diff options
author | Jan Cholasta <jcholast@redhat.com> | 2013-06-03 10:20:52 +0200 |
---|---|---|
committer | Petr Viktorin <pviktori@redhat.com> | 2013-06-12 12:58:58 +0200 |
commit | 20431ebbb4070f0ccd4fe6dbc3edd9cdf627a234 (patch) | |
tree | 94fbc10b8eac9b25b0567af843a1a29c1e8d1a73 | |
parent | bf4a5c8d501d678f4f030ae1edf3022463d0d8bd (diff) | |
download | freeipa.git-20431ebbb4070f0ccd4fe6dbc3edd9cdf627a234.tar.gz freeipa.git-20431ebbb4070f0ccd4fe6dbc3edd9cdf627a234.tar.xz freeipa.git-20431ebbb4070f0ccd4fe6dbc3edd9cdf627a234.zip |
Do not allow installing CA replicas in CA-less setup.
https://fedorahosted.org/freeipa/ticket/3673
https://fedorahosted.org/freeipa/ticket/3674
-rwxr-xr-x | install/tools/ipa-ca-install | 4 | ||||
-rwxr-xr-x | install/tools/ipa-replica-install | 4 |
2 files changed, 8 insertions, 0 deletions
diff --git a/install/tools/ipa-ca-install b/install/tools/ipa-ca-install index 475fe2bd..e32cd83f 100755 --- a/install/tools/ipa-ca-install +++ b/install/tools/ipa-ca-install @@ -160,6 +160,10 @@ def main(): config.dir = dir config.setup_ca = True + if ipautil.file_exists(config.dir + "/dscert.p12"): + print 'CA cannot be installed in CA-less setup.' + sys.exit(1) + portfile = config.dir + "/dogtag_directory_port.txt" if not ipautil.file_exists(portfile): dogtag_master_ds_port = str(dogtag.Dogtag9Constants.DS_PORT) diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install index e93e30bf..575b1a87 100755 --- a/install/tools/ipa-replica-install +++ b/install/tools/ipa-replica-install @@ -513,6 +513,10 @@ def main(): config.dir = dir config.setup_ca = options.setup_ca + if config.setup_ca and ipautil.file_exists(config.dir + "/dscert.p12"): + print 'CA cannot be installed in CA-less setup.' + sys.exit(1) + installutils.verify_fqdn(config.master_host_name, options.no_host_dns) portfile = config.dir + "/dogtag_directory_port.txt" |