diff options
author | Simo Sorce <simo@redhat.com> | 2014-11-24 13:06:23 -0500 |
---|---|---|
committer | Tomas Babej <tbabej@redhat.com> | 2014-12-11 07:04:18 +0100 |
commit | 8822be36d342c2bc499937c3f144e11ae98d8e58 (patch) | |
tree | f4cbd35f171c081b27c23800ece8273890634776 /ipaserver | |
parent | b5ff0b941efad5170ff5fdda4ab05b9f1c7a2113 (diff) | |
download | freeipa-8822be36d342c2bc499937c3f144e11ae98d8e58.tar.gz freeipa-8822be36d342c2bc499937c3f144e11ae98d8e58.tar.xz freeipa-8822be36d342c2bc499937c3f144e11ae98d8e58.zip |
Stop saving the master key in a stash file
This hasn't been used for a number of releases now, as ipa-kdb directly
fetches the key via LDAP.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-By: Tomas Babej <tbabej@redhat.com>
Diffstat (limited to 'ipaserver')
-rw-r--r-- | ipaserver/install/krbinstance.py | 26 |
1 files changed, 0 insertions, 26 deletions
diff --git a/ipaserver/install/krbinstance.py b/ipaserver/install/krbinstance.py index 81ed10581..6a480222f 100644 --- a/ipaserver/install/krbinstance.py +++ b/ipaserver/install/krbinstance.py @@ -199,7 +199,6 @@ class KrbInstance(service.Service): self.__common_setup(realm_name, host_name, domain_name, admin_password) self.step("adding sasl mappings to the directory", self.__configure_sasl_mappings) - self.step("writing stash file from DS", self.__write_stash_from_ds) self.step("configuring KDC", self.__configure_instance) self.step("creating a keytab for the directory", self.__create_ds_keytab) self.step("creating a keytab for the machine", self.__create_host_keytab) @@ -373,31 +372,6 @@ class KrbInstance(service.Service): appendvars=appendvars) tasks.restore_context(paths.SYSCONFIG_KRB5KDC_DIR) - def __write_stash_from_ds(self): - try: - entries = self.admin_conn.get_entries( - self.get_realm_suffix(), self.admin_conn.SCOPE_SUBTREE) - # TODO: Ensure we got only one entry - entry = entries[0] - except errors.NotFound, e: - root_logger.critical("Could not find master key in DS") - raise e - - krbMKey = pyasn1.codec.ber.decoder.decode( - entry.single_value.get('krbmkey')) - keytype = int(krbMKey[0][1][0]) - keydata = str(krbMKey[0][1][1]) - - format = '=hi%ss' % len(keydata) - s = struct.pack(format, keytype, len(keydata), keydata) - try: - fd = open(paths.VAR_KRB5KDC_K5_REALM+self.realm, "w") - fd.write(s) - fd.close() - except os.error, e: - root_logger.critical("failed to write stash file") - raise e - #add the password extop module def __add_pwd_extop_module(self): self._ldap_mod("pwd-extop-conf.ldif", self.sub_dict) |