from ipsilon.providers.common import ProvidersInstall
from ipsilon.helpers.common import EnvHelpersInstall
from ipsilon.util.data import UserStore
-from ipsilon.tools import files
+from ipsilon.tools import files, dbupgrade
import ConfigParser
import argparse
import cherrypy
+import json
import logging
import os
import pwd
HTTPDCONFD = '/etc/httpd/conf.d'
BINDIR = '/usr/libexec'
STATICDIR = '/usr/share/ipsilon'
+CACHEDIR = '/var/cache/ipsilon'
WSGI_SOCKET_PREFIX = None
-class ConfigurationError(Exception):
+class ConfigurationError(StandardError):
def __init__(self, message):
- super(ConfigurationError, self).__init__(message)
- self.message = message
-
- def __str__(self):
- return repr(self.message)
+ StandardError.__init__(self, message)
#Silence cherrypy logging to screen
'publicdatadir': args['public_data_dir'],
'wellknowndir': args['wellknown_dir'],
'sysuser': args['system_user'],
+ 'cleanup_interval': args['cleanup_interval'],
'ipsilondir': BINDIR,
'staticdir': STATICDIR,
+ 'cachedir': CACHEDIR,
'admindb': args['admin_dburi'] or args['database_url'] % {
'datadir': args['data_dir'], 'dbname': 'adminconfig'},
'usersdb': args['users_dburi'] or args['database_url'] % {
'datadir': args['data_dir'], 'dbname': 'userprefs'},
'transdb': args['transaction_dburi'] or args['database_url'] %
{'datadir': args['data_dir'], 'dbname': 'transactions'},
+ 'samlsessionsdb': args['samlsessions_dburi'] or args[
+ 'database_url'] % {'datadir': args['data_dir'],
+ 'dbname': 'saml2sessions'},
'secure': "False" if args['secure'] == "no" else "True",
'debugging': "True" if args['server_debugging'] else "False"}
# Testing database sessions
# components
cherrypy.config.update(ipsilon_conf)
- # Move pre-existing admin db away
+ # Prepare to allow plugins to save things changed during install
+ changes = {'env_helper': {},
+ 'login_manager': {},
+ 'info_provider': {},
+ 'auth_provider': {}}
+
+ # Move pre-existing dbs away
admin_db = cherrypy.config['admin.config.db']
if os.path.exists(admin_db):
shutil.move(admin_db, '%s.backup.%s' % (admin_db, now))
-
- # Rebuild user db
users_db = cherrypy.config['user.prefs.db']
if os.path.exists(users_db):
shutil.move(users_db, '%s.backup.%s' % (users_db, now))
+
+ # Initialize initial database schemas
+ dbupgrade.execute_upgrade(ipsilon_conf)
+
+ # Store primary admin
db = UserStore()
db.save_user_preferences(args['admin_user'], {'is_admin': 1})
logger.info('Configuring environment helpers')
for plugin_name in plugins['Environment Helpers']:
plugin = plugins['Environment Helpers'][plugin_name]
- if plugin.configure_server(args) == False:
- logger.info('Configuration of environment helper %s failed' % plugin_name)
+ plugin_changes = {}
+ if plugin.configure_server(args, plugin_changes) == False:
+ msg = 'Configuration of environment helper %s failed' % plugin_name
+ raise ConfigurationError(msg)
+ changes['env_helper'][plugin_name] = plugin_changes
logger.info('Configuring login managers')
for plugin_name in args['lm_order']:
plugin = plugins['Login Managers'][plugin_name]
except KeyError:
sys.exit('Login provider %s not installed' % plugin_name)
- if plugin.configure(args) == False:
- logger.info('Configuration of login manager %s failed' % plugin_name)
+ plugin_changes = {}
+ if plugin.configure(args, plugin_changes) == False:
+ msg = 'Configuration of login manager %s failed' % plugin_name
+ raise ConfigurationError(msg)
+ changes['login_manager'][plugin_name] = plugin_changes
logger.info('Configuring Info provider')
for plugin_name in plugins['Info Provider']:
plugin = plugins['Info Provider'][plugin_name]
- if plugin.configure(args) == False:
- logger.info('Configuration of info provider %s failed' % plugin_name)
+ plugin_changes = {}
+ if plugin.configure(args, plugin_changes) == False:
+ msg = 'Configuration of info provider %s failed' % plugin_name
+ raise ConfigurationError(msg)
+ changes['info_provider'][plugin_name] = plugin_changes
logger.info('Configuring Authentication Providers')
for plugin_name in plugins['Auth Providers']:
plugin = plugins['Auth Providers'][plugin_name]
- if plugin.configure(args) == False:
- logger.info('Configuration of auth provider %s failed' % plugin_name)
+ plugin_changes = {}
+ if plugin.configure(args, plugin_changes) == False:
+ msg = 'Configuration of auth provider %s failed' % plugin_name
+ raise ConfigurationError(msg)
+ changes['auth_provider'][plugin_name] = plugin_changes
+
+ # Save any changes that were made
+ install_changes = os.path.join(instance_conf, 'install_changes')
+ changes = json.dumps(changes)
+ with open(install_changes, 'w+') as f:
+ f.write(changes)
+
+ # Initialize extra database schemas
+ dbupgrade.execute_upgrade(ipsilon_conf)
# Fixup permissions so only the ipsilon user can read these files
files.fix_user_dirs(instance_conf, opts['system_user'])
'ipsilon-%s.conf' % args['instance'])
data_dir = os.path.join(DATADIR, args['instance'])
+ try:
+ tconf = ConfigParser.SafeConfigParser()
+ tconf.read(os.path.join(instance_conf, 'ipsilon.conf'))
+ cache_dir = tconf.get('global', 'cache_dir')
+ except (ConfigParser.NoOptionError, ConfigParser.NoSectionError):
+ cache_dir = None
+ else:
+ cache_dir = cache_dir.replace('"', '')
+
if not os.path.exists(instance_conf):
raise Exception('Could not find instance %s configuration'
% args['instance'])
if sure != 'yes':
raise Exception('Aborting')
+ # Get the details of what we changed during installation
+ install_changes = os.path.join(instance_conf, 'install_changes')
+ with open(install_changes, 'r') as f:
+ changes = json.loads(f.read())
+
logger.info('Removing environment helpers')
for plugin_name in plugins['Environment Helpers']:
plugin = plugins['Environment Helpers'][plugin_name]
- if plugin.unconfigure(args) == False:
+ plugin_changes = changes['env_helper'].get(plugin_name, {})
+ if plugin.unconfigure(args, plugin_changes) == False:
logger.info('Removal of environment helper %s failed' % plugin_name)
logger.info('Removing login managers')
for plugin_name in plugins['Login Managers']:
plugin = plugins['Login Managers'][plugin_name]
- if plugin.unconfigure(args) == False:
+ plugin_changes = changes['login_manager'].get(plugin_name, {})
+ if plugin.unconfigure(args, plugin_changes) == False:
logger.info('Removal of login manager %s failed' % plugin_name)
logger.info('Removing Info providers')
for plugin_name in plugins['Info Provider']:
plugin = plugins['Info Provider'][plugin_name]
- if plugin.unconfigure(args) == False:
+ plugin_changes = changes['info_provider'].get(plugin_name, {})
+ if plugin.unconfigure(args, plugin_changes) == False:
logger.info('Removal of info provider %s failed' % plugin_name)
logger.info('Removing Authentication Providers')
for plugin_name in plugins['Auth Providers']:
plugin = plugins['Auth Providers'][plugin_name]
- if plugin.unconfigure(args) == False:
+ plugin_changes = changes['auth_provider'].get(plugin_name, {})
+ if plugin.unconfigure(args, plugin_changes) == False:
logger.info('Removal of auth provider %s failed' % plugin_name)
logger.info('Removing httpd configuration')
shutil.rmtree(instance_conf)
logger.info('Erasing instance data')
shutil.rmtree(data_dir)
+ if cache_dir and os.path.exists(cache_dir):
+ for fn in os.listdir(cache_dir):
+ os.unlink(os.path.join(cache_dir, fn))
logger.info('Uninstalled instance %s' % args['instance'])
if g in globals():
globals()[g] = val
else:
- for k in globals().keys():
+ for k in globals():
if k.lower() == g.lower():
globals()[k] = val
break
'template)')
parser.add_argument('--transaction-dburi',
help='Transaction database URI (override template)')
+ parser.add_argument('--samlsessions-dburi',
+ help='SAML 2 sessions database URI (override ' +
+ 'template)')
+ parser.add_argument('--cleanup-interval', default=30,
+ help='Interval between cleaning up stale database ' +
+ 'entries (in minutes, default: 30 minutes)')
lms = []
return args
if len(args['hostname'].split('.')) < 2:
- raise ConfigurationError('Hostname: %s is not a FQDN')
+ raise ConfigurationError('Hostname: %s is not a FQDN' %
+ args['hostname'])
for plugin_group in plugins:
for plugin_name in plugins[plugin_group]:
try:
pwd.getpwnam(args['system_user'])
except KeyError:
- raise ConfigurationError('User: %s not found on the system')
+ raise ConfigurationError('User: %s not found on the system' %
+ args['system_user'])
if args['lm_order'] is None:
args['lm_order'] = []
else:
args['lm_order'] = args['lm_order'].split(',')
- if len(args['lm_order']) == 0:
+ if len(args['lm_order']) == 0 and args['ipa'] != 'yes':
sys.exit('No login plugins are enabled.')
#FIXME: check instance is only alphanums
opts = []
out = 0
openlogs()
+ logger.setLevel(logging.DEBUG)
+
try:
fplugins = find_plugins()
opts = parse_args(fplugins)
- logger.setLevel(logging.DEBUG)
-
logger.debug('Installation arguments:')
for k in sorted(opts.iterkeys()):
logger.debug('%s: %s', k, opts[k])
else:
install(fplugins, opts)
except Exception, e: # pylint: disable=broad-except
- logger.exception(e)
+ logger.info(str(e)) # emit message to console
+ logger.debug(e, exc_info=1) # add backtrace information to logfile
+
if 'uninstall' in opts and opts['uninstall'] is True:
logger.info('Uninstallation aborted.')
else: