IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Remove code to install Dogtag 9

Browse Source 
Since we depend on Dogtag 10 now, there is no need to keep code
that installs a Dogtag 9 CA.

Support for upgraded Dogtag-9-style instances is left in.

https://fedorahosted.org/freeipa/ticket/3529
This commit is contained in:
Petr Viktorin
2012-11-15 09:38:24 -05:00
parent b21abc76ca
commit 34ba1b7060
8 changed files with 22 additions and 218 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
install/tools/ipa-ca-install
View File

@@ -178,19 +178,15 @@ def main():
cainstance.replica_ca_install_check(config, dogtag_master_ds_port)
# Configure the CA if necessary
(CA, cs) = cainstance.install_replica_ca(
CA = cainstance.install_replica_ca(
config, dogtag_master_ds_port, postinstall=True)
# We need to ldap_enable the CA now that DS is up and running
CA.ldap_enable('CA', config.host_name, config.dirman_password,
ipautil.realm_to_suffix(config.realm_name))
if not dogtag.install_constants.SHARED_DB:
cs.add_simple_service('dogtagldap/%s@%s' %
(config.host_name, config.realm_name))
cs.add_cert_to_service()
else:
CA.enable_client_auth_to_db()
CA.restart()
CA.enable_client_auth_to_db()
CA.restart()
# Install CA DNS records
install_dns_records(config, options)

11
install/tools/ipa-replica-install
View File

@@ -653,7 +653,7 @@ def main():
ds = install_replica_ds(config)
# Configure the CA if necessary
(CA, cs) = cainstance.install_replica_ca(config, dogtag_master_ds_port)
CA = cainstance.install_replica_ca(config, dogtag_master_ds_port)
# Always try to install DNS records
install_dns_records(config, options)
@@ -662,13 +662,8 @@ def main():
if CA and config.setup_ca:
CA.ldap_enable('CA', config.host_name, config.dirman_password,
ipautil.realm_to_suffix(config.realm_name))
if not dogtag.install_constants.SHARED_DB:
cs.add_simple_service('dogtagldap/%s@%s' %
(config.host_name, config.realm_name))
cs.add_cert_to_service()
else:
CA.enable_client_auth_to_db()
CA.restart()
CA.enable_client_auth_to_db()
CA.restart()
krb = install_krb(config, setup_pkinit=options.setup_pkinit)
http = install_http(config, auto_redirect=options.ui_redirect)

20
install/tools/ipa-server-install
View File

@@ -1009,13 +1009,6 @@ def main():
if setup_ca:
if not dogtag.install_constants.SHARED_DB:
cs = cainstance.CADSInstance(
host_name, realm_name, domain_name, dm_password)
if not cs.is_configured():
cs.create_instance(realm_name, host_name, domain_name,
dm_password, subject_base=options.subject)
ca = cainstance.CAInstance(realm_name, certs.NSS_DIR,
dogtag_constants=dogtag.install_constants)
if external == 0:
@@ -1055,17 +1048,8 @@ def main():
# We need to ldap_enable the CA now that DS is up and running
ca.ldap_enable('CA', host_name, dm_password,
ipautil.realm_to_suffix(realm_name))
if not dogtag.install_constants.SHARED_DB:
# Turn on SSL in the dogtag LDAP instance. This will get restarted
# later, we don't need SSL now.
cs.create_certdb()
cs.enable_ssl()
# Add the IPA service for storing the PKI-IPA server certificate.
cs.add_simple_service(cs.principal)
cs.add_cert_to_service()
else:
ca.enable_client_auth_to_db()
ca.restart()
ca.enable_client_auth_to_db()
ca.restart()
# Upload the CA cert to the directory
ds.upload_ca_cert()

6
install/tools/ipactl
View File

@@ -45,16 +45,14 @@ def check_IPA_configuration():
def is_dirsrv_debugging_enabled():
"""
Check the IPA and PKI-CA 389-ds instances to see if debugging is
enabled. If so we suppress that in our output.
Check the 389-ds instance to see if debugging is enabled.
If so we suppress that in our output.
returns True or False
"""
debugging = False
serverid = realm_to_serverid(api.env.realm)
dselist = [config_dirname(serverid)]
if not dogtag.install_constants.SHARED_DB:
dselist.append('/etc/dirsrv/slapd-PKI-IPA/')
for dse in dselist:
try:
fd = open(dse + 'dse.ldif', 'r')