Change session logout to kill only the cookiesessionlogout

Removing the ccache goes to far as it will cause unrelated sessions to
fail as well, this is a problem for accounts used to do unattended
operations and that may operate in parallel.

Fixes https://fedorahosted.org/freeipa/ticket/6682

Signed-off-by: Simo Sorce <simo@redhat.com>

2 files changed, 3 insertions, 36 deletions

diff --git a/ipaserver/plugins/session.py b/ipaserver/plugins/session.py
index c700ab9ba..8e480ed7d 100644
--- a/ipaserver/plugins/session.py
+++ b/ipaserver/plugins/session.py
@@ -5,7 +5,6 @@
 from ipalib import Command
 from ipalib.request import context
 from ipalib.plugable import Registry
-from ipaserver.session import logout
 
 register = Registry()
 
@@ -21,7 +20,9 @@ class session_logout(Command):
         ccache_name = getattr(context, 'ccache_name', None)
         if ccache_name is None:
             self.debug('session logout command: no ccache_name found')
+        else:
+            delattr(context, 'ccache_name')
 
-        logout(ccache_name)
+        setattr(context, 'logout_cookie', '')
 
         return dict(result=None)
diff --git a/ipaserver/session.py b/ipaserver/session.py
deleted file mode 100644
index 6957feb74..000000000
--- a/ipaserver/session.py
+++ /dev/null
@@ -1,34 +0,0 @@
-# Authors: John Dennis <jdennis@redhat.com>
-#
-# Copyright (C) 2011  Red Hat
-# see file 'COPYING' for use and warranty information
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-import os
-
-from ipalib.request import context
-from ipalib.krb_utils import (
-    krb5_parse_ccache,
-)
-
-
-def logout(ccache_name=None):
-    if ccache_name is None:
-        ccache_name = getattr(context, 'ccache_name', None)
-    if ccache_name is not None:
-        scheme, name = krb5_parse_ccache(ccache_name)
-        if scheme == 'FILE':
-            os.unlink(name)
-    setattr(context, 'logout_cookie', '')