diff options
Diffstat (limited to 'ipaserver/install/certs.py')
-rw-r--r-- | ipaserver/install/certs.py | 25 |
1 files changed, 14 insertions, 11 deletions
diff --git a/ipaserver/install/certs.py b/ipaserver/install/certs.py index ead9c8159..affa26127 100644 --- a/ipaserver/install/certs.py +++ b/ipaserver/install/certs.py @@ -36,7 +36,7 @@ from ipapython import certmonger from ipapython.certdb import get_ca_nickname from ipalib import pkcs10 from ConfigParser import RawConfigParser, MissingSectionHeaderError -import service +from ipapython import services as ipaservices from ipalib import x509 from ipalib.dn import DN from ipalib.errors import CertificateOperationError @@ -483,29 +483,30 @@ class CertDB(object): """ Tell certmonger to track the given certificate nickname. """ - service.chkconfig_on("certmonger") - service.start("messagebus") - service.start("certmonger") + cmonger = ipaservices.knownservices.certmonger + cmonger.enable() + ipaservices.knownservices.messagebus.start() + cmonger.start() try: (stdout, stderr, rc) = certmonger.start_tracking(nickname, self.secdir, password_file) except (ipautil.CalledProcessError, RuntimeError), e: logging.error("certmonger failed starting to track certificate: %s" % str(e)) return - service.stop("certmonger") + cmonger.stop() cert = self.get_cert_from_db(nickname) nsscert = x509.load_certificate(cert, dbdir=self.secdir) subject = str(nsscert.subject) m = re.match('New tracking request "(\d+)" added', stdout) if not m: - logging.error('Didn\'t get new certmonger request, got %s' % stdout) - raise RuntimeError('certmonger did not issue new tracking request for \'%s\' in \'%s\'. Use \'ipa-getcert list\' to list existing certificates.' % (nickname, self.secdir)) + logging.error('Didn\'t get new %s request, got %s' % (cmonger.service_name, stdout)) + raise RuntimeError('%s did not issue new tracking request for \'%s\' in \'%s\'. Use \'ipa-getcert list\' to list existing certificates.' % (cmonger.service_name, nickname, self.secdir)) request_id = m.group(1) certmonger.add_principal(request_id, principal) certmonger.add_subject(request_id, subject) - service.start("certmonger") + cmonger.start() def untrack_server_cert(self, nickname): """ @@ -514,13 +515,14 @@ class CertDB(object): # Always start certmonger. We can't untrack something if it isn't # running - service.start("messagebus") - service.start("certmonger") + cmonger = ipaservices.knownservices.certmonger + ipaservices.knownservices.messagebus.start() + cmonger.start() try: certmonger.stop_tracking(self.secdir, nickname=nickname) except (ipautil.CalledProcessError, RuntimeError), e: logging.error("certmonger failed to stop tracking certificate: %s" % str(e)) - service.stop("certmonger") + cmonger.stop() def create_server_cert(self, nickname, hostname, other_certdb=None, subject=None): """ @@ -770,6 +772,7 @@ class CertDB(object): f.write(pwdfile.read()) f.close() pwdfile.close() + # TODO: replace explicit uid by a platform-specific one self.set_perms(self.pwd_conf, uid="apache") def find_root_cert(self, nickname): |