diff options
author | Martin Babinsky <mbabinsk@redhat.com> | 2015-12-14 14:28:41 +0100 |
---|---|---|
committer | Tomas Babej <tbabej@redhat.com> | 2015-12-14 18:50:38 +0100 |
commit | 5886f87f974fa508047a21350c2e6e75a3001da6 (patch) | |
tree | b9f3a4524d5b71a1668c64caa0deb70cc12cdcc6 | |
parent | c4b9b295d8184694c50c0d56051e0273445c98ec (diff) | |
download | freeipa-5886f87f974fa508047a21350c2e6e75a3001da6.tar.gz freeipa-5886f87f974fa508047a21350c2e6e75a3001da6.tar.xz freeipa-5886f87f974fa508047a21350c2e6e75a3001da6.zip |
ipa-client-install: create a temporary directory for ccache files
gssapi.Credentials instantiation in ipautil.kinit_keytab() raises 'Bad format
in credential cache' error when a name of an existing zero-length file is
passed as a ccache parameter. Use temporary directory instead and let GSSAPI
to create file-based ccache on demand.
https://fedorahosted.org/freeipa/ticket/5528
Reviewed-By: Tomas Babej <tbabej@redhat.com>
-rwxr-xr-x | ipa-client/ipa-install/ipa-client-install | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install index 9556cdec0..e9a7d45c3 100755 --- a/ipa-client/ipa-install/ipa-client-install +++ b/ipa-client/ipa-install/ipa-client-install @@ -2578,8 +2578,8 @@ def install(options, env, fstore, statestore): root_logger.error("Test kerberos configuration failed") return CLIENT_INSTALL_ERROR env['KRB5_CONFIG'] = krb_name - (ccache_fd, ccache_name) = tempfile.mkstemp() - os.close(ccache_fd) + ccache_dir = tempfile.mkdtemp(prefix='krbcc') + ccache_name = os.path.join(ccache_dir, 'ccache') join_args = [paths.SBIN_IPA_JOIN, "-s", cli_server[0], "-b", str(realm_to_suffix(cli_realm)), @@ -2727,7 +2727,7 @@ def install(options, env, fstore, statestore): except OSError: root_logger.error("Could not remove %s", krb_name) try: - os.remove(ccache_name) + os.rmdir(ccache_dir) except OSError: pass try: |