pgreco / rpms / ipa

Forked from forks/areguera/rpms/ipa 5 years ago
Clone

Blame SOURCES/0108-automount-install-fix-checking-of-SSSD-functionality.patch

ac7d03
From 5a96db72e6bb7597217c5fbbcaa1b29836a9c8c0 Mon Sep 17 00:00:00 2001
ac7d03
From: Petr Vobornik <pvoborni@redhat.com>
ac7d03
Date: Tue, 25 Apr 2017 18:19:21 +0200
ac7d03
Subject: [PATCH] automount install: fix checking of SSSD functionality on
ac7d03
 uninstall
ac7d03
ac7d03
Change in 2d4d1a9dc0ef2bbe86751768d6e6b009a52c0dc9 no longer initializes
ac7d03
api in `ipa-client-automount --uninstallation` Which caused error in
ac7d03
wait_for_sssd which gets realm from initialized API.
ac7d03
ac7d03
This patch initializes the API in a way that it doesn't download schema
ac7d03
on uninstallation and on installation it uses host keytab for it so it
ac7d03
no longer requires user's Kerberos credentials.
ac7d03
ac7d03
Also fix call of xxx_service_class_factory which requires api as param.
ac7d03
ac7d03
https://pagure.io/freeipa/issue/6861
ac7d03
ac7d03
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
ac7d03
Reviewed-By: Tomas Krizek <tkrizek@redhat.com>
ac7d03
---
ac7d03
 client/ipa-client-automount | 16 ++++++++++------
ac7d03
 1 file changed, 10 insertions(+), 6 deletions(-)
ac7d03
ac7d03
diff --git a/client/ipa-client-automount b/client/ipa-client-automount
ac7d03
index 18914bd74932180f300fcbc7b7db0ba1505881bd..2b1d8b9a8ca14d5403635fb20cee37984fe4a101 100755
ac7d03
--- a/client/ipa-client-automount
ac7d03
+++ b/client/ipa-client-automount
ac7d03
@@ -193,7 +193,7 @@ def configure_autofs_sssd(fstore, statestore, autodiscover, options):
ac7d03
     sssdconfig.write(paths.SSSD_CONF)
ac7d03
     statestore.backup_state('autofs', 'sssd', True)
ac7d03
 
ac7d03
-    sssd = services.service('sssd')
ac7d03
+    sssd = services.service('sssd', api)
ac7d03
     sssd.restart()
ac7d03
     print("Restarting sssd, waiting for it to become available.")
ac7d03
     wait_for_sssd()
ac7d03
@@ -281,7 +281,7 @@ def uninstall(fstore, statestore):
ac7d03
                         break
ac7d03
                 sssdconfig.save_domain(domain)
ac7d03
                 sssdconfig.write(paths.SSSD_CONF)
ac7d03
-                sssd = services.service('sssd')
ac7d03
+                sssd = services.service('sssd', api)
ac7d03
                 sssd.restart()
ac7d03
                 wait_for_sssd()
ac7d03
             except Exception as e:
ac7d03
@@ -379,9 +379,6 @@ def main():
ac7d03
         paths.IPACLIENT_INSTALL_LOG, verbose=False, debug=options.debug,
ac7d03
         filemode='a', console_format='%(message)s')
ac7d03
 
ac7d03
-    if options.uninstall:
ac7d03
-        return uninstall(fstore, statestore)
ac7d03
-
ac7d03
     cfg = dict(
ac7d03
         context='cli_installer',
ac7d03
         confdir=paths.ETC_IPA,
ac7d03
@@ -390,8 +387,11 @@ def main():
ac7d03
         verbose=0,
ac7d03
     )
ac7d03
 
ac7d03
+    # Bootstrap API early so that env object is available
ac7d03
     api.bootstrap(**cfg)
ac7d03
-    api.finalize()
ac7d03
+
ac7d03
+    if options.uninstall:
ac7d03
+        return uninstall(fstore, statestore)
ac7d03
 
ac7d03
     ca_cert_path = None
ac7d03
     if os.path.exists(paths.IPA_CA_CRT):
ac7d03
@@ -449,6 +449,10 @@ def main():
ac7d03
             os.environ['KRB5CCNAME'] = ccache_name
ac7d03
         except gssapi.exceptions.GSSError as e:
ac7d03
             sys.exit("Failed to obtain host TGT: %s" % e)
ac7d03
+
ac7d03
+        # Finalize API when TGT obtained using host keytab exists
ac7d03
+        api.finalize()
ac7d03
+
ac7d03
         # Now we have a TGT, connect to IPA
ac7d03
         try:
ac7d03
             api.Backend.rpcclient.connect()
ac7d03
-- 
ac7d03
2.12.2
ac7d03