diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2010-09-10 15:57:40 -0400 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2010-09-10 17:04:01 -0400 |
| commit | 67a454951993b1f04f3feeab7462dcaf6d23fb61 (patch) | |
| tree | 58f78ff79f90c501a5756d013a55e4c0874f22a0 | |
| parent | a091be064d86625a3c3d9152441758819043151e (diff) | |
| download | freeipa-67a454951993b1f04f3feeab7462dcaf6d23fb61.tar.gz freeipa-67a454951993b1f04f3feeab7462dcaf6d23fb61.tar.xz freeipa-67a454951993b1f04f3feeab7462dcaf6d23fb61.zip | |
Remove some additional instances of krbV from ipa-client
Make two krbV imports conditional. These aren't used during a client
install so should cause no problems.
Also fix the client installer to use the new env option in ipautil.run.
We weren't getting the krb5 configuration set in the environment because
we were overriding the environment to set the PATH.
ticket 136
| -rwxr-xr-x | ipa-client/ipa-install/ipa-client-install | 10 | ||||
| -rw-r--r-- | ipalib/util.py | 5 | ||||
| -rw-r--r-- | ipapython/config.py | 10 |
3 files changed, 16 insertions, 9 deletions
diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install index d8ce5c930..cf002d316 100755 --- a/ipa-client/ipa-install/ipa-client-install +++ b/ipa-client/ipa-install/ipa-client-install @@ -490,6 +490,7 @@ def main(): options = parse_options() logging_setup(options) dnsok = True + env={"PATH":"/bin:/sbin:/usr/kerberos/bin:/usr/kerberos/sbin:/usr/bin:/usr/sbin"} global fstore fstore = sysrestore.FileStore('/var/lib/ipa-client/sysrestore') @@ -605,7 +606,7 @@ def main(): if configure_krb5_conf(fstore, cli_basedn, cli_realm, cli_domain, cli_server, dnsok, options, krb_name): print "Test kerberos configuration failed" return 1 - os.environ['KRB5_CONFIG'] = krb_name + env['KRB5_CONFIG'] = krb_name join_args = ["/usr/sbin/ipa-join", "-s", cli_server] if options.debug: join_args.append("-d") @@ -627,7 +628,7 @@ def main(): else: stdin = sys.stdin.readline() - (stderr, stdout, returncode) = run(["/usr/kerberos/bin/kinit", principal], raiseonerr=False, stdin=stdin) + (stderr, stdout, returncode) = run(["kinit", principal], raiseonerr=False, stdin=stdin, env=env) print "" if returncode != 0: print stdout @@ -644,7 +645,7 @@ def main(): join_args.append(password) # Now join the domain - (stdout, stderr, returncode) = run(join_args, raiseonerr=False) + (stdout, stderr, returncode) = run(join_args, raiseonerr=False, env=env) if returncode != 0: print "Joining realm failed: %s" % stderr, @@ -660,8 +661,7 @@ def main(): finally: if options.principal is not None: - (stderr, stdout, returncode) = run(["/usr/kerberos/bin/kdestroy"], raiseonerr=False) - del os.environ['KRB5_CONFIG'] + (stderr, stdout, returncode) = run(["kdestroy"], raiseonerr=False, env=env) os.remove(krb_name) os.remove(krb_name + ".ipabkp") diff --git a/ipalib/util.py b/ipalib/util.py index 4aff88f83..6bd1da541 100644 --- a/ipalib/util.py +++ b/ipalib/util.py @@ -25,7 +25,6 @@ import os import imp import logging import time -import krbV import socket from types import NoneType @@ -49,7 +48,11 @@ def json_serialize(obj): def get_current_principal(): try: + # krbV isn't necessarily available on client machines, fail gracefully + import krbV return unicode(krbV.default_context().default_ccache().principal().name) + except ImportError: + raise RuntimeError('python-krbV is not available.') except krbV.Krb5Error: #TODO: do a kinit? raise errors.CCacheError() diff --git a/ipapython/config.py b/ipapython/config.py index f3532c479..12d916cff 100644 --- a/ipapython/config.py +++ b/ipapython/config.py @@ -20,7 +20,6 @@ import ConfigParser from optparse import OptionParser, IndentedHelpFormatter -import krbV import socket import ipapython.dnsclient import re @@ -113,8 +112,13 @@ def __discover_config(discover_server = True): rl = 0 try: if not config.default_realm: - krbctx = krbV.default_context() - config.default_realm = krbctx.default_realm + try: + # only import krbV when we need it + import krbV + krbctx = krbV.default_context() + config.default_realm = krbctx.default_realm + except ImportError: + pass if not config.default_realm: return False |