Add xml-rpc interface for getting keytabs.

Warning: this lacks any sort of authorization.
author: Karl MacMillan <kmacmill@redhat.com> 2007-11-21 23:28:25 -0500
committer: Karl MacMillan <kmacmill@redhat.com> 2007-11-21 23:28:25 -0500
commit: edc7af1446af451ea5ed44420cceb05059a7b973 (patch)
tree: c8ef012239d7ed5f9cce0190d7f071b871e3d070 /ipa-server/ipaserver/krbinstance.py
parent: 9038bf71dd76d845746e0ea3e94bca9f52f60c03 (diff)
download: freeipa-edc7af1446af451ea5ed44420cceb05059a7b973.tar.gz
freeipa-edc7af1446af451ea5ed44420cceb05059a7b973.tar.xz
freeipa-edc7af1446af451ea5ed44420cceb05059a7b973.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/ipa-server/ipaserver/krbinstance.py b/ipa-server/ipaserver/krbinstance.py
index 84d677162..c83002f73 100644
--- a/ipa-server/ipaserver/krbinstance.py
+++ b/ipa-server/ipaserver/krbinstance.py
@@ -165,6 +165,7 @@ class KrbInstance(service.Service):
 
     def __copy_ldap_passwd(self, filename):
         shutil.copy(filename, "/var/kerberos/krb5kdc/ldappwd")
+        os.chmod("/var/kerberos/krb5kdc/ldappwd", 0600)
         
         
     def __configure_kdc_account_password(self):
@@ -175,6 +176,7 @@ class KrbInstance(service.Service):
         pwd_fd = open("/var/kerberos/krb5kdc/ldappwd", "w")
         pwd_fd.write("uid=kdc,cn=sysaccounts,cn=etc,"+self.suffix+"#{HEX}"+hexpwd+"\n")
         pwd_fd.close()
+        os.chmod("/var/kerberos/krb5kdc/ldappwd", 0600)
 
     def __setup_sub_dict(self):
         self.sub_dict = dict(FQDN=self.fqdn,
author	Karl MacMillan <kmacmill@redhat.com>	2007-11-21 23:28:25 -0500
committer	Karl MacMillan <kmacmill@redhat.com>	2007-11-21 23:28:25 -0500
commit	edc7af1446af451ea5ed44420cceb05059a7b973 (patch)
tree	c8ef012239d7ed5f9cce0190d7f071b871e3d070 /ipa-server/ipaserver/krbinstance.py
parent	9038bf71dd76d845746e0ea3e94bca9f52f60c03 (diff)
download	freeipa-edc7af1446af451ea5ed44420cceb05059a7b973.tar.gz freeipa-edc7af1446af451ea5ed44420cceb05059a7b973.tar.xz freeipa-edc7af1446af451ea5ed44420cceb05059a7b973.zip