diff options
author | Jan Cholasta <jcholast@redhat.com> | 2014-07-24 16:32:00 +0200 |
---|---|---|
committer | Petr Viktorin <pviktori@redhat.com> | 2014-07-28 19:28:27 +0200 |
commit | 131353773643c5a7e0b155486759e6f6103cbee4 (patch) | |
tree | 65edea3465e3bf4309f7d7ed83e51281a62f7793 | |
parent | 42d035f64c4d41bbae5fe061805b2de6febe2c7e (diff) | |
download | freeipa-131353773643c5a7e0b155486759e6f6103cbee4.tar.gz freeipa-131353773643c5a7e0b155486759e6f6103cbee4.tar.xz freeipa-131353773643c5a7e0b155486759e6f6103cbee4.zip |
Check if /root/ipa.csr exists when installing server with external CA.
Remove the file on uninstall.
https://fedorahosted.org/freeipa/ticket/4303
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
-rwxr-xr-x | install/tools/ipa-server-install | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install index fc9cef060..da6004132 100755 --- a/install/tools/ipa-server-install +++ b/install/tools/ipa-server-install @@ -540,6 +540,10 @@ def uninstall(): os.remove(ANSWER_CACHE) except Exception: pass + try: + os.remove(paths.ROOT_IPA_CSR) + except Exception: + pass # ipa-client-install removes /etc/ipa/default.conf @@ -713,13 +717,21 @@ def main(): if options.external_ca: if cainstance.is_step_one_done(): - print "CA is already installed.\nRun the installer with --external_cert_file and --external_ca_file." + print ("CA is already installed.\nRun the installer with " + "--external_cert_file and --external_ca_file.") + sys.exit(1) + if ipautil.file_exists(paths.ROOT_IPA_CSR): + print ("CA CSR file %s already exists.\nIn order to continue " + "remove the file and run the installer again." % + paths.ROOT_IPA_CSR) sys.exit(1) elif options.external_cert_file: if not cainstance.is_step_one_done(): # This can happen if someone passes external_ca_file without # already having done the first stage of the CA install. - print "CA is not installed yet. To install with an external CA is a two-stage process.\nFirst run the installer with --external-ca." + print ("CA is not installed yet. To install with an external CA " + "is a two-stage process.\nFirst run the installer with " + "--external-ca.") sys.exit(1) # This will override any settings passed in on the cmdline |