diff options
author | Rob Crittenden <rcritten@redhat.com> | 2010-05-03 15:21:51 -0400 |
---|---|---|
committer | Jason Gerard DeRose <jderose@redhat.com> | 2010-05-03 13:41:18 -0600 |
commit | 04e9056ec2b6e0360f3f3545fd638ecc17aaad2c (patch) | |
tree | b9fefef29f7ba68c1932aac39f7b2bedfc85d356 /ipa-client | |
parent | 6d35812252cb4fcf34cf13bf88cbb705560afc3a (diff) | |
download | freeipa-04e9056ec2b6e0360f3f3545fd638ecc17aaad2c.tar.gz freeipa-04e9056ec2b6e0360f3f3545fd638ecc17aaad2c.tar.xz freeipa-04e9056ec2b6e0360f3f3545fd638ecc17aaad2c.zip |
Make the installer/uninstaller more aware of its state
We have had a state file for quite some time that is used to return
the system to its pre-install state. We can use that to determine what
has been configured.
This patch:
- uses the state file to determine if dogtag was installed
- prevents someone from trying to re-install an installed server
- displays some output when uninstalling
- re-arranges the ipa_kpasswd installation so the state is properly saved
- removes pkiuser if it was added by the installer
- fetches and installs the CA on both masters and clients
Diffstat (limited to 'ipa-client')
-rwxr-xr-x | ipa-client/ipa-install/ipa-client-install | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install index 0be4a4c3e..4b7a22c2c 100755 --- a/ipa-client/ipa-install/ipa-client-install +++ b/ipa-client/ipa-install/ipa-client-install @@ -535,10 +535,9 @@ def main(): print "Configured /etc/ldap.conf" # Get the CA certificate - if not options.on_master: - run(["/usr/bin/wget", "-O", "/etc/ipa/ca.crt", "http://%s/ipa/config/ca.crt" % cli_server]) - # Add the CA to the default NSS database and trust it - run(["/usr/bin/certutil", "-A", "-d", "/etc/pki/nssdb", "-n", "IPA CA", "-t", "CT,C,C", "-a", "-i", "/etc/ipa/ca.crt"]) + run(["/usr/bin/wget", "-O", "/etc/ipa/ca.crt", "http://%s/ipa/config/ca.crt" % cli_server]) + # Add the CA to the default NSS database and trust it + run(["/usr/bin/certutil", "-A", "-d", "/etc/pki/nssdb", "-n", "IPA CA", "-t", "CT,C,C", "-a", "-i", "/etc/ipa/ca.crt"]) if not options.on_master: configure_certmonger(fstore, subject_base, cli_realm, options) |