From dd300d7db884db2d0aa228c08d2447539ce14c1c Mon Sep 17 00:00:00 2001
From: Martin Babinsky <mbabinsk@redhat.com>
Date: Wed, 22 Mar 2017 16:52:14 +0100
Subject: [PATCH] Remove duplicate functionality in upgrade
Since krbinstance code can now handle all operations of the
`enabled_anonymous_principal` function from upgrade we can remove
extraneous function altogether.
https://pagure.io/freeipa/issue/6799
Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
---
ipaserver/install/server/upgrade.py | 16 +---------------
1 file changed, 1 insertion(+), 15 deletions(-)
diff --git a/ipaserver/install/server/upgrade.py b/ipaserver/install/server/upgrade.py
index 0db764cb80f6d0fb22f00719dadf1f921f97bf62..25b86297af3ae9d5f21cebb93f493b90670dcfc3 100644
--- a/ipaserver/install/server/upgrade.py
+++ b/ipaserver/install/server/upgrade.py
@@ -1482,20 +1482,6 @@ def add_default_caacl(ca):
sysupgrade.set_upgrade_state('caacl', 'add_default_caacl', True)
-def enable_anonymous_principal(krb):
- princ_realm = krb.get_anonymous_principal_name()
- dn = DN(('krbprincipalname', princ_realm), krb.get_realm_suffix())
- try:
- _ = api.Backend.ldap2.get_entry(dn) # pylint: disable=unused-variable
- except ipalib.errors.NotFound:
- krb.add_anonymous_principal()
-
- try:
- api.Backend.ldap2.set_entry_active(dn, True)
- except ipalib.errors.AlreadyActive:
- pass
-
-
def setup_pkinit(krb):
root_logger.info("[Setup PKINIT]")
@@ -1809,7 +1795,7 @@ def upgrade_configuration():
KDC_CERT=paths.KDC_CERT,
KDC_KEY=paths.KDC_KEY,
CACERT_PEM=paths.CACERT_PEM)
- enable_anonymous_principal(krb)
+ krb.add_anonymous_principal()
http.request_anon_keytab()
setup_pkinit(krb)
--
2.12.2