diff options
Diffstat (limited to 'install/tools')
| -rwxr-xr-x | install/tools/ipa-replica-install | 8 | ||||
| -rwxr-xr-x | install/tools/ipa-server-install | 8 | ||||
| -rw-r--r-- | install/tools/man/ipa-replica-install.1 | 6 | ||||
| -rw-r--r-- | install/tools/man/ipa-server-install.1 | 6 |
4 files changed, 28 insertions, 0 deletions
diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install index dda4db90..0b8ab2ae 100755 --- a/install/tools/ipa-replica-install +++ b/install/tools/ipa-replica-install @@ -63,6 +63,10 @@ def parse_options(): help="do not configure ntp", default=True) basic_group.add_option("--no-ui-redirect", dest="ui_redirect", action="store_false", default=True, help="Do not automatically redirect to the Web UI") + basic_group.add_option("--ssh-trust-dns", dest="trust_sshfp", default=False, action="store_true", + help="configure OpenSSH client to trust DNS SSHFP records") + basic_group.add_option("--no-sshd", dest="conf_sshd", default=True, action="store_false", + help="do not configure OpenSSH server") basic_group.add_option("--skip-conncheck", dest="skip_conncheck", action="store_true", default=False, help="skip connection check to remote master") basic_group.add_option("-d", "--debug", dest="debug", action="store_true", @@ -460,6 +464,10 @@ def main(): args = ["/usr/sbin/ipa-client-install", "--on-master", "--unattended", "--domain", config.domain_name, "--server", config.host_name, "--realm", config.realm_name] if not options.create_sshfp: args.append("--no-dns-sshfp") + if options.trust_sshfp: + args.append("--ssh-trust-dns") + if not options.conf_sshd: + args.append("--no-sshd") ipautil.run(args) except Exception, e: print "Configuration of client side components failed!" diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install index 2d6f0672..f7de5440 100755 --- a/install/tools/ipa-server-install +++ b/install/tools/ipa-server-install @@ -141,6 +141,10 @@ def parse_options(): help="Don't install allow_all HBAC rule") basic_group.add_option("--no-ui-redirect", dest="ui_redirect", action="store_false", default=True, help="Do not automatically redirect to the Web UI") + basic_group.add_option("--ssh-trust-dns", dest="trust_sshfp", default=False, action="store_true", + help="configure OpenSSH client to trust DNS SSHFP records") + basic_group.add_option("--no-sshd", dest="conf_sshd", default=True, action="store_false", + help="do not configure OpenSSH server") basic_group.add_option("-d", "--debug", dest="debug", action="store_true", default=False, help="print debugging information") basic_group.add_option("-U", "--unattended", dest="unattended", action="store_true", @@ -1042,6 +1046,10 @@ def main(): args = ["/usr/sbin/ipa-client-install", "--on-master", "--unattended", "--domain", domain_name, "--server", host_name, "--realm", realm_name, "--hostname", host_name] if not options.create_sshfp: args.append("--no-dns-sshfp") + if options.trust_sshfp: + args.append("--ssh-trust-dns") + if not options.conf_sshd: + args.append("--no-sshd") run(args) except Exception, e: sys.exit("Configuration of client side components failed!\nipa-client-install returned: " + str(e)) diff --git a/install/tools/man/ipa-replica-install.1 b/install/tools/man/ipa-replica-install.1 index 87506477..c41af20e 100644 --- a/install/tools/man/ipa-replica-install.1 +++ b/install/tools/man/ipa-replica-install.1 @@ -47,6 +47,12 @@ Do not configure NTP \fB\-\-no\-ui\-redirect\fR Do not automatically redirect to the Web UI. .TP +\fB\-\-ssh\-trust\-dns\fR +Configure OpenSSH client to trust DNS SSHFP records. +.TP +\fB\-\-no\-sshd\fR +Do not configure OpenSSH server. +.TP \fB\-\-skip\-conncheck\fR Skip connection check to remote master .TP diff --git a/install/tools/man/ipa-server-install.1 b/install/tools/man/ipa-server-install.1 index 23b51979..9870022a 100644 --- a/install/tools/man/ipa-server-install.1 +++ b/install/tools/man/ipa-server-install.1 @@ -63,6 +63,12 @@ Don't install allow_all HBAC rule. This rule lets any user from any host access \fB\-\-no\-ui\-redirect\fR Do not automatically redirect to the Web UI. .TP +\fB\-\-ssh\-trust\-dns\fR +Configure OpenSSH client to trust DNS SSHFP records. +.TP +\fB\-\-no\-sshd\fR +Do not configure OpenSSH server. +.TP \fB\-d\fR, \fB\-\-debug\fR Enable debug logging when more verbose output is needed .TP |