summaryrefslogtreecommitdiffstats
path: root/ipa-client/ipa-install/ipa-client-install
diff options
context:
space:
mode:
Diffstat (limited to 'ipa-client/ipa-install/ipa-client-install')
-rwxr-xr-xipa-client/ipa-install/ipa-client-install11
1 files changed, 10 insertions, 1 deletions
diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install
index ee8e58318..7b057a987 100755
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -42,6 +42,8 @@ try:
from ipalib import api, errors
from ipapython.dn import DN
from ipapython.ssh import SSHPublicKey
+ from ipapython import kernel_keyring
+ from ipalib.rpc import COOKIE_NAME
import SSSDConfig
from ConfigParser import RawConfigParser
from optparse import SUPPRESS_HELP, OptionGroup
@@ -1666,13 +1668,14 @@ def install(options, env, fstore, statestore):
root_logger.info("Failed to add CA to the default NSS database.")
return CLIENT_INSTALL_ERROR
+ host_principal = 'host/%s@%s' % (hostname, cli_realm)
if options.on_master:
# If on master assume kerberos is already configured properly.
# Get the host TGT.
os.environ['KRB5CCNAME'] = CCACHE_FILE
try:
run(['/usr/bin/kinit', '-k', '-t', '/etc/krb5.keytab',
- 'host/%s@%s' % (hostname, cli_realm)])
+ host_principal])
except CalledProcessError, e:
root_logger.error("Failed to obtain host TGT.")
return CLIENT_INSTALL_ERROR
@@ -1693,6 +1696,12 @@ def install(options, env, fstore, statestore):
root_logger.info(
"Configured /etc/krb5.conf for IPA realm %s", cli_realm)
+ # Clear out any current session keyring information
+ try:
+ kernel_keyring.del_key(COOKIE_NAME % host_principal)
+ except ValueError:
+ pass
+
# Now, let's try to connect to the server's XML-RPC interface
try:
api.Backend.xmlclient.connect()
generated by cgit (git 2.34.1) at 2024-09-20 21:32:29 +0000