diff options
author | Simo Sorce <simo@redhat.com> | 2016-12-01 11:37:20 -0500 |
---|---|---|
committer | Jan Cholasta <jcholast@redhat.com> | 2017-02-15 07:13:37 +0100 |
commit | 38c66896de1769077cd5b057133606ec5eeaf62b (patch) | |
tree | 579031e3d54e8aec702abd60a39fbaff9f8f3209 /ipaserver/dcerpc.py | |
parent | c894ebefc5c4c4c7ea340d6ddc4cd3c081917e4a (diff) | |
download | freeipa-38c66896de1769077cd5b057133606ec5eeaf62b.tar.gz freeipa-38c66896de1769077cd5b057133606ec5eeaf62b.tar.xz freeipa-38c66896de1769077cd5b057133606ec5eeaf62b.zip |
Generate tmpfiles config at install time
We do not want to generate runtime directories just because the packages
are installed, but only if the server is actually setup and run. Also this
will be needed later because we will create a user at install time and some
tmpfiles will need to be owned by this user.
As we are changing this code also rationalize the directory structure and
move it from the http rundir to the ipa specific rundir.
https://fedorahosted.org/freeipa/ticket/5959
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Diffstat (limited to 'ipaserver/dcerpc.py')
-rw-r--r-- | ipaserver/dcerpc.py | 17 |
1 files changed, 8 insertions, 9 deletions
diff --git a/ipaserver/dcerpc.py b/ipaserver/dcerpc.py index e37d0ebdd..aa790b75f 100644 --- a/ipaserver/dcerpc.py +++ b/ipaserver/dcerpc.py @@ -51,7 +51,6 @@ from cryptography.hazmat.primitives.ciphers import Cipher, algorithms from cryptography.hazmat.backends import default_backend import ldap as _ldap from ipapython import ipaldap -from ipaserver.session import krbccache_dir, krbccache_prefix from dns import resolver, rdatatype from dns.exception import DNSException import pysss_nss_idmap @@ -639,8 +638,8 @@ class DomainValidator(object): Initializes ccache with http service credentials. Applies session code defaults for ccache directory and naming prefix. - Session code uses krbccache_prefix+<pid>, we use - krbccache_prefix+<TD>+<domain netbios name> so there is no clash. + Session code uses kinit_+<pid>, we use + kinit_+<TD>+<domain netbios name> so there is no clash. Returns tuple (ccache path, principal) where (None, None) signifes an error on ccache initialization @@ -648,8 +647,8 @@ class DomainValidator(object): domain_suffix = domain.replace('.', '-') - ccache_name = "%sTD%s" % (krbccache_prefix, domain_suffix) - ccache_path = os.path.join(krbccache_dir, ccache_name) + ccache_name = "kinit_TD%s" % (domain_suffix) + ccache_path = os.path.join(paths.IPA_CCACHES, ccache_name) realm = api.env.realm hostname = api.env.host @@ -683,8 +682,8 @@ class DomainValidator(object): Initializes ccache with http service credentials. Applies session code defaults for ccache directory and naming prefix. - Session code uses krbccache_prefix+<pid>, we use - krbccache_prefix+<TD>+<domain netbios name> so there is no clash. + Session code uses kinit_+<pid>, we use + kinit_+<TD>+<domain netbios name> so there is no clash. Returns tuple (ccache path, principal) where (None, None) signifes an error on ccache initialization @@ -695,8 +694,8 @@ class DomainValidator(object): domain_suffix = domain.replace('.', '-') - ccache_name = "%sTDA%s" % (krbccache_prefix, domain_suffix) - ccache_path = os.path.join(krbccache_dir, ccache_name) + ccache_name = "kinit_TDA%s" % (domain_suffix) + ccache_path = os.path.join(paths.IPA_CCACHES, ccache_name) (principal, password) = self._admin_creds.split('%', 1) |