install: fix kdcproxy user home directory

https://fedorahosted.org/freeipa/ticket/5314 Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
author: Jan Cholasta <jcholast@redhat.com> 2015-09-23 10:35:06 +0200
committer: Jan Cholasta <jcholast@redhat.com> 2015-09-23 16:29:49 +0200
commit: 4c39561261e79fe1cfdef916eafbcb9c204e77e8 (patch)
tree: 3d8d0e74d99311b95ca4aef1337436ff4dcec33b
parent: 859590337a1978eb216b9f4ec0750db2fd547a5a (diff)
download: freeipa-4c39561261e79fe1cfdef916eafbcb9c204e77e8.tar.gz
freeipa-4c39561261e79fe1cfdef916eafbcb9c204e77e8.tar.xz
freeipa-4c39561261e79fe1cfdef916eafbcb9c204e77e8.zip
3 files changed, 5 insertions, 2 deletions
diff --git a/freeipa.spec.in b/freeipa.spec.in
index 7a199a5f7..36179c5a8 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -482,7 +482,6 @@ install daemons/dnssec/ipa-ods-exporter %{buildroot}%{_libexecdir}/ipa/ipa-ods-e
 mkdir -p %{buildroot}%{_usr}/share/ipa/ui/js/plugins
 
 # KDC proxy config (Apache config sets KDCPROXY_CONFIG to load this file)
-mkdir -p %{buildroot}%{kdcproxy_home}
 mkdir -p %{buildroot}%{_sysconfdir}/ipa/kdcproxy/
 install -m 644 install/share/kdcproxy.conf %{buildroot}%{_sysconfdir}/ipa/kdcproxy/kdcproxy.conf
 
@@ -714,6 +713,7 @@ fi
 %{_libexecdir}/ipa/ipa-dnskeysync-replica
 %{_libexecdir}/ipa/ipa-ods-exporter
 %{_libexecdir}/ipa/ipa-httpd-kdcproxy
+%ghost %verify(not owner group) %dir %{_sharedstatedir}/kdcproxy
 %dir %attr(0755,root,root) %{_sysconfdir}/ipa/kdcproxy
 %config(noreplace) %{_sysconfdir}/sysconfig/ipa_memcached
 %config(noreplace) %{_sysconfdir}/sysconfig/ipa-dnskeysyncd
diff --git a/ipaplatform/base/paths.py b/ipaplatform/base/paths.py
index 97c330c31..215caf90e 100644
--- a/ipaplatform/base/paths.py
+++ b/ipaplatform/base/paths.py
@@ -286,6 +286,7 @@ class BasePathNamespace(object):
     REPLICA_INFO_GPG_TEMPLATE = "/var/lib/ipa/replica-info-%s.gpg"
     SYSRESTORE = "/var/lib/ipa/sysrestore"
     STATEFILE_DIR = "/var/lib/ipa/sysupgrade"
+    VAR_LIB_KDCPROXY = "/var/lib/kdcproxy"
     VAR_LIB_PKI_DIR = "/var/lib/pki"
     VAR_LIB_PKI_CA_DIR = "/var/lib/pki-ca"
     PKI_ALIAS_CA_P12 = "/var/lib/pki-ca/alias/ca.p12"
diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py
index 73585114c..4269d3697 100644
--- a/ipaserver/install/httpinstance.py
+++ b/ipaserver/install/httpinstance.py
@@ -85,8 +85,10 @@ def create_kdcproxy_user():
     tasks.create_system_user(
         name=KDCPROXY_USER,
         group=KDCPROXY_USER,
-        homedir=paths.VAR_LIB,
+        homedir=paths.VAR_LIB_KDCPROXY,
         shell=paths.NOLOGIN,
+        comment="IPA KDC Proxy User",
+        create_homedir=True,
     )
author	Jan Cholasta <jcholast@redhat.com>	2015-09-23 10:35:06 +0200
committer	Jan Cholasta <jcholast@redhat.com>	2015-09-23 16:29:49 +0200
commit	4c39561261e79fe1cfdef916eafbcb9c204e77e8 (patch)
tree	3d8d0e74d99311b95ca4aef1337436ff4dcec33b
parent	859590337a1978eb216b9f4ec0750db2fd547a5a (diff)
download	freeipa-4c39561261e79fe1cfdef916eafbcb9c204e77e8.tar.gz freeipa-4c39561261e79fe1cfdef916eafbcb9c204e77e8.tar.xz freeipa-4c39561261e79fe1cfdef916eafbcb9c204e77e8.zip