diff options
author | Petr Viktorin <pviktori@redhat.com> | 2012-08-23 12:38:45 -0400 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2012-09-17 18:43:59 -0400 |
commit | 4f76c143d2f2036af02677469c542f563a10158d (patch) | |
tree | 8ed4716135c53486710950b453f17bb71f36c658 /install/tools/ipa-server-install | |
parent | 3dd31a875650c7fe7c67ca6b47f2058c1181dafb (diff) | |
download | freeipa-4f76c143d2f2036af02677469c542f563a10158d.tar.gz freeipa-4f76c143d2f2036af02677469c542f563a10158d.tar.xz freeipa-4f76c143d2f2036af02677469c542f563a10158d.zip |
Use Dogtag 10 only when it is available
Put the changes from Ade's dogtag 10 patch into namespaced constants in
dogtag.py, which are then referenced in the code.
Make ipaserver.install.CAInstance use the service name specified in the
configuration. Uninstallation, where config is removed before CA uninstall,
also uses the (previously) configured value.
This and Ade's patch address https://fedorahosted.org/freeipa/ticket/2846
Diffstat (limited to 'install/tools/ipa-server-install')
-rwxr-xr-x | install/tools/ipa-server-install | 21 |
1 files changed, 15 insertions, 6 deletions
diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install index 639a72701..201e2fb18 100755 --- a/install/tools/ipa-server-install +++ b/install/tools/ipa-server-install @@ -58,6 +58,7 @@ from ipaserver.plugins.ldap2 import ldap2 from ipapython import sysrestore from ipapython.ipautil import * from ipapython import ipautil +from ipapython import dogtag from ipalib import api, errors, util from ipapython.config import IPAOptionParser from ipalib.x509 import load_certificate_from_file, load_certificate_chain_from_file @@ -465,6 +466,9 @@ def uninstall(): except Exception, e: pass + # Need to get dogtag info before /etc/ipa/default.conf is removed + dogtag_constants = dogtag.configured_constants() + print "Removing IPA client configuration" try: (stdout, stderr, rc) = run(["/usr/sbin/ipa-client-install", "--on-master", "--unattended", "--uninstall"], raiseonerr=False) @@ -477,10 +481,13 @@ def uninstall(): print "ipa-client-install returned: " + str(e) ntpinstance.NTPInstance(fstore).uninstall() - if cainstance.CADSInstance().is_configured(): - cainstance.CADSInstance().uninstall() - if cainstance.CAInstance(api.env.realm, certs.NSS_DIR).is_configured(): - cainstance.CAInstance(api.env.realm, certs.NSS_DIR).uninstall() + cads_instance = cainstance.CADSInstance(dogtag_constants=dogtag_constants) + if cads_instance.is_configured(): + cads_instance.uninstall() + ca_instance = cainstance.CAInstance( + api.env.realm, certs.NSS_DIR, dogtag_constants=dogtag_constants) + if ca_instance.is_configured(): + ca_instance.uninstall() bindinstance.BindInstance(fstore).uninstall() httpinstance.HTTPInstance(fstore).uninstall() krbinstance.KrbInstance(fstore).uninstall() @@ -853,7 +860,8 @@ def main(): fd.write("enable_ra=True\n") if not options.selfsign: fd.write("ra_plugin=dogtag\n") - fd.write("dogtag_version=10\n") + fd.write("dogtag_version=%s\n" % + dogtag.install_constants.DOGTAG_VERSION) fd.write("mode=production\n") fd.close() @@ -916,7 +924,8 @@ def main(): cs = cainstance.CADSInstance(host_name, realm_name, domain_name, dm_password) if not cs.is_configured(): cs.create_instance(realm_name, host_name, domain_name, dm_password, subject_base=options.subject) - ca = cainstance.CAInstance(realm_name, certs.NSS_DIR) + ca = cainstance.CAInstance(realm_name, certs.NSS_DIR, + dogtag_constants=dogtag.install_constants) if external == 0: ca.configure_instance(host_name, dm_password, dm_password, subject_base=options.subject) |