diff options
author | Fraser Tweedale <ftweedal@redhat.com> | 2015-05-11 21:17:48 -0400 |
---|---|---|
committer | Jan Cholasta <jcholast@redhat.com> | 2015-06-04 08:27:33 +0000 |
commit | b24fe0eb733c68af4042cdd78fca6f609efe843b (patch) | |
tree | 3bf04bdc6db9f0f6f3a70beee7f5563d9c4866ad /ipaserver/install/server/install.py | |
parent | ba075b195c5c6a78416f15fb06c765858a0b2069 (diff) | |
download | freeipa-b24fe0eb733c68af4042cdd78fca6f609efe843b.tar.gz freeipa-b24fe0eb733c68af4042cdd78fca6f609efe843b.tar.xz freeipa-b24fe0eb733c68af4042cdd78fca6f609efe843b.zip |
Import included profiles during install or upgrade
Add a default service profile template as part of FreeIPA and format
and import it as part of installation or upgrade process.
Also remove the code that modifies the old (file-based)
`caIPAserviceCert' profile.
Fixes https://fedorahosted.org/freeipa/ticket/4002
Reviewed-By: Martin Basti <mbasti@redhat.com>
Diffstat (limited to 'ipaserver/install/server/install.py')
-rw-r--r-- | ipaserver/install/server/install.py | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/ipaserver/install/server/install.py b/ipaserver/install/server/install.py index aea1f9915..955e4cc11 100644 --- a/ipaserver/install/server/install.py +++ b/ipaserver/install/server/install.py @@ -748,6 +748,9 @@ def install(options): api.env.ca_host = host_name api.bootstrap(**cfg) + if setup_ca: + # ensure profile backend is available + import ipaserver.plugins.dogtag api.finalize() # Create DS user/group if it doesn't exist yet @@ -903,6 +906,9 @@ def install(options): service.print_msg("Restarting the certificate server") ca.restart(dogtag.configured_constants().PKI_INSTANCE_NAME) + service.print_msg("Importing certificate profiles") + cainstance.import_included_profiles() + if options.setup_dns: api.Backend.ldap2.connect(autobind=True) dns.install(False, False, options) |