X-Git-Url: http://git.cascardo.eti.br/?a=blobdiff_plain;f=ipsilon%2Finstall%2Fipsilon-server-install;h=7837527b00f5991898f97f5082d1c0c5625795b9;hb=ea6d627c9851f07b3c35348175bde2a3eabb8c37;hp=eeb87ddcdcacb613e940e58c61f30a82e5f0792a;hpb=aa5dc3b417db962a075a092d0d3528010c1059f7;p=cascardo%2Fipsilon.git diff --git a/ipsilon/install/ipsilon-server-install b/ipsilon/install/ipsilon-server-install index eeb87dd..7837527 100755 --- a/ipsilon/install/ipsilon-server-install +++ b/ipsilon/install/ipsilon-server-install @@ -1,31 +1,16 @@ #!/usr/bin/python -# -# Copyright (C) 2014 Simo Sorce -# -# see file 'COPYING' for use and warranty information -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see . +# Copyright (C) 2014 Ipsilon project Contributors, for license see COPYING from ipsilon.login.common import LoginMgrsInstall from ipsilon.info.common import InfoProviderInstall from ipsilon.providers.common import ProvidersInstall from ipsilon.helpers.common import EnvHelpersInstall from ipsilon.util.data import UserStore -from ipsilon.tools import files +from ipsilon.tools import files, dbupgrade import ConfigParser import argparse import cherrypy +import json import logging import os import pwd @@ -42,17 +27,14 @@ DATADIR = '/var/lib/ipsilon' HTTPDCONFD = '/etc/httpd/conf.d' BINDIR = '/usr/libexec' STATICDIR = '/usr/share/ipsilon' +CACHEDIR = '/var/cache/ipsilon' WSGI_SOCKET_PREFIX = None -class ConfigurationError(Exception): +class ConfigurationError(StandardError): def __init__(self, message): - super(ConfigurationError, self).__init__(message) - self.message = message - - def __str__(self): - return repr(self.message) + StandardError.__init__(self, message) #Silence cherrypy logging to screen @@ -115,14 +97,19 @@ def install(plugins, args): 'publicdatadir': args['public_data_dir'], 'wellknowndir': args['wellknown_dir'], 'sysuser': args['system_user'], + 'cleanup_interval': args['cleanup_interval'], 'ipsilondir': BINDIR, 'staticdir': STATICDIR, + 'cachedir': CACHEDIR, 'admindb': args['admin_dburi'] or args['database_url'] % { 'datadir': args['data_dir'], 'dbname': 'adminconfig'}, 'usersdb': args['users_dburi'] or args['database_url'] % { 'datadir': args['data_dir'], 'dbname': 'userprefs'}, 'transdb': args['transaction_dburi'] or args['database_url'] % {'datadir': args['data_dir'], 'dbname': 'transactions'}, + 'samlsessionsdb': args['samlsessions_dburi'] or args[ + 'database_url'] % {'datadir': args['data_dir'], + 'dbname': 'saml2sessions'}, 'secure': "False" if args['secure'] == "no" else "True", 'debugging': "True" if args['server_debugging'] else "False"} # Testing database sessions @@ -170,23 +157,35 @@ def install(plugins, args): # components cherrypy.config.update(ipsilon_conf) - # Move pre-existing admin db away + # Prepare to allow plugins to save things changed during install + changes = {'env_helper': {}, + 'login_manager': {}, + 'info_provider': {}, + 'auth_provider': {}} + + # Move pre-existing dbs away admin_db = cherrypy.config['admin.config.db'] if os.path.exists(admin_db): shutil.move(admin_db, '%s.backup.%s' % (admin_db, now)) - - # Rebuild user db users_db = cherrypy.config['user.prefs.db'] if os.path.exists(users_db): shutil.move(users_db, '%s.backup.%s' % (users_db, now)) + + # Initialize initial database schemas + dbupgrade.execute_upgrade(ipsilon_conf) + + # Store primary admin db = UserStore() db.save_user_preferences(args['admin_user'], {'is_admin': 1}) logger.info('Configuring environment helpers') for plugin_name in plugins['Environment Helpers']: plugin = plugins['Environment Helpers'][plugin_name] - if plugin.configure_server(args) == False: - logger.info('Configuration of environment helper %s failed' % plugin_name) + plugin_changes = {} + if plugin.configure_server(args, plugin_changes) == False: + msg = 'Configuration of environment helper %s failed' % plugin_name + raise ConfigurationError(msg) + changes['env_helper'][plugin_name] = plugin_changes logger.info('Configuring login managers') for plugin_name in args['lm_order']: @@ -194,20 +193,38 @@ def install(plugins, args): plugin = plugins['Login Managers'][plugin_name] except KeyError: sys.exit('Login provider %s not installed' % plugin_name) - if plugin.configure(args) == False: - logger.info('Configuration of login manager %s failed' % plugin_name) + plugin_changes = {} + if plugin.configure(args, plugin_changes) == False: + msg = 'Configuration of login manager %s failed' % plugin_name + raise ConfigurationError(msg) + changes['login_manager'][plugin_name] = plugin_changes logger.info('Configuring Info provider') for plugin_name in plugins['Info Provider']: plugin = plugins['Info Provider'][plugin_name] - if plugin.configure(args) == False: - logger.info('Configuration of info provider %s failed' % plugin_name) + plugin_changes = {} + if plugin.configure(args, plugin_changes) == False: + msg = 'Configuration of info provider %s failed' % plugin_name + raise ConfigurationError(msg) + changes['info_provider'][plugin_name] = plugin_changes logger.info('Configuring Authentication Providers') for plugin_name in plugins['Auth Providers']: plugin = plugins['Auth Providers'][plugin_name] - if plugin.configure(args) == False: - logger.info('Configuration of auth provider %s failed' % plugin_name) + plugin_changes = {} + if plugin.configure(args, plugin_changes) == False: + msg = 'Configuration of auth provider %s failed' % plugin_name + raise ConfigurationError(msg) + changes['auth_provider'][plugin_name] = plugin_changes + + # Save any changes that were made + install_changes = os.path.join(instance_conf, 'install_changes') + changes = json.dumps(changes) + with open(install_changes, 'w+') as f: + f.write(changes) + + # Initialize extra database schemas + dbupgrade.execute_upgrade(ipsilon_conf) # Fixup permissions so only the ipsilon user can read these files files.fix_user_dirs(instance_conf, opts['system_user']) @@ -226,6 +243,15 @@ def uninstall(plugins, args): 'ipsilon-%s.conf' % args['instance']) data_dir = os.path.join(DATADIR, args['instance']) + try: + tconf = ConfigParser.SafeConfigParser() + tconf.read(os.path.join(instance_conf, 'ipsilon.conf')) + cache_dir = tconf.get('global', 'cache_dir') + except (ConfigParser.NoOptionError, ConfigParser.NoSectionError): + cache_dir = None + else: + cache_dir = cache_dir.replace('"', '') + if not os.path.exists(instance_conf): raise Exception('Could not find instance %s configuration' % args['instance']) @@ -239,28 +265,37 @@ def uninstall(plugins, args): if sure != 'yes': raise Exception('Aborting') + # Get the details of what we changed during installation + install_changes = os.path.join(instance_conf, 'install_changes') + with open(install_changes, 'r') as f: + changes = json.loads(f.read()) + logger.info('Removing environment helpers') for plugin_name in plugins['Environment Helpers']: plugin = plugins['Environment Helpers'][plugin_name] - if plugin.unconfigure(args) == False: + plugin_changes = changes['env_helper'].get(plugin_name, {}) + if plugin.unconfigure(args, plugin_changes) == False: logger.info('Removal of environment helper %s failed' % plugin_name) logger.info('Removing login managers') for plugin_name in plugins['Login Managers']: plugin = plugins['Login Managers'][plugin_name] - if plugin.unconfigure(args) == False: + plugin_changes = changes['login_manager'].get(plugin_name, {}) + if plugin.unconfigure(args, plugin_changes) == False: logger.info('Removal of login manager %s failed' % plugin_name) logger.info('Removing Info providers') for plugin_name in plugins['Info Provider']: plugin = plugins['Info Provider'][plugin_name] - if plugin.unconfigure(args) == False: + plugin_changes = changes['info_provider'].get(plugin_name, {}) + if plugin.unconfigure(args, plugin_changes) == False: logger.info('Removal of info provider %s failed' % plugin_name) logger.info('Removing Authentication Providers') for plugin_name in plugins['Auth Providers']: plugin = plugins['Auth Providers'][plugin_name] - if plugin.unconfigure(args) == False: + plugin_changes = changes['auth_provider'].get(plugin_name, {}) + if plugin.unconfigure(args, plugin_changes) == False: logger.info('Removal of auth provider %s failed' % plugin_name) logger.info('Removing httpd configuration') @@ -269,6 +304,9 @@ def uninstall(plugins, args): shutil.rmtree(instance_conf) logger.info('Erasing instance data') shutil.rmtree(data_dir) + if cache_dir and os.path.exists(cache_dir): + for fn in os.listdir(cache_dir): + os.unlink(os.path.join(cache_dir, fn)) logger.info('Uninstalled instance %s' % args['instance']) @@ -296,7 +334,7 @@ def parse_config_profile(args): if g in globals(): globals()[g] = val else: - for k in globals().keys(): + for k in globals(): if k.lower() == g.lower(): globals()[k] = val break @@ -343,6 +381,12 @@ def parse_args(plugins): 'template)') parser.add_argument('--transaction-dburi', help='Transaction database URI (override template)') + parser.add_argument('--samlsessions-dburi', + help='SAML 2 sessions database URI (override ' + + 'template)') + parser.add_argument('--cleanup-interval', default=30, + help='Interval between cleaning up stale database ' + + 'entries (in minutes, default: 30 minutes)') lms = [] @@ -386,7 +430,7 @@ def parse_args(plugins): else: args['lm_order'] = args['lm_order'].split(',') - if len(args['lm_order']) == 0: + if len(args['lm_order']) == 0 and args['ipa'] != 'yes': sys.exit('No login plugins are enabled.') #FIXME: check instance is only alphanums @@ -415,7 +459,8 @@ if __name__ == '__main__': else: install(fplugins, opts) except Exception, e: # pylint: disable=broad-except - logger.exception(e) + logger.debug(e, exc_info=1) + if 'uninstall' in opts and opts['uninstall'] is True: logger.info('Uninstallation aborted.') else: