diff options
| author | Jan Cholasta <jcholast@redhat.com> | 2011-12-07 03:40:51 -0500 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2012-02-13 22:21:43 -0500 |
| commit | c34f5fbc882b16baebc18d795511e8e1fc50668b (patch) | |
| tree | 05b15df263fceb0dff104e274338178d33f29dd7 /ipaserver | |
| parent | 9b6649a1ce7c15043c9d197363c3b9fdd4b12a1d (diff) | |
| download | freeipa-c34f5fbc882b16baebc18d795511e8e1fc50668b.tar.gz freeipa-c34f5fbc882b16baebc18d795511e8e1fc50668b.tar.xz freeipa-c34f5fbc882b16baebc18d795511e8e1fc50668b.zip | |
Update host SSH public keys on the server during client install.
This is done by calling host-mod to update the keys on IPA server and nsupdate
to update DNS SSHFP records. DNS update can be disabled using --no-dns-sshfp
ipa-client-install option.
https://fedorahosted.org/freeipa/ticket/1634
Diffstat (limited to 'ipaserver')
| -rw-r--r-- | ipaserver/install/bindinstance.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ipaserver/install/bindinstance.py b/ipaserver/install/bindinstance.py index 6e6c94111..2fa12565f 100644 --- a/ipaserver/install/bindinstance.py +++ b/ipaserver/install/bindinstance.py @@ -185,7 +185,7 @@ def read_reverse_zone(default, ip_address): def add_zone(name, zonemgr=None, dns_backup=None, ns_hostname=None, ns_ip_address=None, update_policy=None): if update_policy is None: - update_policy = "grant %(realm)s krb5-self * A; grant %(realm)s krb5-self * AAAA;" % dict(realm=api.env.realm) + update_policy = "grant %(realm)s krb5-self * A; grant %(realm)s krb5-self * AAAA; grant %(realm)s krb5-self * SSHFP;" % dict(realm=api.env.realm) if zonemgr is None: zonemgr = 'hostmaster.%s' % name |