diff options
author | Jan Cholasta <jcholast@redhat.com> | 2013-06-03 10:20:52 +0200 |
---|---|---|
committer | Petr Viktorin <pviktori@redhat.com> | 2013-06-12 12:59:54 +0200 |
commit | 5ae8515c20d1963a371210e47982beec5dd6ea00 (patch) | |
tree | ff3e91ae6c9a54f80368441d0e4a32a6d975ad44 /install | |
parent | 2ccadf4726d580d12043070180c3c85b58b5db44 (diff) | |
download | freeipa-5ae8515c20d1963a371210e47982beec5dd6ea00.tar.gz freeipa-5ae8515c20d1963a371210e47982beec5dd6ea00.tar.xz freeipa-5ae8515c20d1963a371210e47982beec5dd6ea00.zip |
Do not allow installing CA replicas in CA-less setup.
https://fedorahosted.org/freeipa/ticket/3673
https://fedorahosted.org/freeipa/ticket/3674
Diffstat (limited to 'install')
-rwxr-xr-x | install/tools/ipa-ca-install | 4 | ||||
-rwxr-xr-x | install/tools/ipa-replica-install | 4 |
2 files changed, 8 insertions, 0 deletions
diff --git a/install/tools/ipa-ca-install b/install/tools/ipa-ca-install index 3b7e9d206..060cc6692 100755 --- a/install/tools/ipa-ca-install +++ b/install/tools/ipa-ca-install @@ -160,6 +160,10 @@ def main(): config.dir = dir config.setup_ca = True + if ipautil.file_exists(config.dir + "/dscert.p12"): + print 'CA cannot be installed in CA-less setup.' + sys.exit(1) + portfile = config.dir + "/dogtag_directory_port.txt" if not ipautil.file_exists(portfile): dogtag_master_ds_port = str(dogtag.Dogtag9Constants.DS_PORT) diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install index 209ca850f..5b3a88f6a 100755 --- a/install/tools/ipa-replica-install +++ b/install/tools/ipa-replica-install @@ -513,6 +513,10 @@ def main(): config.dir = dir config.setup_ca = options.setup_ca + if config.setup_ca and ipautil.file_exists(config.dir + "/dscert.p12"): + print 'CA cannot be installed in CA-less setup.' + sys.exit(1) + installutils.verify_fqdn(config.master_host_name, options.no_host_dns) portfile = config.dir + "/dogtag_directory_port.txt" |