diff options
author | Jan Cholasta <jcholast@redhat.com> | 2015-01-20 09:38:43 +0000 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2015-01-20 15:35:18 +0100 |
commit | 82ab0eabf8b963023611ceb42f87244f40651c05 (patch) | |
tree | c0d29159ba2593e490bb3d2b3654d64f20f6b24b | |
parent | 1537ac8138bf4371ae38147e8979904c756b3800 (diff) | |
download | freeipa-82ab0eabf8b963023611ceb42f87244f40651c05.tar.gz freeipa-82ab0eabf8b963023611ceb42f87244f40651c05.tar.xz freeipa-82ab0eabf8b963023611ceb42f87244f40651c05.zip |
Do not assume certmonger is running in httpinstance
https://fedorahosted.org/freeipa/ticket/4835
Reviewed-By: David Kupka <dkupka@redhat.com>
-rw-r--r-- | ipaserver/install/httpinstance.py | 48 |
1 files changed, 29 insertions, 19 deletions
diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py index 2fb315b6b..cda85ab02 100644 --- a/ipaserver/install/httpinstance.py +++ b/ipaserver/install/httpinstance.py @@ -39,6 +39,7 @@ from ipaserver.install import sysupgrade from ipalib import api from ipaplatform.tasks import tasks from ipaplatform.paths import paths +from ipaplatform import services SELINUX_BOOLEAN_SETTINGS = dict( @@ -228,25 +229,34 @@ class HTTPInstance(service.Service): print "Adding Include conf.d/ipa-rewrite to %s failed." % paths.HTTPD_NSS_CONF def configure_certmonger_renewal_guard(self): - bus = dbus.SystemBus() - obj = bus.get_object('org.fedorahosted.certmonger', - '/org/fedorahosted/certmonger') - iface = dbus.Interface(obj, 'org.fedorahosted.certmonger') - path = iface.find_ca_by_nickname('IPA') - if path: - ca_obj = bus.get_object('org.fedorahosted.certmonger', path) - ca_iface = dbus.Interface(ca_obj, - 'org.freedesktop.DBus.Properties') - helper = ca_iface.Get('org.fedorahosted.certmonger.ca', - 'external-helper') - if helper: - args = shlex.split(helper) - if args[0] != paths.IPA_SERVER_GUARD: - self.backup_state('certmonger_ipa_helper', helper) - args = [paths.IPA_SERVER_GUARD] + args - helper = ' '.join(pipes.quote(a) for a in args) - ca_iface.Set('org.fedorahosted.certmonger.ca', - 'external-helper', helper) + certmonger = services.knownservices.certmonger + certmonger_stopped = not certmonger.is_running() + + if certmonger_stopped: + certmonger.start() + try: + bus = dbus.SystemBus() + obj = bus.get_object('org.fedorahosted.certmonger', + '/org/fedorahosted/certmonger') + iface = dbus.Interface(obj, 'org.fedorahosted.certmonger') + path = iface.find_ca_by_nickname('IPA') + if path: + ca_obj = bus.get_object('org.fedorahosted.certmonger', path) + ca_iface = dbus.Interface(ca_obj, + 'org.freedesktop.DBus.Properties') + helper = ca_iface.Get('org.fedorahosted.certmonger.ca', + 'external-helper') + if helper: + args = shlex.split(helper) + if args[0] != paths.IPA_SERVER_GUARD: + self.backup_state('certmonger_ipa_helper', helper) + args = [paths.IPA_SERVER_GUARD] + args + helper = ' '.join(pipes.quote(a) for a in args) + ca_iface.Set('org.fedorahosted.certmonger.ca', + 'external-helper', helper) + finally: + if certmonger_stopped: + certmonger.stop() def __setup_ssl(self): fqdn = self.fqdn |