From ed1c1626a607a5292c08836d13c32464d1b71859 Mon Sep 17 00:00:00 2001 From: Alexander Bokovoy Date: Mon, 9 Sep 2019 11:02:29 +0300 Subject: [PATCH] adtrust: avoid using timestamp in klist output When parsing a keytab to copy keys to a different keytab, we don't need the timestamp, so don't ask klist to output it. In some locales (en_IN, for example), the timestamp is output in a single field without a space between date and time. In other locales it can be represented with date and time separated by a space. Fixes: https://pagure.io/freeipa/issue/8066 Reviewed-By: Thomas Woerner --- ipaserver/install/plugins/adtrust.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/ipaserver/install/plugins/adtrust.py b/ipaserver/install/plugins/adtrust.py index 28932e6c52..3b2e49bc05 100644 --- a/ipaserver/install/plugins/adtrust.py +++ b/ipaserver/install/plugins/adtrust.py @@ -721,7 +721,7 @@ def execute(self, **options): KeyEntry = namedtuple('KeyEntry', - ['kvno', 'date', 'time', 'principal', 'etype', 'key']) + ['kvno', 'principal', 'etype', 'key']) @register() @@ -741,7 +741,7 @@ class update_host_cifs_keytabs(Updater): def extract_key_refs(self, keytab): host_princ = self.host_princ_template.format( master=self.api.env.host, realm=self.api.env.realm) - result = ipautil.run([paths.KLIST, "-etK", "-k", keytab], + result = ipautil.run([paths.KLIST, "-eK", "-k", keytab], capture_output=True, raiseonerr=False, nolog_output=True) if result.returncode != 0: @@ -752,8 +752,8 @@ def extract_key_refs(self, keytab): if (host_princ in l and any(e in l for e in self.valid_etypes)): els = l.split() - els[4] = els[4].strip('()') - els[5] = els[5].strip('()') + els[-2] = els[-2].strip('()') + els[-1] = els[-1].strip('()') keys_to_sync.append(KeyEntry._make(els)) return keys_to_sync