def _finalize_core(self, **defaults): """ Complete initialization of standard IPA environment. This method will perform the following steps: 1. Call `Env._bootstrap()` if it hasn't already been called. 2. Merge-in variables from the configuration file ``self.conf`` (if it exists) by calling `Env._merge_from_file()`. 3. Merge-in variables from the defaults configuration file ``self.conf_default`` (if it exists) by calling `Env._merge_from_file()`. 4. Intelligently fill-in the *in_server* , *logdir*, *log*, and *jsonrpc_uri* variables if they haven't already been set. 5. Merge-in the variables in ``defaults`` by calling `Env._merge()`. In normal circumstances ``defaults`` will simply be those specified in `constants.DEFAULT_CONFIG`. After this method is called, all the environment variables used by all the built-in plugins will be available. As such, this method should be called *before* any plugins are loaded. After this method has finished, the `Env` instance is still writable so that 3rd-party plugins can set variables they may require as the plugins are registered. Also see `Env._finalize()`, the final method in the bootstrap sequence. :param defaults: Internal defaults for all built-in variables. """ self.__doing('_finalize_core') self.__do_if_not_done('_bootstrap') # Merge in context config file and then default config file: if self.__d.get('mode', None) != 'dummy': self._merge_from_file(self.conf) self._merge_from_file(self.conf_default) # Determine if in_server: if 'in_server' not in self: self.in_server = (self.context == 'server') # Set logdir: if 'logdir' not in self: if self.in_tree or not self.in_server: self.logdir = self._join('dot_ipa', 'log') else: self.logdir = path.join('/', 'var', 'log', 'ipa') # Set log file: if 'log' not in self: self.log = self._join('logdir', '%s.log' % self.context) if 'basedn' not in self and 'domain' in self: self.basedn = DN(*(('dc', dc) for dc in self.domain.split('.'))) # Derive xmlrpc_uri from server # (Note that this is done before deriving jsonrpc_uri from xmlrpc_uri # and server from jsonrpc_uri so that when only server or xmlrpc_uri # is specified, all 3 keys have a value.) if 'xmlrpc_uri' not in self and 'server' in self: self.xmlrpc_uri = 'https://{}/ipa/xml'.format(self.server) # Derive ldap_uri from server if 'ldap_uri' not in self and 'server' in self: self.ldap_uri = 'ldap://{}'.format(self.server) # Derive jsonrpc_uri from xmlrpc_uri if 'jsonrpc_uri' not in self: if 'xmlrpc_uri' in self: xmlrpc_uri = self.xmlrpc_uri else: xmlrpc_uri = defaults.get('xmlrpc_uri') if xmlrpc_uri: (scheme, netloc, uripath, params, query, fragment) = urlparse(xmlrpc_uri) uripath = uripath.replace('/xml', '/json', 1) self.jsonrpc_uri = urlunparse( (scheme, netloc, uripath, params, query, fragment)) if 'server' not in self: if 'jsonrpc_uri' in self: jsonrpc_uri = self.jsonrpc_uri else: jsonrpc_uri = defaults.get('jsonrpc_uri') if jsonrpc_uri: parsed = urlparse(jsonrpc_uri) self.server = parsed.netloc self._merge(**defaults) # set the best known TLS version if min/max versions are not set if 'tls_version_min' not in self: self.tls_version_min = TLS_VERSIONS[-1] elif self.tls_version_min not in TLS_VERSIONS: raise errors.EnvironmentError( "Unknown TLS version '{ver}' set in tls_version_min.".format( ver=self.tls_version_min)) if 'tls_version_max' not in self: self.tls_version_max = TLS_VERSIONS[-1] elif self.tls_version_max not in TLS_VERSIONS: raise errors.EnvironmentError( "Unknown TLS version '{ver}' set in tls_version_max.".format( ver=self.tls_version_max)) if self.tls_version_max < self.tls_version_min: raise errors.EnvironmentError( "tls_version_min is set to a higher TLS version than " "tls_version_max.")
def _bootstrap(self, **overrides): """ Initialize basic environment. This method will perform the following steps: 1. Initialize certain run-time variables. These run-time variables are strictly determined by the external environment the process is running in; they cannot be specified on the command-line nor in the configuration files. 2. Merge-in the variables in ``overrides`` by calling `Env._merge()`. The intended use of ``overrides`` is to merge-in variables specified on the command-line. 3. Intelligently fill-in the *in_tree*, *context*, *conf*, and *conf_default* variables if they haven't been set already. Also see `Env._finalize_core()`, the next method in the bootstrap sequence. :param overrides: Variables specified via command-line options. """ self.__doing('_bootstrap') # Set run-time variables (cannot be overridden): self.ipalib = path.dirname(path.abspath(__file__)) self.site_packages = path.dirname(self.ipalib) self.script = path.abspath(sys.argv[0]) self.bin = path.dirname(self.script) self.home = os.environ.get('HOME', None) self.fips_mode = tasks.is_fips_enabled() # Merge in overrides: self._merge(**overrides) # Determine if running in source tree: if 'in_tree' not in self: self.in_tree = (self.bin == self.site_packages and path.isfile(path.join(self.bin, 'setup.py'))) if self.in_tree and 'mode' not in self: self.mode = 'developer' # Set dot_ipa: if 'dot_ipa' not in self: self.dot_ipa = self._join('home', '.ipa') # Set context if 'context' not in self: self.context = 'default' # Set confdir: self.env_confdir = os.environ.get('IPA_CONFDIR') if 'confdir' in self and self.env_confdir is not None: raise errors.EnvironmentError( "IPA_CONFDIR env cannot be set because explicit confdir " "is used") if 'confdir' not in self: if self.env_confdir is not None: if (not path.isabs(self.env_confdir) or not path.isdir(self.env_confdir)): raise errors.EnvironmentError( "IPA_CONFDIR env var must be an absolute path to an " "existing directory, got '{}'.".format( self.env_confdir)) self.confdir = self.env_confdir elif self.in_tree: self.confdir = self.dot_ipa else: self.confdir = path.join('/', 'etc', 'ipa') # Set conf (config file for this context): if 'conf' not in self: self.conf = self._join('confdir', '%s.conf' % self.context) # Set conf_default (default base config used in all contexts): if 'conf_default' not in self: self.conf_default = self._join('confdir', 'default.conf') if 'nss_dir' not in self: self.nss_dir = self._join('confdir', 'nssdb') if 'tls_ca_cert' not in self: self.tls_ca_cert = self._join('confdir', 'ca.crt') # having tls_ca_cert an absolute path could help us extending this # in the future for different certificate providers simply by adding # a prefix to the path if not path.isabs(self.tls_ca_cert): raise errors.EnvironmentError( "tls_ca_cert has to be an absolute path to a CA certificate, " "got '{}'".format(self.tls_ca_cert)) # Set plugins_on_demand: if 'plugins_on_demand' not in self: self.plugins_on_demand = (self.context == 'cli')