IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Do not assume certmonger is running in httpinstance

Browse Source 
https://fedorahosted.org/freeipa/ticket/4835

Reviewed-By: David Kupka <dkupka@redhat.com>
This commit is contained in:
Jan Cholasta 2015-01-20 09:38:43 +00:00 committed by Martin Kosek
parent 794c9e6c31
commit f204b28da3
1 changed files with 29 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
ipaserver/install/httpinstance.py
View File

@ -39,6 +39,7 @@ from ipaserver.install import sysupgrade
from ipalib import api from ipalib import api
from ipaplatform.tasks import tasks from ipaplatform.tasks import tasks
from ipaplatform.paths import paths from ipaplatform.paths import paths
from ipaplatform import services
SELINUX_BOOLEAN_SETTINGS = dict( SELINUX_BOOLEAN_SETTINGS = dict(
@ -228,25 +229,34 @@ class HTTPInstance(service.Service):
print "Adding Include conf.d/ipa-rewrite to %s failed." % paths.HTTPD_NSS_CONF print "Adding Include conf.d/ipa-rewrite to %s failed." % paths.HTTPD_NSS_CONF
def configure_certmonger_renewal_guard(self): def configure_certmonger_renewal_guard(self):
bus = dbus.SystemBus() certmonger = services.knownservices.certmonger
obj = bus.get_object('org.fedorahosted.certmonger', certmonger_stopped = not certmonger.is_running()
'/org/fedorahosted/certmonger')
iface = dbus.Interface(obj, 'org.fedorahosted.certmonger') if certmonger_stopped:
path = iface.find_ca_by_nickname('IPA') certmonger.start()
if path: try:
ca_obj = bus.get_object('org.fedorahosted.certmonger', path) bus = dbus.SystemBus()
ca_iface = dbus.Interface(ca_obj, obj = bus.get_object('org.fedorahosted.certmonger',
'org.freedesktop.DBus.Properties') '/org/fedorahosted/certmonger')
helper = ca_iface.Get('org.fedorahosted.certmonger.ca', iface = dbus.Interface(obj, 'org.fedorahosted.certmonger')
'external-helper') path = iface.find_ca_by_nickname('IPA')
if helper: if path:
args = shlex.split(helper) ca_obj = bus.get_object('org.fedorahosted.certmonger', path)
if args[0] != paths.IPA_SERVER_GUARD: ca_iface = dbus.Interface(ca_obj,
self.backup_state('certmonger_ipa_helper', helper) 'org.freedesktop.DBus.Properties')
args = [paths.IPA_SERVER_GUARD] + args helper = ca_iface.Get('org.fedorahosted.certmonger.ca',
helper = ' '.join(pipes.quote(a) for a in args) 'external-helper')
ca_iface.Set('org.fedorahosted.certmonger.ca', if helper:
'external-helper', helper) args = shlex.split(helper)
if args[0] != paths.IPA_SERVER_GUARD:
self.backup_state('certmonger_ipa_helper', helper)
args = [paths.IPA_SERVER_GUARD] + args
helper = ' '.join(pipes.quote(a) for a in args)
ca_iface.Set('org.fedorahosted.certmonger.ca',
'external-helper', helper)
finally:
if certmonger_stopped:
certmonger.stop()
def __setup_ssl(self): def __setup_ssl(self):
fqdn = self.fqdn fqdn = self.fqdn