diff options
Diffstat (limited to 'ipaplatform')
-rw-r--r-- | ipaplatform/base/paths.py | 3 | ||||
-rw-r--r-- | ipaplatform/base/tasks.py | 8 | ||||
-rw-r--r-- | ipaplatform/redhat/tasks.py | 29 |
3 files changed, 40 insertions, 0 deletions
diff --git a/ipaplatform/base/paths.py b/ipaplatform/base/paths.py index 4aa55d870..585a5d26e 100644 --- a/ipaplatform/base/paths.py +++ b/ipaplatform/base/paths.py @@ -127,6 +127,8 @@ class BasePathNamespace(object): SYSCONFIG_PKI_TOMCAT = "/etc/sysconfig/pki-tomcat" SYSCONFIG_PKI_TOMCAT_PKI_TOMCAT_DIR = "/etc/sysconfig/pki/tomcat/pki-tomcat" ETC_SYSTEMD_SYSTEM_DIR = "/etc/systemd/system/" + SYSTEMD_SYSTEM_HTTPD_D_DIR = "/etc/systemd/system/httpd.d/" + SYSTEMD_SYSTEM_HTTPD_IPA_CONF = "/etc/systemd/system/httpd.d/ipa.conf" SYSTEMD_CERTMONGER_SERVICE = "/etc/systemd/system/multi-user.target.wants/certmonger.service" SYSTEMD_IPA_SERVICE = "/etc/systemd/system/multi-user.target.wants/ipa.service" SYSTEMD_SSSD_SERVICE = "/etc/systemd/system/multi-user.target.wants/sssd.service" @@ -197,6 +199,7 @@ class BasePathNamespace(object): GENERATE_RNDC_KEY = "/usr/libexec/generate-rndc-key.sh" IPA_DNSKEYSYNCD_REPLICA = "/usr/libexec/ipa/ipa-dnskeysync-replica" IPA_DNSKEYSYNCD = "/usr/libexec/ipa/ipa-dnskeysyncd" + IPA_HTTPD_KDCPROXY = "/usr/libexec/ipa/ipa-httpd-kdcproxy" IPA_ODS_EXPORTER = "/usr/libexec/ipa/ipa-ods-exporter" DNSSEC_KEYFROMLABEL = "/usr/sbin/dnssec-keyfromlabel-pkcs11" GETSEBOOL = "/usr/sbin/getsebool" diff --git a/ipaplatform/base/tasks.py b/ipaplatform/base/tasks.py index 573287c6b..f5fb2b155 100644 --- a/ipaplatform/base/tasks.py +++ b/ipaplatform/base/tasks.py @@ -236,3 +236,11 @@ class BaseTaskNamespace(object): :return: object implementing proper __cmp__ method for version compare """ return parse_version(version) + + def configure_httpd_service_ipa_conf(self): + """Configure httpd service to work with IPA""" + raise NotImplementedError() + + def remove_httpd_service_ipa_conf(self): + """Remove configuration of httpd service of IPA""" + raise NotImplementedError() diff --git a/ipaplatform/redhat/tasks.py b/ipaplatform/redhat/tasks.py index 7c29b51e1..4be9a146e 100644 --- a/ipaplatform/redhat/tasks.py +++ b/ipaplatform/redhat/tasks.py @@ -460,5 +460,34 @@ class RedHatTaskNamespace(BaseTaskNamespace): """ return IPAVersion(version) + def configure_httpd_service_ipa_conf(self): + """Create systemd config for httpd service to work with IPA + """ + if not os.path.exists(paths.SYSTEMD_SYSTEM_HTTPD_D_DIR): + os.mkdir(paths.SYSTEMD_SYSTEM_HTTPD_D_DIR, 0o755) + + ipautil.copy_template_file( + os.path.join(ipautil.SHARE_DIR, 'ipa-httpd.conf.template'), + paths.SYSTEMD_SYSTEM_HTTPD_IPA_CONF, + dict( + KRB5CC_HTTPD=paths.KRB5CC_HTTPD, + KDCPROXY_CONFIG=paths.KDCPROXY_CONFIG, + IPA_HTTPD_KDCPROXY=paths.IPA_HTTPD_KDCPROXY, + POST='-{kdestroy} -A'.format(kdestroy=paths.KDESTROY) + ) + ) + + os.chmod(paths.SYSTEMD_SYSTEM_HTTPD_IPA_CONF, 0o644) + self.restore_context(paths.SYSTEMD_SYSTEM_HTTPD_IPA_CONF) + + def remove_httpd_service_ipa_conf(self): + """Remove systemd config for httpd service of IPA""" + try: + os.unlink(paths.SYSTEMD_SYSTEM_HTTPD_IPA_CONF) + except OSError as e: + root_logger.error( + 'Error removing %s: %s', + paths.SYSTEMD_SYSTEM_HTTPD_IPA_CONF, e + ) tasks = RedHatTaskNamespace() |