diff options
author | Florence Blanc-Renaud <frenaud@redhat.com> | 2016-06-27 10:23:14 +0200 |
---|---|---|
committer | Martin Basti <mbasti@redhat.com> | 2016-06-29 16:17:27 +0200 |
commit | 3c40d3aa9e3d431be1e625aa91cdcbeffd0d1271 (patch) | |
tree | 0c01a8d4c49a40aa8643ebef05423653cd6901f2 /client/ipa-client-install | |
parent | d7898ac2eb3b9d7b0e24579c9d8ea2f541f55268 (diff) | |
download | freeipa-3c40d3aa9e3d431be1e625aa91cdcbeffd0d1271.tar.gz freeipa-3c40d3aa9e3d431be1e625aa91cdcbeffd0d1271.tar.xz freeipa-3c40d3aa9e3d431be1e625aa91cdcbeffd0d1271.zip |
Do not allow installation in FIPS mode
https://fedorahosted.org/freeipa/ticket/5761
Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
Diffstat (limited to 'client/ipa-client-install')
-rwxr-xr-x | client/ipa-client-install | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/client/ipa-client-install b/client/ipa-client-install index 1cdaf7b3e..cee202f89 100755 --- a/client/ipa-client-install +++ b/client/ipa-client-install @@ -45,7 +45,7 @@ try: import ipaclient.ntpconf from ipapython.ipautil import ( run, user_input, CalledProcessError, file_exists, dir_exists, - realm_to_suffix) + realm_to_suffix, is_fips_enabled) from ipaplatform.tasks import tasks from ipaplatform import services from ipaplatform.paths import paths @@ -3076,6 +3076,9 @@ def main(): if not os.getegid() == 0: sys.exit("\nYou must be root to run ipa-client-install.\n") + if is_fips_enabled(): + sys.exit("Installing IPA client in FIPS mode is not supported") + tasks.check_selinux_status() logging_setup(options) root_logger.debug( |