Explicitly pass down ccache names for connections

Instead of relying on side effects (setting the KRB5CCNAME env var), explicitly pass the ccache name to be used if it is not the default ccache. This fixes some tests that sometimes fail to work properly due to the wrong ccache being used. https://fedorahosted.org/freeipa/ticket/6543 Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-By: Jan Cholasta <jcholast@redhat.com>
2025-02-25 18:55:28 -06:00 · 2017-02-14 07:49:20 -05:00 · 2017-02-14 07:49:20 -05:00 · 09c92e2bc1
commit 09c92e2bc1
parent 41c1efc44a
1 changed files with 18 additions and 13 deletions
--- a/ipatests/util.py
+++ b/ipatests/util.py
@ -43,7 +43,7 @@ from ipalib.install.kinit import kinit_keytab, kinit_password
 from ipalib.plugable import Plugin
 from ipalib.request import context
 from ipapython.dn import DN
-from ipapython.ipautil import private_ccache, run
+from ipapython.ipautil import run
 from ipaplatform.paths import paths

 if six.PY3:
@ -761,20 +761,25 @@ def change_principal(principal, password=None, client=None, path=None,
    client.Backend.rpcclient.disconnect()

    try:
-        with private_ccache(ccache_name):
-            if keytab:
-                kinit_keytab(principal, keytab, ccache_name)
-            else:
-                kinit_password(principal, password, ccache_name,
-                               canonicalize=canonicalize,
-                               enterprise=enterprise)
-            client.Backend.rpcclient.connect()
+        if keytab:
+            kinit_keytab(principal, keytab, ccache_name)
+        else:
+            kinit_password(principal, password, ccache_name,
+                           canonicalize=canonicalize,
+                           enterprise=enterprise)
+        client.Backend.rpcclient.connect(ccache=ccache_name)

-            try:
-                yield
-            finally:
-                client.Backend.rpcclient.disconnect()
+        try:
+            yield
+        finally:
+            client.Backend.rpcclient.disconnect()
    finally:
+        # If we generated a ccache name, try to remove it, but don't fail
+        if not path:
+            try:
+                os.remove(ccache_name)
+            except OSError:
+                pass
        client.Backend.rpcclient.connect()