diff options
| author | Florence Blanc-Renaud <frenaud@redhat.com> | 2016-06-27 10:23:14 +0200 |
|---|---|---|
| committer | Martin Basti <mbasti@redhat.com> | 2016-06-29 16:17:27 +0200 |
| commit | 3c40d3aa9e3d431be1e625aa91cdcbeffd0d1271 (patch) | |
| tree | 0c01a8d4c49a40aa8643ebef05423653cd6901f2 /install/tools | |
| parent | d7898ac2eb3b9d7b0e24579c9d8ea2f541f55268 (diff) | |
| download | freeipa-3c40d3aa9e3d431be1e625aa91cdcbeffd0d1271.tar.gz freeipa-3c40d3aa9e3d431be1e625aa91cdcbeffd0d1271.tar.xz freeipa-3c40d3aa9e3d431be1e625aa91cdcbeffd0d1271.zip | |
Do not allow installation in FIPS mode
https://fedorahosted.org/freeipa/ticket/5761
Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
Diffstat (limited to 'install/tools')
| -rwxr-xr-x | install/tools/ipactl | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/install/tools/ipactl b/install/tools/ipactl index 547b21d87..e6a1b5a22 100755 --- a/install/tools/ipactl +++ b/install/tools/ipactl @@ -31,7 +31,8 @@ from ipaserver.install.dsinstance import config_dirname from ipaserver.install.installutils import is_ipa_configured, ScriptError from ipalib import api, errors from ipapython.ipaldap import IPAdmin -from ipapython.ipautil import wait_for_open_ports, wait_for_open_socket +from ipapython.ipautil import ( + wait_for_open_ports, wait_for_open_socket, is_fips_enabled) from ipapython import config from ipaplatform.tasks import tasks from ipapython.dn import DN @@ -545,6 +546,9 @@ def main(): elif args[0] != "start" and args[0] != "stop" and args[0] != "restart" and args[0] != "status": raise IpactlError("Unrecognized action [" + args[0] + "]", 2) + if is_fips_enabled(): + raise IpactlError("Starting IPA server in FIPS mode is not supported") + # check if IPA is configured at all try: check_IPA_configuration() |