Remove some additional instances of krbV from ipa-client

Make two krbV imports conditional. These aren't used during a client install so should cause no problems. Also fix the client installer to use the new env option in ipautil.run. We weren't getting the krb5 configuration set in the environment because we were overriding the environment to set the PATH. ticket 136
2025-01-11 00:31:56 -06:00 · 2010-09-10 15:57:40 -04:00 · 2010-09-10 15:57:40 -04:00 · 67a4549519
commit 67a4549519
parent a091be064d
3 changed files with 16 additions and 9 deletions
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@ -490,6 +490,7 @@ def main():
    options = parse_options()
    logging_setup(options)
    dnsok = True
+    env={"PATH":"/bin:/sbin:/usr/kerberos/bin:/usr/kerberos/sbin:/usr/bin:/usr/sbin"}

    global fstore
    fstore = sysrestore.FileStore('/var/lib/ipa-client/sysrestore')
@ -605,7 +606,7 @@ def main():
            if configure_krb5_conf(fstore, cli_basedn, cli_realm, cli_domain, cli_server, dnsok, options, krb_name):
                print "Test kerberos configuration failed"
                return 1
-            os.environ['KRB5_CONFIG'] = krb_name
+            env['KRB5_CONFIG'] = krb_name
            join_args = ["/usr/sbin/ipa-join", "-s", cli_server]
            if options.debug:
                join_args.append("-d")
@ -627,7 +628,7 @@ def main():
                        else:
                            stdin = sys.stdin.readline()

-                (stderr, stdout, returncode) = run(["/usr/kerberos/bin/kinit", principal], raiseonerr=False, stdin=stdin)
+                (stderr, stdout, returncode) = run(["kinit", principal], raiseonerr=False, stdin=stdin, env=env)
                print ""
                if returncode != 0:
                    print stdout
@ -644,7 +645,7 @@ def main():
                join_args.append(password)

            # Now join the domain
-            (stdout, stderr, returncode) = run(join_args, raiseonerr=False)
+            (stdout, stderr, returncode) = run(join_args, raiseonerr=False, env=env)

            if returncode != 0:
                print "Joining realm failed: %s" % stderr,
@ -660,8 +661,7 @@ def main():

        finally:
            if options.principal is not None:
-                (stderr, stdout, returncode) = run(["/usr/kerberos/bin/kdestroy"], raiseonerr=False)
-            del os.environ['KRB5_CONFIG']
+                (stderr, stdout, returncode) = run(["kdestroy"], raiseonerr=False, env=env)
            os.remove(krb_name)
            os.remove(krb_name + ".ipabkp")

--- a/ipalib/util.py
+++ b/ipalib/util.py
@ -25,7 +25,6 @@ import os
 import imp
 import logging
 import time
-import krbV
 import socket
 from types import NoneType

@ -49,7 +48,11 @@ def json_serialize(obj):

 def get_current_principal():
    try:
+        # krbV isn't necessarily available on client machines, fail gracefully
+        import krbV
        return unicode(krbV.default_context().default_ccache().principal().name)
+    except ImportError:
+        raise RuntimeError('python-krbV is not available.')
    except krbV.Krb5Error:
        #TODO: do a kinit?
        raise errors.CCacheError()
--- a/ipapython/config.py
+++ b/ipapython/config.py
@ -20,7 +20,6 @@
 import ConfigParser
 from optparse import OptionParser, IndentedHelpFormatter

-import krbV
 import socket
 import ipapython.dnsclient
 import re
@ -113,8 +112,13 @@ def __discover_config(discover_server = True):
    rl = 0
    try:
        if not config.default_realm:
-            krbctx = krbV.default_context()
-            config.default_realm = krbctx.default_realm
+            try:
+                # only import krbV when we need it
+                import krbV
+                krbctx = krbV.default_context()
+                config.default_realm = krbctx.default_realm
+            except ImportError:
+                pass
            if not config.default_realm:
                return False