From c702bb6ca3742cf7ea156e062840623f95a001b7 Mon Sep 17 00:00:00 2001
From: Martin Babinsky <mbabinsk@redhat.com>
Date: Thu, 22 Jun 2017 15:08:08 +0200
Subject: [PATCH] Use the compound statement formatting API for configuring
PKINIT
Use `if_branch` and `else_branch` context managers instead of raw
`command` calls in the method that generates Bash snippet that
configures PKINIT on the master.
https://pagure.io/freeipa/issue/7036
Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
---
ipaserver/advise/plugins/smart_card_auth.py | 16 +++++++---------
1 file changed, 7 insertions(+), 9 deletions(-)
diff --git a/ipaserver/advise/plugins/smart_card_auth.py b/ipaserver/advise/plugins/smart_card_auth.py
index 138a44316473f6b504a44a1b68d01fa4d5a58308..2dc9ddb25ce41a8c85aab827a92a1143784d9457 100644
--- a/ipaserver/advise/plugins/smart_card_auth.py
+++ b/ipaserver/advise/plugins/smart_card_auth.py
@@ -214,15 +214,13 @@ class config_server_for_smart_card_auth(common_smart_card_auth_config):
def check_and_enable_pkinit(self):
self.log.comment('check whether PKINIT is configured on the master')
- self.log.command(
- "if ipa-pkinit-manage status | grep -q 'enabled'")
- self.log.command('then')
- self.log.command(' echo "PKINIT already enabled"')
- self.log.command('else')
- self.log.exit_on_failed_command(
- 'ipa-pkinit-manage enable',
- ['Failed to issue PKINIT certificates to local KDC'])
- self.log.command('fi')
+ with self.log.if_branch(
+ "ipa-pkinit-manage status | grep -q 'enabled'"):
+ self.log.command('echo "PKINIT already enabled"')
+ with self.log.else_branch():
+ self.log.exit_on_failed_command(
+ 'ipa-pkinit-manage enable',
+ ['Failed to issue PKINIT certificates to local KDC'])
def enable_ok_to_auth_as_delegate_on_http_principal(self):
self.log.comment('Enable OK-AS-DELEGATE flag on the HTTP principal')
--
2.9.4