server-upgrade @@ -0,0 +1,12 @@ +#!/usr/bin/python2 +# +# Copyright (C) 2015 FreeIPA Contributors see COPYING for license +# + +# Documentation can be found at: +# http://freeipa.org/page/LdapUpdate +# http://www.freeipa.org/page/V4/Server_Upgrade_Refactoring + +from ipaserver.install.ipa_server_upgrade import ServerUpgrade + +ServerUpgrade.run_cli() diff --git a/install/tools/man/Makefile.am b/install/tools/man/Makefile.am index 38c049c..6db1776 100644 --- a/install/tools/man/Makefile.am +++ b/install/tools/man/Makefile.am @@ -12,6 +12,7 @@ man1_MANS = \ ipa-replica-prepare.1 \ ipa-server-certinstall.1 \ ipa-server-install.1 \ + ipa-server-upgrade.1 \ ipa-dns-install.1 \ ipa-adtrust-install.1 \ ipa-ca-install.1 \ diff --git a/install/tools/man/ipa-server-upgrade.1 b/install/tools/man/ipa-server-upgrade.1 new file mode 100644 index 0000000..02f252e --- /dev/null +++ b/install/tools/man/ipa-server-upgrade.1 @@ -0,0 +1,40 @@ +.\" +.\" Copyright (C) 2015 FreeIPA Contributors see COPYING for license +.\" + +.TH "ipa-server-upgrade" "1" "April 02 2015" "FreeIPA" "FreeIPA Manual Pages" +.SH "NAME" +ipa\-server\-upgrade \- upgrade IPA server +.SH "SYNOPSIS" +ipa\-server\-upgrade [options] +.SH "DESCRIPTION" +ipa\-server\-upgrade is used to upgrade IPA server when the IPA packages are being updated. It is not intended to be executed by end\-users. + +ipa\-server\-upgrade will: + + * update LDAP schema + * process all files with the extension .update in /usr/share/ipa/updates (including update plugins). + * upgrade local configurations of IPA services + +.SH "OPTIONS" +.TP +\fB\-\-version\fR +Show IPA version +.TP +\fB\-h\fR, \fB\-\-help\fR +Show help message and exit +.TP +\fB\-v\fR, \fB\-\-verbose\fR +Print debugging information +.TP +\fB\-q\fR, \fB\-\-quiet\fR +Output only errors +.TP +\fB-\-log-file=FILE\fR +Log to given file +.TP + +.SH "EXIT STATUS" +0 if the command was successful + +1 if an error occurred diff --git a/ipaserver/install/ipa_server_upgrade.py b/ipaserver/install/ipa_server_upgrade.py new file mode 100644 index 0000000..6d77fdd --- /dev/null +++ b/ipaserver/install/ipa_server_upgrade.py @@ -0,0 +1,72 @@ +# +# Copyright (C) 2015 FreeIPA Contributors see COPYING for license +# + +import sys + +import krbV + +from ipalib import api +from ipaplatform.paths import paths +from ipapython import admintool, ipautil +from ipaserver.install import installutils +from ipaserver.install.upgradeinstance import IPAUpgrade + + +class ServerUpgrade(admintool.AdminTool): + log_file_name = paths.IPAUPGRADE_LOG + command_name = 'ipa-server-upgrade' + + usage = "%prog [options]" + + @classmethod + def add_options(cls, parser): + super(ServerUpgrade, cls).add_options(parser, debug_option=True) + + def validate_options(self): + super(ServerUpgrade, self).validate_options(needs_root=True) + + try: + installutils.check_server_configuration() + except RuntimeError as e: + print unicode(e) + sys.exit(1) + + def setup_logging(self): + super(ServerUpgrade, self).setup_logging(log_file_mode='a') + + def run(self): + super(ServerUpgrade, self).run() + + api.bootstrap(in_server=True, context='updates') + api.finalize() + + options = self.options + + realm = krbV.default_context().default_realm + data_upgrade = IPAUpgrade(realm) + data_upgrade.create_instance() + + if data_upgrade.badsyntax: + raise admintool.ScriptError( + 'Bad syntax detected in upgrade file(s).', 1) + elif data_upgrade.upgradefailed: + raise admintool.ScriptError('IPA upgrade failed.', 1) + elif data_upgrade.modified: + self.log.info('Data update complete') + else: + self.log.info('Data update complete, no data were modified') + + # FIXME: remove this when new installer will be ready + # execute upgrade of configuration + cmd = ['ipa-upgradeconfig', ] + if options.verbose: + cmd.append('--debug') + if options.quiet: + cmd.append('--quiet') + + self.log.info('Executing ipa-upgradeconfig, please wait') + ipautil.run(cmd) + + def handle_error(self, exception): + return installutils.handle_error(exception, self.log_file_name)