self.ptype = 'helper'
self.name = None
- def unconfigure(self, opts):
+ def unconfigure(self, opts, changes):
return
def install_args(self, group):
def validate_args(self, args):
return
- def configure_server(self, opts):
+ def configure_server(self, opts, changes):
raise NotImplementedError
pw = pwd.getpwnam(HTTPD_USER)
os.chown(opts['gssapi_httpd_keytab'], pw.pw_uid, pw.pw_gid)
- def configure_server(self, opts):
+ def configure_server(self, opts, changes):
if opts['ipa'] != 'yes' and opts['ipa'] != 'auto':
return
if opts['ipa'] != 'yes' and opts['gssapi'] == 'no':
def validate_args(self, args):
return
- def unconfigure(self, opts):
+ def unconfigure(self, opts, changes):
return
- def configure(self, opts):
+ def configure(self, opts, changes):
raise NotImplementedError
group.add_argument('--info-ldap-base-dn', action='store',
help='LDAP Base DN')
- def configure(self, opts):
+ def configure(self, opts, changes):
if opts['info_ldap'] != 'yes':
return
group.add_argument('--info-nss', choices=['yes', 'no'], default='no',
help='Use passwd data to populate user attrs')
- def configure(self, opts):
+ def configure(self, opts, changes):
if opts['info_nss'] != 'yes':
return
help='SSSD domain to enable mod_lookup_identity'
' for')
- def configure(self, opts):
+ def configure(self, opts, changes):
if opts['info_sssd'] != 'yes':
return
import ConfigParser
import argparse
import cherrypy
+import json
import logging
import os
import pwd
# components
cherrypy.config.update(ipsilon_conf)
+ # Prepare to allow plugins to save things changed during install
+ changes = {'env_helper': {},
+ 'login_manager': {},
+ 'info_provider': {},
+ 'auth_provider': {}}
+
# Move pre-existing admin db away
admin_db = cherrypy.config['admin.config.db']
if os.path.exists(admin_db):
logger.info('Configuring environment helpers')
for plugin_name in plugins['Environment Helpers']:
plugin = plugins['Environment Helpers'][plugin_name]
- if plugin.configure_server(args) == False:
+ plugin_changes = {}
+ if plugin.configure_server(args, plugin_changes) == False:
logger.info('Configuration of environment helper %s failed' % plugin_name)
+ changes['env_helper'][plugin_name] = plugin_changes
logger.info('Configuring login managers')
for plugin_name in args['lm_order']:
plugin = plugins['Login Managers'][plugin_name]
except KeyError:
sys.exit('Login provider %s not installed' % plugin_name)
- if plugin.configure(args) == False:
+ plugin_changes = {}
+ if plugin.configure(args, plugin_changes) == False:
logger.info('Configuration of login manager %s failed' % plugin_name)
+ changes['login_manager'][plugin_name] = plugin_changes
logger.info('Configuring Info provider')
for plugin_name in plugins['Info Provider']:
plugin = plugins['Info Provider'][plugin_name]
- if plugin.configure(args) == False:
+ plugin_changes = {}
+ if plugin.configure(args, plugin_changes) == False:
logger.info('Configuration of info provider %s failed' % plugin_name)
+ changes['info_provider'][plugin_name] = plugin_changes
logger.info('Configuring Authentication Providers')
for plugin_name in plugins['Auth Providers']:
plugin = plugins['Auth Providers'][plugin_name]
- if plugin.configure(args) == False:
+ plugin_changes = {}
+ if plugin.configure(args, plugin_changes) == False:
logger.info('Configuration of auth provider %s failed' % plugin_name)
+ changes['auth_provider'][plugin_name] = plugin_changes
+
+ # Save any changes that were made
+ install_changes = os.path.join(instance_conf, 'install_changes')
+ changes = json.dumps(changes)
+ with open(install_changes, 'w+') as f:
+ f.write(changes)
# Fixup permissions so only the ipsilon user can read these files
files.fix_user_dirs(instance_conf, opts['system_user'])
if sure != 'yes':
raise Exception('Aborting')
+ # Get the details of what we changed during installation
+ install_changes = os.path.join(instance_conf, 'install_changes')
+ with open(install_changes, 'r') as f:
+ changes = json.loads(f.read())
+
logger.info('Removing environment helpers')
for plugin_name in plugins['Environment Helpers']:
plugin = plugins['Environment Helpers'][plugin_name]
- if plugin.unconfigure(args) == False:
+ plugin_changes = changes['env_helper'][plugin_name]
+ if plugin.unconfigure(args, plugin_changes) == False:
logger.info('Removal of environment helper %s failed' % plugin_name)
logger.info('Removing login managers')
for plugin_name in plugins['Login Managers']:
plugin = plugins['Login Managers'][plugin_name]
- if plugin.unconfigure(args) == False:
+ plugin_changes = changes['login_manager'][plugin_name]
+ if plugin.unconfigure(args, plugin_changes) == False:
logger.info('Removal of login manager %s failed' % plugin_name)
logger.info('Removing Info providers')
for plugin_name in plugins['Info Provider']:
plugin = plugins['Info Provider'][plugin_name]
- if plugin.unconfigure(args) == False:
+ plugin_changes = changes['info_provider'][plugin_name]
+ if plugin.unconfigure(args, plugin_changes) == False:
logger.info('Removal of info provider %s failed' % plugin_name)
logger.info('Removing Authentication Providers')
for plugin_name in plugins['Auth Providers']:
plugin = plugins['Auth Providers'][plugin_name]
- if plugin.unconfigure(args) == False:
+ plugin_changes = changes['auth_provider'][plugin_name]
+ if plugin.unconfigure(args, plugin_changes) == False:
logger.info('Removal of auth provider %s failed' % plugin_name)
logger.info('Removing httpd configuration')
group.add_argument('--fas', choices=['yes', 'no'], default='no',
help='Configure FAS authentication')
- def configure(self, opts):
+ def configure(self, opts, changes):
if opts['fas'] != 'yes':
return
group.add_argument('--form-service', action='store', default='remote',
help='PAM service name to use for authentication')
- def configure(self, opts):
+ def configure(self, opts, changes):
if opts['form'] != 'yes':
return
default='/etc/httpd/conf/http.keytab',
help='Kerberos keytab location for HTTPD')
- def configure(self, opts):
+ def configure(self, opts, changes):
if opts['gssapi'] != 'yes':
return
group.add_argument('--ldap-base-dn', action='store',
help='LDAP Base DN')
- def configure(self, opts):
+ def configure(self, opts, changes):
if opts['ldap'] != 'yes':
return
group.add_argument('--pam-service', action='store', default='remote',
help='PAM service name to use for authentication')
- def configure(self, opts):
+ def configure(self, opts, changes):
if opts['pam'] != 'yes':
return
group.add_argument('--testauth', choices=['yes', 'no'], default='no',
help='Configure PAM authentication')
- def configure(self, opts):
+ def configure(self, opts, changes):
if opts['testauth'] != 'yes':
return
self.ptype = 'login'
self.name = None
- def unconfigure(self, opts):
+ def unconfigure(self, opts, changes):
return
def install_args(self, group):
def validate_args(self, args):
return
- def configure(self, opts):
+ def configure(self, opts, changes):
raise NotImplementedError
self.ptype = 'provider'
self.name = None
- def unconfigure(self, opts):
+ def unconfigure(self, opts, changes):
return
def install_args(self, group):
def validate_args(self, args):
return
- def configure(self, opts):
+ def configure(self, opts, changes):
raise NotImplementedError
group.add_argument('--openid-extensions', default='',
help='List of OpenID Extensions to enable')
- def configure(self, opts):
+ def configure(self, opts, changes):
if opts['openid'] != 'yes':
return
group.add_argument('--persona', choices=['yes', 'no'], default='yes',
help='Configure Persona Provider')
- def configure(self, opts):
+ def configure(self, opts, changes):
if opts['persona'] != 'yes':
return
'(default - %d)' %
METADATA_DEFAULT_VALIDITY_PERIOD))
- def configure(self, opts):
+ def configure(self, opts, changes):
if opts['saml2'] != 'yes':
return