def uninstall(self): if not self.is_configured(): return self.print_msg("Unconfiguring %s" % self.service_name) # just eat states self.restore_state("running") self.restore_state("enabled") # stop and disable service (IPA service, we do not need it anymore) self.disable() self.stop() # restore state of dnssec default signer daemon signerd_enabled = self.restore_state("singerd_enabled") signerd_running = self.restore_state("singerd_running") signerd_service = services.knownservices.ods_signerd signerd_service.unmask() # service was stopped and disabled by setup if signerd_enabled: signerd_service.enable() if signerd_running: signerd_service.start() installutils.remove_keytab(self.keytab) installutils.remove_ccache(ccache_path=paths.IPA_ODS_EXPORTER_CCACHE)
def uninstall(self): if self.is_configured(): self.print_msg("Unconfiguring %s" % self.service_name) running = self.restore_state("running") enabled = self.restore_state("enabled") named_regular_running = self.restore_state("named-regular-running") named_regular_enabled = self.restore_state("named-regular-enabled") self.dns_backup.clear_records(self.api.Backend.ldap2.isconnected()) for f in [NAMED_CONF, RESOLV_CONF]: try: self.fstore.restore_file(f) except ValueError as error: root_logger.debug(error) # disabled by default, by ldap_enable() if enabled: self.enable() if running: self.restart() self.named_regular.unmask() if named_regular_enabled: self.named_regular.enable() if named_regular_running: self.named_regular.start() installutils.remove_keytab(self.keytab) installutils.remove_ccache(run_as=self.service_user)
def uninstall(self): if self.is_configured(): self.print_msg("Unconfiguring %s" % self.service_name) running = self.restore_state("running") enabled = self.restore_state("enabled") named_regular_running = self.restore_state("named-regular-running") named_regular_enabled = self.restore_state("named-regular-enabled") self.dns_backup.clear_records(self.api.Backend.ldap2.isconnected()) for f in [NAMED_CONF, RESOLV_CONF]: try: self.fstore.restore_file(f) except ValueError as error: root_logger.debug(error) # disabled by default, by ldap_enable() if enabled: self.enable() if running: self.restart() self.named_regular.unmask() if named_regular_enabled: self.named_regular.enable() if named_regular_running: self.named_regular.start() installutils.remove_keytab(paths.NAMED_KEYTAB) installutils.remove_ccache(run_as='named')
def uninstall(self): if self.is_configured(): self.print_msg("Unconfiguring directory server") enabled = self.restore_state("enabled") # Just eat this state if it exists self.restore_state("running") try: self.fstore.restore_file(paths.LIMITS_CONF) self.fstore.restore_file(paths.SYSCONFIG_DIRSRV) except ValueError as error: logger.debug("%s", error) # disabled during IPA installation if enabled: self.enable() serverid = self.restore_state("serverid") if serverid is not None: self.stop_tracking_certificates(serverid) logger.debug("Removing DS instance %s", serverid) try: remove_ds_instance(serverid) except ipautil.CalledProcessError: logger.error("Failed to remove DS instance. You may " "need to remove instance data manually") installutils.remove_keytab(paths.DS_KEYTAB) installutils.remove_ccache(run_as=DS_USER) # Remove scripts dir scripts = paths.VAR_LIB_DIRSRV_INSTANCE_SCRIPTS_TEMPLATE % ( serverid) installutils.rmtree(scripts) # Just eat this state self.restore_state("user_exists") # Make sure some upgrade-related state is removed. This could cause # re-installation problems. self.restore_state('nsslapd-port') self.restore_state('nsslapd-security') self.restore_state('nsslapd-ldapiautobind') # If any dirsrv instances remain after we've removed ours then # (re)start them. for ds_instance in get_ds_instances(): try: services.knownservices.dirsrv.restart(ds_instance, wait=False) except Exception as e: logger.error( 'Unable to restart DS instance %s: %s', ds_instance, e)
def uninstall(self): if self.is_configured(): self.print_msg("Unconfiguring %s" % self.service_name) # Call restore_state so that we do not leave mess in the statestore # Otherwise this does nothing self.restore_state("running") self.restore_state("enabled") winbind = services.service("winbind", api) # Always try to stop and disable smb service, since we do not leave # working configuration after uninstall try: self.stop() self.disable() winbind.stop() winbind.disable() except Exception: pass # Since we do not guarantee restoring back to working samba state, # we should not restore smb.conf # Restore the state of affected selinux booleans boolean_states = { name: self.restore_state(name) for name in constants.SELINUX_BOOLEAN_ADTRUST } try: tasks.set_selinux_booleans(boolean_states) except ipapython.errors.SetseboolError as e: self.print_msg('WARNING: ' + str(e)) # Remove samba's credentials cache installutils.remove_ccache(ccache_path=paths.KRB5CC_SAMBA) # Remove samba's configuration file installutils.remove_file(self.smb_conf) # Remove samba's persistent and temporary tdb files tdb_files = [ tdb_file for tdb_file in os.listdir(paths.SAMBA_DIR) if tdb_file.endswith(".tdb") ] for tdb_file in tdb_files: installutils.remove_file(tdb_file) # Remove our keys from samba's keytab self.clean_samba_keytab()
def uninstall(self): if self.is_configured(): self.print_msg("Unconfiguring directory server") enabled = self.restore_state("enabled") # Just eat this state if it exists self.restore_state("running") try: self.fstore.restore_file(paths.LIMITS_CONF) self.fstore.restore_file(paths.SYSCONFIG_DIRSRV) except ValueError as error: logger.debug("%s", error) # disabled during IPA installation if enabled: self.enable() serverid = self.restore_state("serverid") if serverid is not None: self.stop_tracking_certificates(serverid) logger.debug("Removing DS instance %s", serverid) try: remove_ds_instance(serverid) installutils.remove_keytab(paths.DS_KEYTAB) installutils.remove_ccache(run_as=DS_USER) except ipautil.CalledProcessError: logger.error("Failed to remove DS instance. You may " "need to remove instance data manually") # Just eat this state self.restore_state("user_exists") # Make sure some upgrade-related state is removed. This could cause # re-installation problems. self.restore_state('nsslapd-port') self.restore_state('nsslapd-security') self.restore_state('nsslapd-ldapiautobind') # If any dirsrv instances remain after we've removed ours then # (re)start them. for ds_instance in get_ds_instances(): try: services.knownservices.dirsrv.restart(ds_instance, wait=False) except Exception as e: logger.error( 'Unable to restart DS instance %s: %s', ds_instance, e)
def uninstall(self): if self.is_configured(): self.print_msg("Unconfiguring %s" % self.service_name) # Call restore_state so that we do not leave mess in the statestore # Otherwise this does nothing self.restore_state("running") self.restore_state("enabled") winbind = services.service("winbind", api) # Always try to stop and disable smb service, since we do not leave # working configuration after uninstall try: self.stop() self.disable() winbind.stop() winbind.disable() except Exception: pass # Since we do not guarantee restoring back to working samba state, # we should not restore smb.conf # Restore the state of affected selinux booleans boolean_states = {name: self.restore_state(name) for name in constants.SELINUX_BOOLEAN_ADTRUST} try: tasks.set_selinux_booleans(boolean_states) except ipapython.errors.SetseboolError as e: self.print_msg('WARNING: ' + str(e)) # Remove samba's credentials cache installutils.remove_ccache(ccache_path=paths.KRB5CC_SAMBA) # Remove samba's configuration file installutils.remove_file(self.smb_conf) # Remove samba's persistent and temporary tdb files tdb_files = [tdb_file for tdb_file in os.listdir(paths.SAMBA_DIR) if tdb_file.endswith(".tdb")] for tdb_file in tdb_files: installutils.remove_file(tdb_file) # Remove our keys from samba's keytab self.clean_samba_keytab()
def uninstall(self): if self.is_configured(): self.print_msg("Unconfiguring %s" % self.service_name) running = self.restore_state("running") enabled = self.restore_state("enabled") named_regular_running = self.restore_state("named-regular-running") named_regular_enabled = self.restore_state("named-regular-enabled") self.dns_backup.clear_records(self.api.Backend.ldap2.isconnected()) try: self.fstore.restore_file(paths.NAMED_CONF) except ValueError as error: logger.debug('%s', error) try: tasks.unconfigure_dns_resolver(fstore=self.fstore) except Exception: logger.exception("Failed to unconfigure DNS resolver") installutils.rmtree(paths.BIND_LDAP_DNS_IPA_WORKDIR) # disabled by default, by ldap_configure() if enabled: self.enable() else: self.disable() if running: self.restart() else: self.stop() self.named_regular.unmask() if named_regular_enabled: self.named_regular.enable() if named_regular_running: self.named_regular.start() installutils.remove_keytab(self.keytab) installutils.remove_ccache(run_as=self.service_user)
def __setup_principal(self): try: api.Command.service_add(unicode(self.principal)) except errors.DuplicateEntry: # CIFS principal already exists, it is not the first time # adtrustinstance is managed # That's fine, we we'll re-extract the key again. pass except Exception as e: self.print_msg("Cannot add CIFS service: %s" % e) self.clean_samba_keytab() installutils.remove_ccache(paths.KRB5CC_SAMBA) try: ipautil.run([ "ipa-getkeytab", "--server", self.fqdn, "--principal", self.principal, "-k", self.keytab ]) except ipautil.CalledProcessError: root_logger.critical("Failed to add key for %s" % self.principal)
def __setup_principal(self): try: api.Command.service_add(unicode(self.cifs_principal)) except errors.DuplicateEntry: # CIFS principal already exists, it is not the first time # adtrustinstance is managed # That's fine, we we'll re-extract the key again. pass except Exception as e: self.print_msg("Cannot add CIFS service: %s" % e) self.clean_samba_keytab() installutils.remove_ccache(paths.KRB5CC_SAMBA) try: ipautil.run(["ipa-getkeytab", "--server", self.fqdn, "--principal", self.cifs_principal, "-k", self.samba_keytab]) except ipautil.CalledProcessError: root_logger.critical("Failed to add key for %s" % self.cifs_principal)
def clean_previous_keytab(self, keytab=None): """ Purge old CIFS keys from samba and clean up samba ccache """ self.clean_samba_keytab() installutils.remove_ccache(paths.KRB5CC_SAMBA)
def uninstall(self): if self.is_configured(): self.print_msg("Unconfiguring web server") running = self.restore_state("running") enabled = self.restore_state("enabled") # Restore oddjobd to its original state oddjobd = services.service('oddjobd') if not self.sstore.restore_state('oddjobd', 'running'): try: oddjobd.stop() except Exception: pass if not self.sstore.restore_state('oddjobd', 'enabled'): try: oddjobd.disable() except Exception: pass self.stop_tracking_certificates() helper = self.restore_state('certmonger_ipa_helper') if helper: bus = dbus.SystemBus() obj = bus.get_object('org.fedorahosted.certmonger', '/org/fedorahosted/certmonger') iface = dbus.Interface(obj, 'org.fedorahosted.certmonger') path = iface.find_ca_by_nickname('IPA') if path: ca_obj = bus.get_object('org.fedorahosted.certmonger', path) ca_iface = dbus.Interface(ca_obj, 'org.freedesktop.DBus.Properties') ca_iface.Set('org.fedorahosted.certmonger.ca', 'external-helper', helper) for f in [paths.HTTPD_IPA_CONF, paths.HTTPD_SSL_CONF, paths.HTTPD_NSS_CONF]: try: self.fstore.restore_file(f) except ValueError as error: root_logger.debug(error) installutils.remove_keytab(paths.IPA_KEYTAB) installutils.remove_ccache(ccache_path=paths.KRB5CC_HTTPD, run_as=HTTPD_USER) # Remove the configuration files we create installutils.remove_file(paths.HTTPD_IPA_REWRITE_CONF) installutils.remove_file(paths.HTTPD_IPA_CONF) installutils.remove_file(paths.HTTPD_IPA_PKI_PROXY_CONF) installutils.remove_file(paths.HTTPD_IPA_KDCPROXY_CONF_SYMLINK) installutils.remove_file(paths.HTTPD_IPA_KDCPROXY_CONF) # Restore SELinux boolean states boolean_states = {name: self.restore_state(name) for name in SELINUX_BOOLEAN_SETTINGS} try: tasks.set_selinux_booleans(boolean_states) except ipapython.errors.SetseboolError as e: self.print_msg('WARNING: ' + str(e)) if running: self.restart() # disabled by default, by ldap_enable() if enabled: self.enable()
def uninstall(self): if self.is_configured(): self.print_msg("Unconfiguring web server") running = self.restore_state("running") enabled = self.restore_state("enabled") # Restore oddjobd to its original state oddjobd = services.service('oddjobd') if not self.sstore.restore_state('oddjobd', 'running'): try: oddjobd.stop() except Exception: pass if not self.sstore.restore_state('oddjobd', 'enabled'): try: oddjobd.disable() except Exception: pass self.stop_tracking_certificates() helper = self.restore_state('certmonger_ipa_helper') if helper: bus = dbus.SystemBus() obj = bus.get_object('org.fedorahosted.certmonger', '/org/fedorahosted/certmonger') iface = dbus.Interface(obj, 'org.fedorahosted.certmonger') path = iface.find_ca_by_nickname('IPA') if path: ca_obj = bus.get_object('org.fedorahosted.certmonger', path) ca_iface = dbus.Interface(ca_obj, 'org.freedesktop.DBus.Properties') ca_iface.Set('org.fedorahosted.certmonger.ca', 'external-helper', helper) for f in [ paths.HTTPD_IPA_CONF, paths.HTTPD_SSL_CONF, paths.HTTPD_NSS_CONF ]: try: self.fstore.restore_file(f) except ValueError as error: root_logger.debug(error) installutils.remove_keytab(self.keytab) installutils.remove_ccache(ccache_path=paths.KRB5CC_HTTPD, run_as=self.service_user) # Remove the configuration files we create installutils.remove_file(paths.HTTPD_IPA_REWRITE_CONF) installutils.remove_file(paths.HTTPD_IPA_CONF) installutils.remove_file(paths.HTTPD_IPA_PKI_PROXY_CONF) installutils.remove_file(paths.HTTPD_IPA_KDCPROXY_CONF_SYMLINK) installutils.remove_file(paths.HTTPD_IPA_KDCPROXY_CONF) tasks.remove_httpd_service_ipa_conf() # Restore SELinux boolean states boolean_states = { name: self.restore_state(name) for name in SELINUX_BOOLEAN_SETTINGS } try: tasks.set_selinux_booleans(boolean_states) except ipapython.errors.SetseboolError as e: self.print_msg('WARNING: ' + str(e)) if running: self.restart() # disabled by default, by ldap_enable() if enabled: self.enable()