diff options
author | Jan Cholasta <jcholast@redhat.com> | 2016-11-23 17:40:47 +0100 |
---|---|---|
committer | Martin Basti <mbasti@redhat.com> | 2016-11-29 14:50:51 +0100 |
commit | 7d5c680ace7ccea3b0f7f1471cf8dbc07b3da5a1 (patch) | |
tree | 9dbbb1c9cf63a236947ecee6d82ea16d4c256a3e /daemons | |
parent | 75b70e3f0d52a9c98f443d3fc2f7cef92bdc7b1a (diff) | |
download | freeipa-7d5c680ace7ccea3b0f7f1471cf8dbc07b3da5a1.tar.gz freeipa-7d5c680ace7ccea3b0f7f1471cf8dbc07b3da5a1.tar.xz freeipa-7d5c680ace7ccea3b0f7f1471cf8dbc07b3da5a1.zip |
ipautil: move kinit functions to ipalib.install
kinit_password() depends on ipaplatform.
Move kinit_password() as well as kinit_keytab() to a new
ipalib.install.kinit module, as they are used only from installers.
https://fedorahosted.org/freeipa/ticket/6474
Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
Diffstat (limited to 'daemons')
-rwxr-xr-x | daemons/dnssec/ipa-dnskeysync-replica | 6 | ||||
-rwxr-xr-x | daemons/dnssec/ipa-dnskeysyncd | 4 | ||||
-rwxr-xr-x | daemons/dnssec/ipa-ods-exporter | 6 |
3 files changed, 8 insertions, 8 deletions
diff --git a/daemons/dnssec/ipa-dnskeysync-replica b/daemons/dnssec/ipa-dnskeysync-replica index 43670d29c..9363d3f3e 100755 --- a/daemons/dnssec/ipa-dnskeysync-replica +++ b/daemons/dnssec/ipa-dnskeysync-replica @@ -15,10 +15,10 @@ import os import sys import ipalib +from ipalib.install.kinit import kinit_keytab from ipapython.dn import DN from ipapython.ipa_log_manager import root_logger, standard_logging_setup from ipapython import ipaldap -from ipapython import ipautil from ipaplatform.paths import paths from ipaserver.dnssec.abshsm import (sync_pkcs11_metadata, ldap2p11helper_api_params, @@ -134,8 +134,8 @@ log.debug('Kerberos principal: %s', PRINCIPAL) ccache_filename = os.path.join(WORKDIR, 'ipa-dnskeysync-replica.ccache') try: - ipautil.kinit_keytab(PRINCIPAL, paths.IPA_DNSKEYSYNCD_KEYTAB, - ccache_filename, attempts=5) + kinit_keytab(PRINCIPAL, paths.IPA_DNSKEYSYNCD_KEYTAB, ccache_filename, + attempts=5) except GSSError as e: log.critical('Kerberos authentication failed: %s', e) sys.exit(1) diff --git a/daemons/dnssec/ipa-dnskeysyncd b/daemons/dnssec/ipa-dnskeysyncd index 37c6a02fb..d42515466 100755 --- a/daemons/dnssec/ipa-dnskeysyncd +++ b/daemons/dnssec/ipa-dnskeysyncd @@ -11,10 +11,10 @@ import signal import time from ipalib import api +from ipalib.install.kinit import kinit_keytab from ipapython.dn import DN from ipapython.ipa_log_manager import root_logger, standard_logging_setup from ipapython import ipaldap -from ipapython import ipautil from ipaplatform.paths import paths from ipaserver.dnssec.keysyncer import KeySyncer @@ -65,7 +65,7 @@ PRINCIPAL = str('%s/%s' % (DAEMONNAME, api.env.host)) log.debug('Kerberos principal: %s', PRINCIPAL) ccache_filename = os.path.join(WORKDIR, 'ipa-dnskeysyncd.ccache') try: - ipautil.kinit_keytab(PRINCIPAL, KEYTAB_FB, ccache_filename, attempts=5) + kinit_keytab(PRINCIPAL, KEYTAB_FB, ccache_filename, attempts=5) except Exception as ex: log.critical("Kerberos authentication failed: %s", ex) # signal failure and let init system to restart the daemon diff --git a/daemons/dnssec/ipa-ods-exporter b/daemons/dnssec/ipa-ods-exporter index f2fdaa991..9285fe695 100755 --- a/daemons/dnssec/ipa-ods-exporter +++ b/daemons/dnssec/ipa-ods-exporter @@ -32,9 +32,9 @@ import sqlite3 import traceback import ipalib +from ipalib.install.kinit import kinit_keytab from ipapython.dn import DN from ipapython import ipaldap -from ipapython import ipautil from ipaplatform.paths import paths from ipaserver.dnssec.abshsm import sync_pkcs11_metadata, wrappingmech_name2id from ipaserver.dnssec.ldapkeydb import LdapKeyDB @@ -623,8 +623,8 @@ log.debug('Kerberos principal: %s', PRINCIPAL) ccache_name = paths.IPA_ODS_EXPORTER_CCACHE try: - ipautil.kinit_keytab(PRINCIPAL, paths.IPA_ODS_EXPORTER_KEYTAB, ccache_name, - attempts=5) + kinit_keytab(PRINCIPAL, paths.IPA_ODS_EXPORTER_KEYTAB, ccache_name, + attempts=5) except GSSError as e: log.critical('Kerberos authentication failed: %s', e) sys.exit(1) |