|
 |
590d18 |
From 8a866620f36356e570dcee332db6f487837435a6 Mon Sep 17 00:00:00 2001
|
|
|
590d18 |
From: Jan Cholasta <jcholast@redhat.com>
|
|
|
590d18 |
Date: Wed, 23 Sep 2015 10:35:06 +0200
|
|
|
590d18 |
Subject: [PATCH] install: fix kdcproxy user home directory
|
|
|
590d18 |
|
|
|
590d18 |
https://fedorahosted.org/freeipa/ticket/5314
|
|
|
590d18 |
|
|
|
590d18 |
Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
|
|
|
590d18 |
---
|
|
|
590d18 |
freeipa.spec.in | 1 +
|
|
|
590d18 |
ipaplatform/base/paths.py | 1 +
|
|
|
590d18 |
ipaserver/install/httpinstance.py | 4 +++-
|
|
|
590d18 |
3 files changed, 5 insertions(+), 1 deletion(-)
|
|
|
590d18 |
|
|
|
590d18 |
diff --git a/freeipa.spec.in b/freeipa.spec.in
|
|
|
590d18 |
index 530f6141872804ab3801f2da6271fce0d9308a09..6527109b422a1e3065d5a540c3e2a3af670f2ebf 100644
|
|
|
590d18 |
--- a/freeipa.spec.in
|
|
|
590d18 |
+++ b/freeipa.spec.in
|
|
|
590d18 |
@@ -702,6 +702,7 @@ fi
|
|
|
590d18 |
%{_libexecdir}/ipa/ipa-dnskeysync-replica
|
|
|
590d18 |
%{_libexecdir}/ipa/ipa-ods-exporter
|
|
|
590d18 |
%{_libexecdir}/ipa/ipa-httpd-kdcproxy
|
|
|
590d18 |
+%ghost %verify(not owner group) %dir %{_sharedstatedir}/kdcproxy
|
|
|
590d18 |
%config(noreplace) %{_sysconfdir}/sysconfig/ipa_memcached
|
|
|
590d18 |
%config(noreplace) %{_sysconfdir}/sysconfig/ipa-dnskeysyncd
|
|
|
590d18 |
%config(noreplace) %{_sysconfdir}/sysconfig/ipa-ods-exporter
|
|
|
590d18 |
diff --git a/ipaplatform/base/paths.py b/ipaplatform/base/paths.py
|
|
|
590d18 |
index 97c330c31844fcf19bec2e96bf2b23cba5f7f3f0..215caf90ea1ca4e5db8f43f8f09002ce5d5cd280 100644
|
|
|
590d18 |
--- a/ipaplatform/base/paths.py
|
|
|
590d18 |
+++ b/ipaplatform/base/paths.py
|
|
|
590d18 |
@@ -286,6 +286,7 @@ class BasePathNamespace(object):
|
|
|
590d18 |
REPLICA_INFO_GPG_TEMPLATE = "/var/lib/ipa/replica-info-%s.gpg"
|
|
|
590d18 |
SYSRESTORE = "/var/lib/ipa/sysrestore"
|
|
|
590d18 |
STATEFILE_DIR = "/var/lib/ipa/sysupgrade"
|
|
|
590d18 |
+ VAR_LIB_KDCPROXY = "/var/lib/kdcproxy"
|
|
|
590d18 |
VAR_LIB_PKI_DIR = "/var/lib/pki"
|
|
|
590d18 |
VAR_LIB_PKI_CA_DIR = "/var/lib/pki-ca"
|
|
|
590d18 |
PKI_ALIAS_CA_P12 = "/var/lib/pki-ca/alias/ca.p12"
|
|
|
590d18 |
diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py
|
|
|
590d18 |
index 4f2902e1b1ac03d9c6bd1949b66ede9abb5be28e..f55e698f7eb3d8f8aa603f99d750a009a806b70a 100644
|
|
|
590d18 |
--- a/ipaserver/install/httpinstance.py
|
|
|
590d18 |
+++ b/ipaserver/install/httpinstance.py
|
|
|
590d18 |
@@ -83,8 +83,10 @@ def create_kdcproxy_user():
|
|
|
590d18 |
tasks.create_system_user(
|
|
|
590d18 |
name=KDCPROXY_USER,
|
|
|
590d18 |
group=KDCPROXY_USER,
|
|
|
590d18 |
- homedir=paths.VAR_LIB,
|
|
|
590d18 |
+ homedir=paths.VAR_LIB_KDCPROXY,
|
|
|
590d18 |
shell=paths.NOLOGIN,
|
|
|
590d18 |
+ comment="IPA KDC Proxy User",
|
|
|
590d18 |
+ create_homedir=True,
|
|
|
590d18 |
)
|
|
|
590d18 |
|
|
|
590d18 |
|
|
|
590d18 |
--
|
|
|
590d18 |
2.4.3
|
|
|
590d18 |
|