summaryrefslogtreecommitdiffstats
path: root/ipaserver/install/server
diff options
context:
space:
mode:
authorJan Cholasta <jcholast@redhat.com>2015-06-10 08:50:42 +0000
committerJan Cholasta <jcholast@redhat.com>2015-06-10 16:17:34 +0000
commite7ac57e1390c76c3d7fdb2710808def107d21d6d (patch)
tree6da3a711fc6b251f57471b53a182afff770e0b19 /ipaserver/install/server
parentcbcd86b5001039db468b46aefd83926a2b721eb5 (diff)
downloadfreeipa-e7ac57e1390c76c3d7fdb2710808def107d21d6d.tar.gz
freeipa-e7ac57e1390c76c3d7fdb2710808def107d21d6d.tar.xz
freeipa-e7ac57e1390c76c3d7fdb2710808def107d21d6d.zip
vault: Fix ipa-kra-install
Use state in LDAP rather than local state to check if KRA is installed. Use correct log file names. https://fedorahosted.org/freeipa/ticket/3872 Reviewed-By: David Kupka <dkupka@redhat.com>
Diffstat (limited to 'ipaserver/install/server')
-rw-r--r--ipaserver/install/server/install.py7
-rw-r--r--ipaserver/install/server/replicainstall.py33
2 files changed, 18 insertions, 22 deletions
diff --git a/ipaserver/install/server/install.py b/ipaserver/install/server/install.py
index 89473dc02..bde348518 100644
--- a/ipaserver/install/server/install.py
+++ b/ipaserver/install/server/install.py
@@ -602,8 +602,7 @@ def install_check(installer):
if setup_kra:
try:
- kra.install_check(None, options, False,
- dogtag.install_constants.DOGTAG_VERSION)
+ kra.install_check(api, None, options)
except RuntimeError as e:
print str(e)
sys.exit(1)
@@ -865,7 +864,7 @@ def install(installer):
http.restart()
if setup_kra:
- kra.install(None, options, dm_password)
+ kra.install(api, None, options)
# Set the admin user kerberos password
ds.change_admin_password(admin_password)
@@ -1060,7 +1059,7 @@ def uninstall(installer):
ntpinstance.NTPInstance(fstore).uninstall()
- kra.uninstall()
+ kra.uninstall(False)
ca.uninstall(dogtag_constants)
diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py
index 0429a4057..34580ce19 100644
--- a/ipaserver/install/server/replicainstall.py
+++ b/ipaserver/install/server/replicainstall.py
@@ -379,8 +379,6 @@ def install_check(installer):
fd.write("enable_ra=False\n")
fd.write("ra_plugin=none\n")
- fd.write("enable_kra=%s\n" % config.setup_kra)
-
fd.write("mode=production\n")
fd.close()
finally:
@@ -480,6 +478,18 @@ def install_check(installer):
root_logger.debug('No IPA DNS servers, '
'skipping forward/reverse resolution check')
+ if options.setup_ca:
+ options.realm_name = config.realm_name
+ options.host_name = config.host_name
+ options.subject = config.subject_base
+ ca.install_check(False, config, options)
+
+ if config.setup_kra:
+ try:
+ kra.install_check(remote_api, config, options)
+ except RuntimeError as e:
+ print str(e)
+ sys.exit(1)
except errors.ACIError:
sys.exit("\nThe password provided is incorrect for LDAP server "
"%s" % config.master_host_name)
@@ -492,20 +502,6 @@ def install_check(installer):
if conn.isconnected():
conn.disconnect()
- if options.setup_ca:
- options.realm_name = config.realm_name
- options.host_name = config.host_name
- options.subject = config.subject_base
- ca.install_check(False, config, options)
-
- if config.setup_kra:
- try:
- kra.install_check(config, options, False,
- dogtag.install_constants.DOGTAG_VERSION)
- except RuntimeError as e:
- print str(e)
- sys.exit(1)
-
if options.setup_dns:
dns.install_check(False, True, options, config.host_name)
else:
@@ -567,10 +563,11 @@ def install(installer):
if conn.isconnected():
conn.disconnect()
+ options.dm_password = config.dirman_password
+
if config.setup_ca:
options.realm_name = config.realm_name
options.domain_name = config.domain_name
- options.dm_password = config.dirman_password
options.host_name = config.host_name
ca.install(False, config, options)
@@ -591,7 +588,7 @@ def install(installer):
ds.apply_updates()
if options.setup_kra:
- kra.install(config, options, config.dirman_password)
+ kra.install(api, config, options)
else:
service.print_msg("Restarting the directory server")
ds.restart()