rpms / ipa

Clone
Source Code
GIT

Blame SOURCES/0108-automount-install-fix-checking-of-SSSD-functionality.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-DL1 c8-beta-stream-client c8-stream-DL1 c8-stream-client c8s-stream-DL1 c8s-stream-client c9 c9-beta
  1.   8ec14dc11079a095c5f2874f98023a3508e0d46b
  2.   SOURCES
  3.   0108-automount-install-fix-checking-of-SSSD-functionality.patch
Blob History Raw
ac7d03 
From 5a96db72e6bb7597217c5fbbcaa1b29836a9c8c0 Mon Sep 17 00:00:00 2001
ac7d03 
From: Petr Vobornik <pvoborni@redhat.com>
ac7d03 
Date: Tue, 25 Apr 2017 18:19:21 +0200
ac7d03 
Subject: [PATCH] automount install: fix checking of SSSD functionality on
ac7d03 
 uninstall
ac7d03
ac7d03 
Change in 2d4d1a9dc0ef2bbe86751768d6e6b009a52c0dc9 no longer initializes
ac7d03 
api in `ipa-client-automount --uninstallation` Which caused error in
ac7d03 
wait_for_sssd which gets realm from initialized API.
ac7d03
ac7d03 
This patch initializes the API in a way that it doesn't download schema
ac7d03 
on uninstallation and on installation it uses host keytab for it so it
ac7d03 
no longer requires user's Kerberos credentials.
ac7d03
ac7d03 
Also fix call of xxx_service_class_factory which requires api as param.
ac7d03
ac7d03 
https://pagure.io/freeipa/issue/6861
ac7d03
ac7d03 
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
ac7d03 
Reviewed-By: Tomas Krizek <tkrizek@redhat.com>
ac7d03 
---
ac7d03 
 client/ipa-client-automount | 16 ++++++++++------
ac7d03 
 1 file changed, 10 insertions(+), 6 deletions(-)
ac7d03
ac7d03 
diff --git a/client/ipa-client-automount b/client/ipa-client-automount
ac7d03 
index 18914bd74932180f300fcbc7b7db0ba1505881bd..2b1d8b9a8ca14d5403635fb20cee37984fe4a101 100755
ac7d03 
--- a/client/ipa-client-automount
ac7d03 
+++ b/client/ipa-client-automount
ac7d03 
@@ -193,7 +193,7 @@ def configure_autofs_sssd(fstore, statestore, autodiscover, options):
ac7d03 
     sssdconfig.write(paths.SSSD_CONF)
ac7d03 
     statestore.backup_state('autofs', 'sssd', True)
ac7d03
ac7d03 
-    sssd = services.service('sssd')
ac7d03 
+    sssd = services.service('sssd', api)
ac7d03 
     sssd.restart()
ac7d03 
     print("Restarting sssd, waiting for it to become available.")
ac7d03 
     wait_for_sssd()
ac7d03 
@@ -281,7 +281,7 @@ def uninstall(fstore, statestore):
ac7d03 
                         break
ac7d03 
                 sssdconfig.save_domain(domain)
ac7d03 
                 sssdconfig.write(paths.SSSD_CONF)
ac7d03 
-                sssd = services.service('sssd')
ac7d03 
+                sssd = services.service('sssd', api)
ac7d03 
                 sssd.restart()
ac7d03 
                 wait_for_sssd()
ac7d03 
             except Exception as e:
ac7d03 
@@ -379,9 +379,6 @@ def main():
ac7d03 
         paths.IPACLIENT_INSTALL_LOG, verbose=False, debug=options.debug,
ac7d03 
         filemode='a', console_format='%(message)s')
ac7d03
ac7d03 
-    if options.uninstall:
ac7d03 
-        return uninstall(fstore, statestore)
ac7d03 
-
ac7d03 
     cfg = dict(
ac7d03 
         context='cli_installer',
ac7d03 
         confdir=paths.ETC_IPA,
ac7d03 
@@ -390,8 +387,11 @@ def main():
ac7d03 
         verbose=0,
ac7d03 
     )
ac7d03
ac7d03 
+    # Bootstrap API early so that env object is available
ac7d03 
     api.bootstrap(**cfg)
ac7d03 
-    api.finalize()
ac7d03 
+
ac7d03 
+    if options.uninstall:
ac7d03 
+        return uninstall(fstore, statestore)
ac7d03
ac7d03 
     ca_cert_path = None
ac7d03 
     if os.path.exists(paths.IPA_CA_CRT):
ac7d03 
@@ -449,6 +449,10 @@ def main():
ac7d03 
             os.environ['KRB5CCNAME'] = ccache_name
ac7d03 
         except gssapi.exceptions.GSSError as e:
ac7d03 
             sys.exit("Failed to obtain host TGT: %s" % e)
ac7d03 
+
ac7d03 
+        # Finalize API when TGT obtained using host keytab exists
ac7d03 
+        api.finalize()
ac7d03 
+
ac7d03 
         # Now we have a TGT, connect to IPA
ac7d03 
         try:
ac7d03 
             api.Backend.rpcclient.connect()
ac7d03 
--
ac7d03 
2.12.2
ac7d03

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation