IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

automount install: fix checking of SSSD functionality on uninstall

Browse Source 
Change in 2d4d1a9dc0 no longer initializes
api in `ipa-client-automount --uninstallation` Which caused error in
wait_for_sssd which gets realm from initialized API.

This patch initializes the API in a way that it doesn't download schema
on uninstallation and on installation it uses host keytab for it so it
no longer requires user's Kerberos credentials.

Also fix call of xxx_service_class_factory which requires api as param.

https://pagure.io/freeipa/issue/6861

Reviewed-By: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Tomas Krizek <tkrizek@redhat.com>
This commit is contained in:
Petr Vobornik 2017-04-25 18:19:21 +02:00 committed by Martin Basti
parent d5c41ed4ad
commit b4e447fa6f
1 changed files with 10 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
client/ipa-client-automount
View File

@ -193,7 +193,7 @@ def configure_autofs_sssd(fstore, statestore, autodiscover, options):
sssdconfig.write(paths.SSSD_CONF) sssdconfig.write(paths.SSSD_CONF)
statestore.backup_state('autofs', 'sssd', True) statestore.backup_state('autofs', 'sssd', True)
sssd = services.service('sssd') sssd = services.service('sssd', api)
sssd.restart() sssd.restart()
print("Restarting sssd, waiting for it to become available.") print("Restarting sssd, waiting for it to become available.")
wait_for_sssd() wait_for_sssd()
@ -281,7 +281,7 @@ def uninstall(fstore, statestore):
break break
sssdconfig.save_domain(domain) sssdconfig.save_domain(domain)
sssdconfig.write(paths.SSSD_CONF) sssdconfig.write(paths.SSSD_CONF)
sssd = services.service('sssd') sssd = services.service('sssd', api)
sssd.restart() sssd.restart()
wait_for_sssd() wait_for_sssd()
except Exception as e: except Exception as e:
@ -379,9 +379,6 @@ def main():
paths.IPACLIENT_INSTALL_LOG, verbose=False, debug=options.debug, paths.IPACLIENT_INSTALL_LOG, verbose=False, debug=options.debug,
filemode='a', console_format='%(message)s') filemode='a', console_format='%(message)s')
if options.uninstall:
return uninstall(fstore, statestore)
cfg = dict( cfg = dict(
context='cli_installer', context='cli_installer',
confdir=paths.ETC_IPA, confdir=paths.ETC_IPA,
@ -390,8 +387,11 @@ def main():
verbose=0, verbose=0,
) )
# Bootstrap API early so that env object is available
api.bootstrap(**cfg) api.bootstrap(**cfg)
api.finalize()
if options.uninstall:
return uninstall(fstore, statestore)
ca_cert_path = None ca_cert_path = None
if os.path.exists(paths.IPA_CA_CRT): if os.path.exists(paths.IPA_CA_CRT):
@ -449,6 +449,10 @@ def main():
os.environ['KRB5CCNAME'] = ccache_name os.environ['KRB5CCNAME'] = ccache_name
except gssapi.exceptions.GSSError as e: except gssapi.exceptions.GSSError as e:
sys.exit("Failed to obtain host TGT: %s" % e) sys.exit("Failed to obtain host TGT: %s" % e)
# Finalize API when TGT obtained using host keytab exists
api.finalize()
# Now we have a TGT, connect to IPA # Now we have a TGT, connect to IPA
try: try:
api.Backend.rpcclient.connect() api.Backend.rpcclient.connect()