|
 |
483b06 |
From 5a96db72e6bb7597217c5fbbcaa1b29836a9c8c0 Mon Sep 17 00:00:00 2001
|
|
|
483b06 |
From: Petr Vobornik <pvoborni@redhat.com>
|
|
|
483b06 |
Date: Tue, 25 Apr 2017 18:19:21 +0200
|
|
|
483b06 |
Subject: [PATCH] automount install: fix checking of SSSD functionality on
|
|
|
483b06 |
uninstall
|
|
|
483b06 |
|
|
|
483b06 |
Change in 2d4d1a9dc0ef2bbe86751768d6e6b009a52c0dc9 no longer initializes
|
|
|
483b06 |
api in `ipa-client-automount --uninstallation` Which caused error in
|
|
|
483b06 |
wait_for_sssd which gets realm from initialized API.
|
|
|
483b06 |
|
|
|
483b06 |
This patch initializes the API in a way that it doesn't download schema
|
|
|
483b06 |
on uninstallation and on installation it uses host keytab for it so it
|
|
|
483b06 |
no longer requires user's Kerberos credentials.
|
|
|
483b06 |
|
|
|
483b06 |
Also fix call of xxx_service_class_factory which requires api as param.
|
|
|
483b06 |
|
|
|
483b06 |
https://pagure.io/freeipa/issue/6861
|
|
|
483b06 |
|
|
|
483b06 |
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
|
|
|
483b06 |
Reviewed-By: Tomas Krizek <tkrizek@redhat.com>
|
|
|
483b06 |
---
|
|
|
483b06 |
client/ipa-client-automount | 16 ++++++++++------
|
|
|
483b06 |
1 file changed, 10 insertions(+), 6 deletions(-)
|
|
|
483b06 |
|
|
|
483b06 |
diff --git a/client/ipa-client-automount b/client/ipa-client-automount
|
|
|
483b06 |
index 18914bd74932180f300fcbc7b7db0ba1505881bd..2b1d8b9a8ca14d5403635fb20cee37984fe4a101 100755
|
|
|
483b06 |
--- a/client/ipa-client-automount
|
|
|
483b06 |
+++ b/client/ipa-client-automount
|
|
|
483b06 |
@@ -193,7 +193,7 @@ def configure_autofs_sssd(fstore, statestore, autodiscover, options):
|
|
|
483b06 |
sssdconfig.write(paths.SSSD_CONF)
|
|
|
483b06 |
statestore.backup_state('autofs', 'sssd', True)
|
|
|
483b06 |
|
|
|
483b06 |
- sssd = services.service('sssd')
|
|
|
483b06 |
+ sssd = services.service('sssd', api)
|
|
|
483b06 |
sssd.restart()
|
|
|
483b06 |
print("Restarting sssd, waiting for it to become available.")
|
|
|
483b06 |
wait_for_sssd()
|
|
|
483b06 |
@@ -281,7 +281,7 @@ def uninstall(fstore, statestore):
|
|
|
483b06 |
break
|
|
|
483b06 |
sssdconfig.save_domain(domain)
|
|
|
483b06 |
sssdconfig.write(paths.SSSD_CONF)
|
|
|
483b06 |
- sssd = services.service('sssd')
|
|
|
483b06 |
+ sssd = services.service('sssd', api)
|
|
|
483b06 |
sssd.restart()
|
|
|
483b06 |
wait_for_sssd()
|
|
|
483b06 |
except Exception as e:
|
|
|
483b06 |
@@ -379,9 +379,6 @@ def main():
|
|
|
483b06 |
paths.IPACLIENT_INSTALL_LOG, verbose=False, debug=options.debug,
|
|
|
483b06 |
filemode='a', console_format='%(message)s')
|
|
|
483b06 |
|
|
|
483b06 |
- if options.uninstall:
|
|
|
483b06 |
- return uninstall(fstore, statestore)
|
|
|
483b06 |
-
|
|
|
483b06 |
cfg = dict(
|
|
|
483b06 |
context='cli_installer',
|
|
|
483b06 |
confdir=paths.ETC_IPA,
|
|
|
483b06 |
@@ -390,8 +387,11 @@ def main():
|
|
|
483b06 |
verbose=0,
|
|
|
483b06 |
)
|
|
|
483b06 |
|
|
|
483b06 |
+ # Bootstrap API early so that env object is available
|
|
|
483b06 |
api.bootstrap(**cfg)
|
|
|
483b06 |
- api.finalize()
|
|
|
483b06 |
+
|
|
|
483b06 |
+ if options.uninstall:
|
|
|
483b06 |
+ return uninstall(fstore, statestore)
|
|
|
483b06 |
|
|
|
483b06 |
ca_cert_path = None
|
|
|
483b06 |
if os.path.exists(paths.IPA_CA_CRT):
|
|
|
483b06 |
@@ -449,6 +449,10 @@ def main():
|
|
|
483b06 |
os.environ['KRB5CCNAME'] = ccache_name
|
|
|
483b06 |
except gssapi.exceptions.GSSError as e:
|
|
|
483b06 |
sys.exit("Failed to obtain host TGT: %s" % e)
|
|
|
483b06 |
+
|
|
|
483b06 |
+ # Finalize API when TGT obtained using host keytab exists
|
|
|
483b06 |
+ api.finalize()
|
|
|
483b06 |
+
|
|
|
483b06 |
# Now we have a TGT, connect to IPA
|
|
|
483b06 |
try:
|
|
|
483b06 |
api.Backend.rpcclient.connect()
|
|
|
483b06 |
--
|
|
|
483b06 |
2.12.2
|
|
|
483b06 |
|