diff options
| author | Martin Babinsky <mbabinsk@redhat.com> | 2015-05-15 19:02:22 +0200 |
|---|---|---|
| committer | Jan Cholasta <jcholast@redhat.com> | 2015-05-25 16:23:32 +0000 |
| commit | 6a4b428120c2e351ad0f1b4573f50b106844b1fd (patch) | |
| tree | efd52a4aa59c5194c57389866310cebb319cb05f /install/tools/ipa-server-install | |
| parent | 5fd8e53f66bcc96afbcf08686c345e6f2b7ee775 (diff) | |
| download | freeipa-6a4b428120c2e351ad0f1b4573f50b106844b1fd.tar.gz freeipa-6a4b428120c2e351ad0f1b4573f50b106844b1fd.tar.xz freeipa-6a4b428120c2e351ad0f1b4573f50b106844b1fd.zip | |
merge KRA installation machinery to a single module
This is a prerequisite to further refactoring of KRA install/uninstall
functionality in all IPA install scripts.
https://fedorahosted.org/freeipa/ticket/4468
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Diffstat (limited to 'install/tools/ipa-server-install')
| -rwxr-xr-x | install/tools/ipa-server-install | 29 |
1 files changed, 11 insertions, 18 deletions
diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install index cb6e1abe2..9bb8955dc 100755 --- a/install/tools/ipa-server-install +++ b/install/tools/ipa-server-install @@ -53,13 +53,13 @@ from ipaserver.install import httpinstance from ipaserver.install import ntpinstance from ipaserver.install import certs from ipaserver.install import cainstance -from ipaserver.install import krainstance from ipaserver.install import memcacheinstance from ipaserver.install import otpdinstance from ipaserver.install import sysupgrade from ipaserver.install import replication from ipaserver.install import dns as dns_installer from ipaserver.install import service, installutils +from ipaserver.install import kra from ipapython import version from ipapython import certmonger from ipapython import ipaldap @@ -577,11 +577,7 @@ def uninstall(): if cads_instance.is_configured(): cads_instance.uninstall() - kra_instance = krainstance.KRAInstance( - api.env.realm, dogtag_constants=dogtag_constants) - kra_instance.stop_tracking_certificates() - if kra_instance.is_installed(): - kra_instance.uninstall() + kra.uninstall() ca_instance = cainstance.CAInstance( api.env.realm, certs.NSS_DIR, dogtag_constants=dogtag_constants) @@ -1036,6 +1032,14 @@ def main(): else: admin_password = options.admin_password + if setup_kra: + try: + kra.install_check(None, options, False, + dogtag.install_constants.DOGTAG_VERSION) + except RuntimeError as e: + print str(e) + exit(1) + if options.setup_dns: dns_installer.install_check(False, False, options, host_name) ip_addresses = dns_installer.ip_addresses @@ -1290,18 +1294,7 @@ def main(): http.restart() if setup_kra: - kra = krainstance.KRAInstance(realm_name, - dogtag_constants=dogtag.install_constants) - kra.configure_instance(host_name, domain_name, dm_password, - dm_password, subject_base=options.subject) - - # This is done within stopped_service context, which restarts KRA - service.print_msg("Restarting the directory server") - ds.restart() - - service.print_msg("Enabling KRA to authenticate with the database " - "using client certificates") - kra.enable_client_auth_to_db(kra.dogtag_constants.KRA_CS_CFG_PATH) + kra.install(None, options, dm_password) # Set the admin user kerberos password ds.change_admin_password(admin_password) |