diff options
| author | Petr Vobornik <pvoborni@redhat.com> | 2017-04-25 18:19:21 +0200 |
|---|---|---|
| committer | Martin Basti <mbasti@redhat.com> | 2017-04-28 13:41:56 +0200 |
| commit | b4e447fa6fc7d659ae6a3b6285d4ddda0baa0be4 (patch) | |
| tree | f4b5dcd83175dbefd8f492b4bb201a40b18f7634 /client | |
| parent | d5c41ed4ad370c7d74296a830993a5bd3fd32e5f (diff) | |
| download | freeipa-b4e447fa6fc7d659ae6a3b6285d4ddda0baa0be4.tar.gz freeipa-b4e447fa6fc7d659ae6a3b6285d4ddda0baa0be4.tar.xz freeipa-b4e447fa6fc7d659ae6a3b6285d4ddda0baa0be4.zip | |
automount install: fix checking of SSSD functionality on uninstall
Change in 2d4d1a9dc0ef2bbe86751768d6e6b009a52c0dc9 no longer initializes
api in `ipa-client-automount --uninstallation` Which caused error in
wait_for_sssd which gets realm from initialized API.
This patch initializes the API in a way that it doesn't download schema
on uninstallation and on installation it uses host keytab for it so it
no longer requires user's Kerberos credentials.
Also fix call of xxx_service_class_factory which requires api as param.
https://pagure.io/freeipa/issue/6861
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Tomas Krizek <tkrizek@redhat.com>
Diffstat (limited to 'client')
| -rwxr-xr-x | client/ipa-client-automount | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/client/ipa-client-automount b/client/ipa-client-automount index 18914bd74..2b1d8b9a8 100755 --- a/client/ipa-client-automount +++ b/client/ipa-client-automount @@ -193,7 +193,7 @@ def configure_autofs_sssd(fstore, statestore, autodiscover, options): sssdconfig.write(paths.SSSD_CONF) statestore.backup_state('autofs', 'sssd', True) - sssd = services.service('sssd') + sssd = services.service('sssd', api) sssd.restart() print("Restarting sssd, waiting for it to become available.") wait_for_sssd() @@ -281,7 +281,7 @@ def uninstall(fstore, statestore): break sssdconfig.save_domain(domain) sssdconfig.write(paths.SSSD_CONF) - sssd = services.service('sssd') + sssd = services.service('sssd', api) sssd.restart() wait_for_sssd() except Exception as e: @@ -379,9 +379,6 @@ def main(): paths.IPACLIENT_INSTALL_LOG, verbose=False, debug=options.debug, filemode='a', console_format='%(message)s') - if options.uninstall: - return uninstall(fstore, statestore) - cfg = dict( context='cli_installer', confdir=paths.ETC_IPA, @@ -390,8 +387,11 @@ def main(): verbose=0, ) + # Bootstrap API early so that env object is available api.bootstrap(**cfg) - api.finalize() + + if options.uninstall: + return uninstall(fstore, statestore) ca_cert_path = None if os.path.exists(paths.IPA_CA_CRT): @@ -449,6 +449,10 @@ def main(): os.environ['KRB5CCNAME'] = ccache_name except gssapi.exceptions.GSSError as e: sys.exit("Failed to obtain host TGT: %s" % e) + + # Finalize API when TGT obtained using host keytab exists + api.finalize() + # Now we have a TGT, connect to IPA try: api.Backend.rpcclient.connect() |