IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-24 15:16:40 -06:00
Code Issues Packages Projects Releases Wiki Activity

Adapt redhat ipaplatform to RHEL9/ELN

Browse Source 
On RHEL8, ipa is using named-pkcs11.service but RHEL9 is based on
fedora34 and uses named.service instead. There is already some support
for this distinction in ipaplatform, and the patch relies on the
specific settings that can be configured in ipaplatform/xx/services.py
and ipaplatform/xx/constants.py

On RHEL9 ipa also needs to define NAMED_OPENSSL_ENGINE for named
to use openssl's okcs11 engine.

Fixes: https://pagure.io/freeipa/issue/8753
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
This commit is contained in:
Florence Blanc-Renaud 2021-03-26 17:04:45 +01:00 committed by Alexander Bokovoy
parent 8c93e2fb0b
commit c2c533b765
2 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ipaplatform/rhel/constants.py
View File

@ -17,6 +17,8 @@ from ipaplatform.osinfo import osinfo
# RHEL 7 and earlier use /etc/sysconfig/nfs
# RHEL 8 uses /etc/nfs.conf
HAS_NFS_CONF = osinfo.version_number >= (8,)
# RHEL 9 uses pkcs11 as openssl engine
HAS_PKCS11_OPENSSL_ENGINE = osinfo.version_number >= (9,)
__all__ = ("constants", "User", "Group")
@ -27,5 +29,7 @@ class RHELConstantsNamespace(RedHatConstantsNamespace):
IPA_DNS_PACKAGE_NAME = "ipa-server-dns"
if HAS_NFS_CONF:
SECURE_NFS_VAR = None
if HAS_PKCS11_OPENSSL_ENGINE:
NAMED_OPENSSL_ENGINE = "pkcs11"
constants = RHELConstantsNamespace()

6
ipaplatform/rhel/services.py
View File

@ -24,11 +24,15 @@ Contains RHEL-specific service class implementations.
from __future__ import absolute_import
from ipaplatform.osinfo import osinfo
from ipaplatform.redhat import services as redhat_services
# Mappings from service names as FreeIPA code references to these services
# to their actual systemd service names
rhel_system_units = redhat_services.redhat_system_units.copy()
if osinfo.version_number >= (9,):
rhel_system_units['named'] = rhel_system_units['named-regular']
rhel_system_units['named-conflict'] = rhel_system_units['named-pkcs11']
# Service classes that implement RHEL-specific behaviour
@ -41,6 +45,8 @@ class RHELService(redhat_services.RedHatService):
# of specified name
def rhel_service_class_factory(name, api=None):
if name in ['named', 'named-conflict']:
return RHELService(name, api)
return redhat_services.redhat_service_class_factory(name, api)