Add krb5-pkinit-openssl as a Requires on ipa-server package

ticket 599
2025-02-25 18:55:28 -06:00 · 2010-12-13 14:46:09 -05:00
parent fbe72a4521
commit 8f87aa1288
4 changed files with 4 additions and 24 deletions
--- a/install/tools/ipa-replica-install
+++ b/install/tools/ipa-replica-install
@@ -278,11 +278,6 @@ def check_bind():
        print "Aborting installation"
        sys.exit(1)

-def check_pkinit():
-    if not krbinstance.check_pkinit_plugin():
-        print "Aborting installation"
-        sys.exit(1)
-
 def main():
    safe_options, options, filename = parse_options()
    installutils.standard_logging_setup("/var/log/ipareplica-install.log", options.debug)
@@ -350,10 +345,6 @@ def main():
    if not ipautil.file_exists(config.dir + "/pkinitcert.p12") and not certs.ipa_self_signed():
        options.setup_pkinit = False

-    # check the pkinit plugin is installed
-    if options.setup_pkinit:
-        check_pkinit()
-
    # Install CA cert so that we can do SSL connections with ldap
    install_ca_cert(config)

--- a/install/tools/ipa-server-install
+++ b/install/tools/ipa-server-install
@@ -548,11 +548,6 @@ def main():
        if not bindinstance.check_inst(options.unattended):
            sys.exit("Aborting installation")

-    # check the pkinit plugin is installed
-    if options.setup_pkinit:
-        if not krbinstance.check_pkinit_plugin():
-            sys.exit("Aborting installation")
-
    # check the hostname is correctly configured, it must be as the kldap
    # utilities just use the hostname as returned by gethostbyname to set
    # up some of the standard entries
--- a/ipa.spec.in
+++ b/ipa.spec.in
@@ -72,6 +72,7 @@ Requires: nss-tools
 Requires: krb5-server
 %endif
 Requires: krb5-server-ldap
+Requires: krb5-pkinit-openssl
 Requires: cyrus-sasl-gssapi
 Requires: ntp
 Requires: httpd
@@ -510,6 +511,9 @@ fi
 %endif

 %changelog
+* Mon Dec 13 2010 Rob Crittenden <rcritten@redhat.com> - 1.99-35
+- Add Requires on krb5-pkinit-openssl
+
 * Fri Dec 10 2010 Jr Aquino <jr.aquino@citrix.com> - 1.99-34
 - Add ipa-host-net-manage script

--- a/ipaserver/install/krbinstance.py
+++ b/ipaserver/install/krbinstance.py
@@ -49,16 +49,6 @@ from distutils import version

 KRBMKEY_DENY_ACI = '(targetattr = "krbMKey")(version 3.0; acl "No external access"; deny (read,write,search,compare) userdn != "ldap:///uid=kdc,cn=sysaccounts,cn=etc,$SUFFIX";)'

-def check_pkinit_plugin():
-    LIB32 = '/usr/lib/krb5/plugins/preauth/pkinit.so'
-    LIB64 = '/usr/lib64/krb5/plugins/preauth/pkinit.so'
-    if not os.path.exists(LIB32) and not os.path.exists(LIB64):
-        print "The pkinit plugin is missing"
-        print "Please install the 'krb5-pkinit-openssl' package and start the installation again"
-        return False
-
-    return True
-
 def update_key_val_in_file(filename, key, val):
    if os.path.exists(filename):
        pattern = "^[\s#]*%s\s*=\s*%s\s*" % (re.escape(key), re.escape(val))