|
 |
b01884 |
From 9cfd07e87964f37465dd699a50444e6953291f59 Mon Sep 17 00:00:00 2001
|
|
|
b01884 |
From: Petr Vobornik <pvoborni@redhat.com>
|
|
|
b01884 |
Date: Oct 23 2018 14:48:53 +0000
|
|
|
b01884 |
Subject: ipa-advise: update url of cacerdir_rehash tool
|
|
|
b01884 |
|
|
|
b01884 |
|
|
|
b01884 |
On legacy systems which don't have cacerdir_rehash tool (provided by authconfig)
|
|
|
b01884 |
the generated advise script downloads this tool from project page and uses it.
|
|
|
b01884 |
|
|
|
b01884 |
After decommision of Fedorahosted and move of authconfig project to Pagure,
|
|
|
b01884 |
this url was not updated in FreeIPA project.
|
|
|
b01884 |
|
|
|
b01884 |
This patch updates the url.
|
|
|
b01884 |
|
|
|
b01884 |
https://pagure.io/freeipa/issue/7731
|
|
|
b01884 |
|
|
|
b01884 |
Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
|
|
|
b01884 |
Reviewed-By: Christian Heimes <cheimes@redhat.com>
|
|
|
b01884 |
|
|
|
b01884 |
---
|
|
|
b01884 |
|
|
|
b01884 |
diff --git a/ipaserver/advise/plugins/legacy_clients.py b/ipaserver/advise/plugins/legacy_clients.py
|
|
|
b01884 |
index 7916965..2a56922 100644
|
|
|
b01884 |
--- a/ipaserver/advise/plugins/legacy_clients.py
|
|
|
b01884 |
+++ b/ipaserver/advise/plugins/legacy_clients.py
|
|
|
b01884 |
@@ -28,6 +28,9 @@ from ipapython.ipautil import template_file
|
|
|
b01884 |
|
|
|
b01884 |
register = Registry()
|
|
|
b01884 |
|
|
|
b01884 |
+CACERTDIR_REHASH_URL = ('https://pagure.io/authconfig/raw/master/f/'
|
|
|
b01884 |
+ 'cacertdir_rehash')
|
|
|
b01884 |
+
|
|
|
b01884 |
|
|
|
b01884 |
class config_base_legacy_client(Advice):
|
|
|
b01884 |
def get_uri_and_base(self):
|
|
|
b01884 |
@@ -50,8 +53,6 @@ class config_base_legacy_client(Advice):
|
|
|
b01884 |
'location. If this value is different on your system '
|
|
|
b01884 |
'the script needs to be modified accordingly.\n')
|
|
|
b01884 |
|
|
|
b01884 |
- cacertdir_rehash = ('https://fedorahosted.org/authconfig/browser/'
|
|
|
b01884 |
- 'cacertdir_rehash?format=txt')
|
|
|
b01884 |
self.log.comment('Download the CA certificate of the IPA server')
|
|
|
b01884 |
self.log.command('mkdir -p -m 755 /etc/openldap/cacerts')
|
|
|
b01884 |
self.log.command('curl http://%s/ipa/config/ca.crt -o '
|
|
|
b01884 |
@@ -60,7 +61,8 @@ class config_base_legacy_client(Advice):
|
|
|
b01884 |
self.log.comment('Generate hashes for the openldap library')
|
|
|
b01884 |
self.log.command('command -v cacertdir_rehash')
|
|
|
b01884 |
self.log.command('if [ $? -ne 0 ] ; then')
|
|
|
b01884 |
- self.log.command(' curl "%s" -o cacertdir_rehash ;' % cacertdir_rehash)
|
|
|
b01884 |
+ self.log.command(' curl "%s" -o cacertdir_rehash ;' %
|
|
|
b01884 |
+ CACERTDIR_REHASH_URL)
|
|
|
b01884 |
self.log.command(' chmod 755 ./cacertdir_rehash ;')
|
|
|
b01884 |
self.log.command(' ./cacertdir_rehash /etc/openldap/cacerts/ ;')
|
|
|
b01884 |
self.log.command('else')
|
|
|
b01884 |
|