IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

httpinstance: re-use parent's methods to retrieve anonymous keytab

Browse Source 
https://fedorahosted.org/freeipa/ticket/6638

Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
This commit is contained in:
Martin Babinsky 2017-02-17 14:33:40 +01:00 committed by Martin Basti
parent 6c0baa6208
commit ce3baf28ce
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ipaserver/install/httpinstance.py
View File

@ -317,12 +317,15 @@ class HTTPInstance(service.Service):
parent = os.path.dirname(paths.ANON_KEYTAB) parent = os.path.dirname(paths.ANON_KEYTAB)
if not os.path.exists(parent): if not os.path.exists(parent):
os.makedirs(parent, 0o755) os.makedirs(parent, 0o755)
self.clean_previous_keytab(keytab=paths.ANON_KEYTAB)
self.run_getkeytab(self.api.env.ldap_uri, paths.ANON_KEYTAB, ANON_USER) self.run_getkeytab(self.api.env.ldap_uri, paths.ANON_KEYTAB, ANON_USER)
pent = pwd.getpwnam(IPAAPI_USER) pent = pwd.getpwnam(IPAAPI_USER)
os.chmod(parent, 0o700) os.chmod(parent, 0o700)
os.chown(parent, pent.pw_uid, pent.pw_gid) os.chown(parent, pent.pw_uid, pent.pw_gid)
os.chown(paths.ANON_KEYTAB, pent.pw_uid, pent.pw_gid)
self.set_keytab_owner(keytab=paths.ANON_KEYTAB, owner=IPAAPI_USER)
def create_password_conf(self): def create_password_conf(self):
""" """