Added install check before executing ipa-* command

[Akasurde]

Fixes: https://fedorahosted.org/freeipa/ticket/6261

Signed-off-by: Abhijeet Kasurde akasurde@redhat.com

[tkrizek]

The following commands still fail with incorrect error message:

• ipa trust-find
• ipa-compat-manage
• ipa-csreplica-manage list
• ipa-join
• ipa-ldap-updater
• ipa-replica-install
• ipa-restore

Details:

[root@master vagrant]# ipa trust-find
ipa: ERROR: cannot connect to 'http://localhost:8888/ipa/json': [Errno 111] Connection refused
[root@master vagrant]# ipa-compat-manage
An IPA server to update cannot be found. Has one been configured yet?
The error was: IPA realm not found in DNS, in the config file (/etc/ipa/default.conf) or on the command line.
[root@master vagrant]# ipa-csreplica-manage list
Directory Manager password: 

unexpected error: cannot connect to 'ldap://localhost:389': 
[root@master vagrant]# ipa-join
cannot open configuration file /etc/ipa/default.conf
Unable to determine IPA server from /etc/ipa/default.conf
[root@master vagrant]# ipa-ldap-updater
To execute overall IPA upgrade please use 'ipa-server-upgrade' command
No update files or schema file were specified
The ipa-ldap-updater command failed. See /var/log/ipaupgrade.log for more information
[root@master vagrant]# ipa-replica-install 
Configuring client side components
One of password / principal / keytab is required.
Installation failed. Rolling back changes.
IPA client is not configured on this system.
Removing client side components
IPA client is not configured on this system.

Your system may be partly configured.
Run /usr/sbin/ipa-server-install --uninstall to clean up.

ipa.ipapython.install.cli.install_tool(Replica): ERROR    Configuration of client side components failed!
ipa.ipapython.install.cli.install_tool(Replica): ERROR    The ipa-replica-install command failed. See /var/log/ipareplica-install.log for more information
[root@master vagrant]# ipa-restore 
Usage: ipa-restore [options] backup

ipa-restore: error: must provide the backup to restore
The ipa-restore command failed. See /var/log/iparestore.log for more information

[HonzaCholasta]

@tomaskrizek: none of them except ipa trust-find fail with "cannot connect to 'http://localhost:8888/ipa/json'", so I would say only ipa trust-find needs to be fixed.

[pspacek]

All this is consequence of nonsensical defaults in ipalib.constants module. I would say that this needs to be fixed in a systematic way and not by scattering ifs around.

IMHO we need to drop nonsensical defaults form ipalib.constants module and handle missing values in API initialization. We should throw out exception if API cannot be initialized because of missing values (and/or failing auto-detection, depending on parameters in constructor) instead of scattering ifs around.

For example:
Right now the only way to trigger server auto-selection using DNS SRV record is to delete server= definition from default.conf. Of course, it is broken and it tries localhost first and fallbacks to auto-detected server after that, but it works somehow. If we scatter ifs around it will break in some other interesting way.

I'm still waiting for branching ipa-4-4. After that I can send my patch which removes some of crazy defaults from ipalib.constants.

[Akasurde]

@pspacek Should I close this PR then?

[pspacek]

Let's wait for #113 . We will see if it improves things or not.