From 3edc1bedca49c4ac865b0250add66a512279a536 Mon Sep 17 00:00:00 2001
From: Thomas Woerner <twoerner@redhat.com>
Date: Sun, 28 Jan 2018 11:46:31 +0100
Subject: [PATCH] Make ipaserver role working with ipa 4.5(.4)

---
 module_utils/ansible_ipa_server.py              | 10 +++++++---
 roles/ipaserver/library/ipaserver_enable_ipa.py |  4 ++++
 roles/ipaserver/library/ipaserver_setup_ds.py   |  4 ++++
 3 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/module_utils/ansible_ipa_server.py b/module_utils/ansible_ipa_server.py
index 0dafd754..14e075ae 100644
--- a/module_utils/ansible_ipa_server.py
+++ b/module_utils/ansible_ipa_server.py
@@ -39,8 +39,8 @@ else:
     IPA_PYTHON_VERSION = NUM_VERSION
 
 
-if NUM_VERSION >= 40600:
-    # IPA version >= 4.6
+if NUM_VERSION >= 40500:
+    # IPA version >= 4.5
 
     import errno
     import pickle
@@ -53,6 +53,8 @@ if NUM_VERSION >= 40600:
 
     from ipalib.install import certmonger, sysrestore
     from ipapython import ipautil
+    if NUM_VERSION < 40600:
+        from ipapython.ipa_log_manager import root_logger
     from ipapython.ipautil import (
         format_netloc, ipa_generate_password, run, user_input)
     from ipapython.admintool import ScriptError
@@ -61,6 +63,8 @@ if NUM_VERSION >= 40600:
     from ipaplatform.tasks import tasks
     from ipalib import api, errors, x509
     from ipalib.constants import DOMAIN_LEVEL_0, MIN_DOMAIN_LEVEL, MAX_DOMAIN_LEVEL
+    if NUM_VERSION < 40600:
+        from ipalib.constants import IPAAPI_USER
     from ipalib.util import (
         validate_domain_name,
         no_matching_interface_for_ip_address_warning,
@@ -102,7 +106,7 @@ if NUM_VERSION >= 40600:
         _server_trust_ad_installed = False
 
 else:
-    # IPA version < 4.6
+    # IPA version < 4.5
 
     raise Exception("freeipa version '%s' is too old" % VERSION)
 
diff --git a/roles/ipaserver/library/ipaserver_enable_ipa.py b/roles/ipaserver/library/ipaserver_enable_ipa.py
index d964ce9c..eea1b577 100644
--- a/roles/ipaserver/library/ipaserver_enable_ipa.py
+++ b/roles/ipaserver/library/ipaserver_enable_ipa.py
@@ -87,6 +87,10 @@ def main():
     fstore = sysrestore.FileStore(paths.SYSRESTORE)
     sstore = sysrestore.StateFile(paths.SYSRESTORE)
 
+    if NUM_VERSION < 40600:
+        # Make sure the files we crated in /var/run are recreated at startup
+        tasks.configure_tmpfiles()
+
     with redirect_stdout(ansible_log):
         services.knownservices.ipa.enable()
 
diff --git a/roles/ipaserver/library/ipaserver_setup_ds.py b/roles/ipaserver/library/ipaserver_setup_ds.py
index 60ec2c28..211ac360 100644
--- a/roles/ipaserver/library/ipaserver_setup_ds.py
+++ b/roles/ipaserver/library/ipaserver_setup_ds.py
@@ -124,6 +124,10 @@ def main():
 
     # setup DS ##############################################################
 
+    if NUM_VERSION < 40600:
+        # Make sure tmpfiles dir exist before installing components
+        tasks.create_tmpfiles_dirs(IPAAPI_USER)
+
     # Create a directory server instance
     if not options.external_cert_files:
         ds = dsinstance.DsInstance(fstore=fstore,
-- 
GitLab