summaryrefslogtreecommitdiffstats
path: root/base/server/python/pki/server/deployment/scriptlets/configuration.py
diff options
context:
space:
mode:
Diffstat (limited to 'base/server/python/pki/server/deployment/scriptlets/configuration.py')
-rw-r--r--base/server/python/pki/server/deployment/scriptlets/configuration.py32
1 files changed, 0 insertions, 32 deletions
diff --git a/base/server/python/pki/server/deployment/scriptlets/configuration.py b/base/server/python/pki/server/deployment/scriptlets/configuration.py
index fc5dc84c4..17ca83681 100644
--- a/base/server/python/pki/server/deployment/scriptlets/configuration.py
+++ b/base/server/python/pki/server/deployment/scriptlets/configuration.py
@@ -54,38 +54,6 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
config.pki_log.info(log.CONFIGURATION_SPAWN_1, __name__,
extra=config.PKI_INDENTATION_LEVEL_1)
- # Place "slightly" less restrictive permissions on
- # the top-level client directory ONLY
- deployer.directory.create(
- deployer.mdict['pki_client_subsystem_dir'],
- uid=0, gid=0,
- perms=config.PKI_DEPLOYMENT_DEFAULT_CLIENT_DIR_PERMISSIONS)
- # Since 'certutil' does NOT strip the 'token=' portion of
- # the 'token=password' entries, create a client password file
- # which ONLY contains the 'password' for the purposes of
- # allowing 'certutil' to generate the security databases
- deployer.password.create_password_conf(
- deployer.mdict['pki_client_password_conf'],
- deployer.mdict['pki_client_database_password'], pin_sans_token=True)
- deployer.file.modify(
- deployer.mdict['pki_client_password_conf'],
- uid=0, gid=0)
- # Similarly, create a simple password file containing the
- # PKCS #12 password used when exporting the "Admin Certificate"
- # into a PKCS #12 file
- deployer.password.create_client_pkcs12_password_conf(
- deployer.mdict['pki_client_pkcs12_password_conf'])
- deployer.file.modify(deployer.mdict['pki_client_pkcs12_password_conf'])
- deployer.directory.create(
- deployer.mdict['pki_client_database_dir'],
- uid=0, gid=0)
- deployer.certutil.create_security_databases(
- deployer.mdict['pki_client_database_dir'],
- deployer.mdict['pki_client_cert_database'],
- deployer.mdict['pki_client_key_database'],
- deployer.mdict['pki_client_secmod_database'],
- password_file=deployer.mdict['pki_client_password_conf'])
-
instance = pki.server.PKIInstance(deployer.mdict['pki_instance_name'])
instance.load()
generated by cgit (git 2.34.1) at 2024-05-04 13:43:33 +0000