mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-24 08:00:02 -06:00
Explicitly pass keytab to ipa-join
ipa-join defaults to /etc/krb5.keytab. Use ``-k paths.KRB5_KEYTAB`` to write the keytab to /data share in containers. Signed-off-by: Christian Heimes <cheimes@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com> Reviewed-By: Francois Cami <fcami@redhat.com>
This commit is contained in:
parent
64b20aad28
commit
664007e031
@ -2648,10 +2648,13 @@ def _install(options):
|
||||
force=options.force)
|
||||
env['KRB5_CONFIG'] = krb_name
|
||||
ccache_name = os.path.join(ccache_dir, 'ccache')
|
||||
join_args = [paths.SBIN_IPA_JOIN,
|
||||
"-s", cli_server[0],
|
||||
"-b", str(realm_to_suffix(cli_realm)),
|
||||
"-h", hostname]
|
||||
join_args = [
|
||||
paths.SBIN_IPA_JOIN,
|
||||
"-s", cli_server[0],
|
||||
"-b", str(realm_to_suffix(cli_realm)),
|
||||
"-h", hostname,
|
||||
"-k", paths.KRB5_KEYTAB
|
||||
]
|
||||
if options.debug:
|
||||
join_args.append("-d")
|
||||
env['XMLRPC_TRACE_CURL'] = 'yes'
|
||||
@ -3304,7 +3307,12 @@ def uninstall(options):
|
||||
|
||||
if not options.on_master and os.path.exists(paths.IPA_DEFAULT_CONF):
|
||||
logger.info("Unenrolling client from IPA server")
|
||||
join_args = [paths.SBIN_IPA_JOIN, "--unenroll", "-h", hostname]
|
||||
join_args = [
|
||||
paths.SBIN_IPA_JOIN,
|
||||
"--unenroll",
|
||||
"-h", hostname,
|
||||
"-k", paths.KRB5_KEYTAB
|
||||
]
|
||||
if options.debug:
|
||||
join_args.append("-d")
|
||||
env['XMLRPC_TRACE_CURL'] = 'yes'
|
||||
|
Loading…
Reference in New Issue
Block a user