Generate tmpfiles config at install time

We do not want to generate runtime directories just because the packages are installed, but only if the server is actually setup and run. Also this will be needed later because we will create a user at install time and some tmpfiles will need to be owned by this user. As we are changing this code also rationalize the directory structure and move it from the http rundir to the ipa specific rundir. https://fedorahosted.org/freeipa/ticket/5959 Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-By: Jan Cholasta <jcholast@redhat.com>
2025-02-25 18:55:28 -06:00 · 2016-12-01 11:37:20 -05:00
parent c894ebefc5
commit 38c66896de
17 changed files with 78 additions and 67 deletions
--- a/ipaserver/dcerpc.py
+++ b/ipaserver/dcerpc.py
@@ -51,7 +51,6 @@ from cryptography.hazmat.primitives.ciphers import Cipher, algorithms
 from cryptography.hazmat.backends import default_backend
 import ldap as _ldap
 from ipapython import ipaldap
-from ipaserver.session import krbccache_dir, krbccache_prefix
 from dns import resolver, rdatatype
 from dns.exception import DNSException
 import pysss_nss_idmap
@@ -639,8 +638,8 @@ class DomainValidator(object):
        Initializes ccache with http service credentials.

        Applies session code defaults for ccache directory and naming prefix.
-        Session code uses krbccache_prefix+<pid>, we use
-        krbccache_prefix+<TD>+<domain netbios name> so there is no clash.
+        Session code uses kinit_+<pid>, we use
+        kinit_+<TD>+<domain netbios name> so there is no clash.

        Returns tuple (ccache path, principal) where (None, None) signifes an
        error on ccache initialization
@@ -648,8 +647,8 @@ class DomainValidator(object):

        domain_suffix = domain.replace('.', '-')

-        ccache_name = "%sTD%s" % (krbccache_prefix, domain_suffix)
-        ccache_path = os.path.join(krbccache_dir, ccache_name)
+        ccache_name = "kinit_TD%s" % (domain_suffix)
+        ccache_path = os.path.join(paths.IPA_CCACHES, ccache_name)

        realm = api.env.realm
        hostname = api.env.host
@@ -683,8 +682,8 @@ class DomainValidator(object):
        Initializes ccache with http service credentials.

        Applies session code defaults for ccache directory and naming prefix.
-        Session code uses krbccache_prefix+<pid>, we use
-        krbccache_prefix+<TD>+<domain netbios name> so there is no clash.
+        Session code uses kinit_+<pid>, we use
+        kinit_+<TD>+<domain netbios name> so there is no clash.

        Returns tuple (ccache path, principal) where (None, None) signifes an
        error on ccache initialization
@@ -695,8 +694,8 @@ class DomainValidator(object):

        domain_suffix = domain.replace('.', '-')

-        ccache_name = "%sTDA%s" % (krbccache_prefix, domain_suffix)
-        ccache_path = os.path.join(krbccache_dir, ccache_name)
+        ccache_name = "kinit_TDA%s" % (domain_suffix)
+        ccache_path = os.path.join(paths.IPA_CCACHES, ccache_name)

        (principal, password) = self._admin_creds.split('%', 1)