|
 |
ac7d03 |
From e4f21a17762e3dcdbe05d9d62255fff9a7e2c8fa Mon Sep 17 00:00:00 2001
|
|
|
ac7d03 |
From: Stanislav Laznicka <slaznick@redhat.com>
|
|
|
ac7d03 |
Date: Tue, 4 Apr 2017 10:41:23 +0200
|
|
|
ac7d03 |
Subject: [PATCH] server-install: remove broken no-pkinit check
|
|
|
ac7d03 |
|
|
|
ac7d03 |
Don't check for no-pkinit option in case pkinit cert file was
|
|
|
ac7d03 |
provided. Setting no-pkinit is prohibited in this case, so without
|
|
|
ac7d03 |
this fix we have an impossible option-check if we want to provide
|
|
|
ac7d03 |
an own pkinit certificate and private key.
|
|
|
ac7d03 |
|
|
|
ac7d03 |
https://pagure.io/freeipa/issue/6807
|
|
|
ac7d03 |
|
|
|
ac7d03 |
Reviewed-By: Martin Basti <mbasti@redhat.com>
|
|
|
ac7d03 |
---
|
|
|
ac7d03 |
ipaserver/install/server/install.py | 5 -----
|
|
|
ac7d03 |
1 file changed, 5 deletions(-)
|
|
|
ac7d03 |
|
|
|
ac7d03 |
diff --git a/ipaserver/install/server/install.py b/ipaserver/install/server/install.py
|
|
|
ac7d03 |
index 197f01ccef58bb3564eb4c6b5b4d615bff1e523d..b899b4be4028e6cdfd95bb9868fba8be25a07b65 100644
|
|
|
ac7d03 |
--- a/ipaserver/install/server/install.py
|
|
|
ac7d03 |
+++ b/ipaserver/install/server/install.py
|
|
|
ac7d03 |
@@ -513,11 +513,6 @@ def install_check(installer):
|
|
|
ac7d03 |
dirsrv_pkcs12_info = (dirsrv_pkcs12_file.name, dirsrv_pin)
|
|
|
ac7d03 |
|
|
|
ac7d03 |
if options.pkinit_cert_files:
|
|
|
ac7d03 |
- if not options.no_pkinit:
|
|
|
ac7d03 |
- raise ScriptError("Cannot create KDC PKINIT certificate and use "
|
|
|
ac7d03 |
- "provided external PKINIT certificate at the "
|
|
|
ac7d03 |
- "same time. Please choose one of them.")
|
|
|
ac7d03 |
-
|
|
|
ac7d03 |
if options.pkinit_pin is None:
|
|
|
ac7d03 |
options.pkinit_pin = read_password(
|
|
|
ac7d03 |
"Enter Kerberos KDC private key unlock",
|
|
|
ac7d03 |
--
|
|
|
ac7d03 |
2.12.2
|
|
|
ac7d03 |
|