diff options
| author | Jan Cholasta <jcholast@redhat.com> | 2016-08-01 10:51:24 +0200 |
|---|---|---|
| committer | Jan Cholasta <jcholast@redhat.com> | 2016-09-19 08:01:26 +0200 |
| commit | 984ae3858d8fb25d30b886bb953df1b06ab34ec7 (patch) | |
| tree | c84023729ef3a2709325b68cbe4fa4d515d0e914 | |
| parent | 0c4a91348a57ee941db94b31f59952eb1fcd4565 (diff) | |
| download | freeipa-984ae3858d8fb25d30b886bb953df1b06ab34ec7.tar.gz freeipa-984ae3858d8fb25d30b886bb953df1b06ab34ec7.tar.xz freeipa-984ae3858d8fb25d30b886bb953df1b06ab34ec7.zip | |
client: remove hard dependency on pam_krb5
If ipa-client-install is executed with --no-sssd, check if pam_krb5 is
available before proceeding with the install.
https://fedorahosted.org/freeipa/ticket/5557
Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
| -rwxr-xr-x | client/ipa-client-install | 4 | ||||
| -rw-r--r-- | freeipa.spec.in | 1 | ||||
| -rw-r--r-- | ipaplatform/base/paths.py | 2 | ||||
| -rw-r--r-- | ipaplatform/redhat/paths.py | 1 |
4 files changed, 7 insertions, 1 deletions
diff --git a/client/ipa-client-install b/client/ipa-client-install index 535fe65da..f22e653b4 100755 --- a/client/ipa-client-install +++ b/client/ipa-client-install @@ -2289,6 +2289,10 @@ def install(options, env, fstore, statestore): # when installing with '--no-sssd' option, check whether nss-ldap is installed if not options.sssd: + if not os.path.exists(paths.PAM_KRB5_SO): + root_logger.error("The pam_krb5 package must be installed") + return CLIENT_INSTALL_ERROR + (nssldap_installed, nosssd_files) = nssldap_exists() if not nssldap_installed: root_logger.error("One of these packages must be installed: " + diff --git a/freeipa.spec.in b/freeipa.spec.in index 589060bc6..3b0e4b201 100644 --- a/freeipa.spec.in +++ b/freeipa.spec.in @@ -326,7 +326,6 @@ Requires: cyrus-sasl-gssapi%{?_isa} Requires: ntp Requires: krb5-workstation Requires: authconfig -Requires: pam_krb5 Requires: curl # NIS domain name config: /usr/lib/systemd/system/*-domainname.service Requires: initscripts diff --git a/ipaplatform/base/paths.py b/ipaplatform/base/paths.py index f927a7a99..025bed6b0 100644 --- a/ipaplatform/base/paths.py +++ b/ipaplatform/base/paths.py @@ -191,11 +191,13 @@ class BasePathNamespace(object): USR_LIB_DIRSRV = "/usr/lib/dirsrv" LIB_FIREFOX = "/usr/lib/firefox" LIBSOFTHSM2_SO = "/usr/lib/pkcs11/libsofthsm2.so" + PAM_KRB5_SO = "/usr/lib/security/pam_krb5.so" LIB_SYSTEMD_SYSTEMD_DIR = "/usr/lib/systemd/system/" BIND_LDAP_SO_64 = "/usr/lib64/bind/ldap.so" USR_LIB_DIRSRV_64 = "/usr/lib64/dirsrv" LIB64_FIREFOX = "/usr/lib64/firefox" LIBSOFTHSM2_SO_64 = "/usr/lib64/pkcs11/libsofthsm2.so" + PAM_KRB5_SO_64 = "/usr/lib64/security/pam_krb5.so" DOGTAG_IPA_CA_RENEW_AGENT_SUBMIT = "/usr/libexec/certmonger/dogtag-ipa-ca-renew-agent-submit" DOGTAG_IPA_RENEW_AGENT_SUBMIT = "/usr/libexec/certmonger/dogtag-ipa-renew-agent-submit" IPA_SERVER_GUARD = "/usr/libexec/certmonger/ipa-server-guard" diff --git a/ipaplatform/redhat/paths.py b/ipaplatform/redhat/paths.py index b80a1b47a..b27b065ad 100644 --- a/ipaplatform/redhat/paths.py +++ b/ipaplatform/redhat/paths.py @@ -32,6 +32,7 @@ class RedHatPathNamespace(BasePathNamespace): # https://docs.python.org/2/library/platform.html#cross-platform if sys.maxsize > 2**32: LIBSOFTHSM2_SO = BasePathNamespace.LIBSOFTHSM2_SO_64 + PAM_KRB5_SO = BasePathNamespace.PAM_KRB5_SO_64 paths = RedHatPathNamespace() |