Move freeipa certmonger helpers to libexecdir.

The scripts in this directory are simple python scripts, nothing arch-specific
in them. Having them under libexec would simplify the code a bit too, since
there would be no need to worry about lib vs lib64 (which also cause trouble
on Debian).

https://fedorahosted.org/freeipa/ticket/5586

Reviewed-By: David Kupka <dkupka@redhat.com>
This commit is contained in:
Timo Aaltonen 2016-02-23 12:10:34 +01:00 committed by Jan Cholasta
parent 4337c4f9c4
commit 872d5903d0
6 changed files with 9 additions and 26 deletions

View File

@ -1019,8 +1019,8 @@ fi
%attr(0755,root,root) %{_libexecdir}/ipa/oddjob/org.freeipa.server.conncheck
%config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.freeipa.server.conf
%config(noreplace) %{_sysconfdir}/oddjobd.conf.d/ipa-server.conf
%dir %{_libdir}/ipa/certmonger
%attr(755,root,root) %{_libdir}/ipa/certmonger/*
%dir %{_libexecdir}/ipa/certmonger
%attr(755,root,root) %{_libexecdir}/ipa/certmonger/*
# NOTE: systemd specific section
%attr(644,root,root) %{_unitdir}/ipa.service
%attr(644,root,root) %{_unitdir}/ipa-otpd.socket

View File

@ -1,6 +1,6 @@
NULL =
appdir = $(libdir)/ipa/certmonger
appdir = $(libexecdir)/ipa/certmonger
app_DATA = \
restart_dirsrv \
restart_httpd \

View File

@ -149,7 +149,7 @@ class BasePathNamespace(object):
TMP_CA_P12 = "/tmp/ca.p12"
TMP_KRB5CC = "/tmp/krb5cc_%d"
USR_DIR = "/usr"
CERTMONGER_COMMAND_TEMPLATE = "/usr/%s/ipa/certmonger/%s"
CERTMONGER_COMMAND_TEMPLATE = "/usr/libexec/ipa/certmonger/%s"
PKCS12EXPORT = "/usr/bin/PKCS12Export"
CERTUTIL = "/usr/bin/certutil"
CHROMIUM_BROWSER = "/usr/bin/chromium-browser"

View File

@ -25,7 +25,6 @@
from __future__ import print_function
import os
import sys
import time
import dbus
import shlex
@ -497,19 +496,11 @@ def dogtag_start_tracking(ca, nickname, pin, pinfile, secdir, pre_command,
params['KEY_PIN_FILE'] = os.path.abspath(pinfile)
if pre_command:
if not os.path.isabs(pre_command):
if sys.maxsize > 2**32:
libpath = 'lib64'
else:
libpath = 'lib'
pre_command = certmonger_cmd_template % (libpath, pre_command)
pre_command = certmonger_cmd_template % (pre_command)
params['cert-presave-command'] = pre_command
if post_command:
if not os.path.isabs(post_command):
if sys.maxsize > 2**32:
libpath = 'lib64'
else:
libpath = 'lib'
post_command = certmonger_cmd_template % (libpath, post_command)
post_command = certmonger_cmd_template % (post_command)
params['cert-postsave-command'] = post_command
if profile:
params['ca-profile'] = profile

View File

@ -296,11 +296,7 @@ class CertDB(object):
/usr/lib[64]/ipa/certmonger.
"""
if command is not None and not os.path.isabs(command):
if sys.maxsize > 2**32:
libpath = 'lib64'
else:
libpath = 'lib'
command = paths.CERTMONGER_COMMAND_TEMPLATE % (libpath, command)
command = paths.CERTMONGER_COMMAND_TEMPLATE % (command)
try:
request_id = certmonger.start_tracking(nickname, self.secdir, password_file, command)
except RuntimeError as e:

View File

@ -797,16 +797,12 @@ def certificate_renewal_update(ca, ds, http):
Update certmonger certificate renewal configuration.
"""
if sys.maxsize > 2**32:
libpath = 'lib64'
else:
libpath = 'lib'
template = paths.CERTMONGER_COMMAND_TEMPLATE % (libpath, '%s')
template = paths.CERTMONGER_COMMAND_TEMPLATE
serverid = installutils.realm_to_serverid(api.env.realm)
dirsrv_dir = dsinstance.config_dirname(serverid)
# bump version when requests is changed
version = 4
version = 5
requests = (
(
paths.PKI_TOMCAT_ALIAS_DIR,