diff options
author | Jan Cholasta <jcholast@redhat.com> | 2015-06-10 08:50:42 +0000 |
---|---|---|
committer | Jan Cholasta <jcholast@redhat.com> | 2015-06-10 16:17:34 +0000 |
commit | e7ac57e1390c76c3d7fdb2710808def107d21d6d (patch) | |
tree | 6da3a711fc6b251f57471b53a182afff770e0b19 /ipaserver/install/server | |
parent | cbcd86b5001039db468b46aefd83926a2b721eb5 (diff) | |
download | freeipa-e7ac57e1390c76c3d7fdb2710808def107d21d6d.tar.gz freeipa-e7ac57e1390c76c3d7fdb2710808def107d21d6d.tar.xz freeipa-e7ac57e1390c76c3d7fdb2710808def107d21d6d.zip |
vault: Fix ipa-kra-install
Use state in LDAP rather than local state to check if KRA is installed.
Use correct log file names.
https://fedorahosted.org/freeipa/ticket/3872
Reviewed-By: David Kupka <dkupka@redhat.com>
Diffstat (limited to 'ipaserver/install/server')
-rw-r--r-- | ipaserver/install/server/install.py | 7 | ||||
-rw-r--r-- | ipaserver/install/server/replicainstall.py | 33 |
2 files changed, 18 insertions, 22 deletions
diff --git a/ipaserver/install/server/install.py b/ipaserver/install/server/install.py index 89473dc02..bde348518 100644 --- a/ipaserver/install/server/install.py +++ b/ipaserver/install/server/install.py @@ -602,8 +602,7 @@ def install_check(installer): if setup_kra: try: - kra.install_check(None, options, False, - dogtag.install_constants.DOGTAG_VERSION) + kra.install_check(api, None, options) except RuntimeError as e: print str(e) sys.exit(1) @@ -865,7 +864,7 @@ def install(installer): http.restart() if setup_kra: - kra.install(None, options, dm_password) + kra.install(api, None, options) # Set the admin user kerberos password ds.change_admin_password(admin_password) @@ -1060,7 +1059,7 @@ def uninstall(installer): ntpinstance.NTPInstance(fstore).uninstall() - kra.uninstall() + kra.uninstall(False) ca.uninstall(dogtag_constants) diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py index 0429a4057..34580ce19 100644 --- a/ipaserver/install/server/replicainstall.py +++ b/ipaserver/install/server/replicainstall.py @@ -379,8 +379,6 @@ def install_check(installer): fd.write("enable_ra=False\n") fd.write("ra_plugin=none\n") - fd.write("enable_kra=%s\n" % config.setup_kra) - fd.write("mode=production\n") fd.close() finally: @@ -480,6 +478,18 @@ def install_check(installer): root_logger.debug('No IPA DNS servers, ' 'skipping forward/reverse resolution check') + if options.setup_ca: + options.realm_name = config.realm_name + options.host_name = config.host_name + options.subject = config.subject_base + ca.install_check(False, config, options) + + if config.setup_kra: + try: + kra.install_check(remote_api, config, options) + except RuntimeError as e: + print str(e) + sys.exit(1) except errors.ACIError: sys.exit("\nThe password provided is incorrect for LDAP server " "%s" % config.master_host_name) @@ -492,20 +502,6 @@ def install_check(installer): if conn.isconnected(): conn.disconnect() - if options.setup_ca: - options.realm_name = config.realm_name - options.host_name = config.host_name - options.subject = config.subject_base - ca.install_check(False, config, options) - - if config.setup_kra: - try: - kra.install_check(config, options, False, - dogtag.install_constants.DOGTAG_VERSION) - except RuntimeError as e: - print str(e) - sys.exit(1) - if options.setup_dns: dns.install_check(False, True, options, config.host_name) else: @@ -567,10 +563,11 @@ def install(installer): if conn.isconnected(): conn.disconnect() + options.dm_password = config.dirman_password + if config.setup_ca: options.realm_name = config.realm_name options.domain_name = config.domain_name - options.dm_password = config.dirman_password options.host_name = config.host_name ca.install(False, config, options) @@ -591,7 +588,7 @@ def install(installer): ds.apply_updates() if options.setup_kra: - kra.install(config, options, config.dirman_password) + kra.install(api, config, options) else: service.print_msg("Restarting the directory server") ds.restart() |