IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

set preauth on kadmin/changepw otherwise the kpasswd can't acquire a ticket

Browse Source
This commit is contained in:
Simo Sorce 2007-08-08 22:19:03 -04:00
parent a50720e7d4
commit c13bbdeb7a
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ipa-server/ipaserver/krbinstance.py
View File

@ -175,3 +175,11 @@ class KrbInstance:
cfg_fd.close()
pent = pwd.getpwnam(self.ds_user)
os.chown("/etc/sysconfig/fedora-ds", pent.pw_uid, pent.pw_gid)
def __set_kadmin_changepw_preauth(self):
(kwrite, kread, kerr) = os.popen3("/usr/kerberos/sbin/kadmin.local")
kwrite.write("modprinc +requires_preauth kadmin/changepw\n")
kwrite.flush()
kwrite.close()
kread.close()
kerr.close()