diff options
| author | Tomas Krizek <tkrizek@redhat.com> | 2016-10-06 17:35:04 +0200 |
|---|---|---|
| committer | Martin Basti <mbasti@redhat.com> | 2016-11-07 11:34:03 +0100 |
| commit | 9340a1417acf120fed3e9ffbe9d658d3456743a1 (patch) | |
| tree | 8e01407f76908b39b774ae76cbc952d653559090 /ipaserver/install/bindinstance.py | |
| parent | 5b81dbfda1e4f0799d4ce87e9987a896af3ff299 (diff) | |
install: remove dirman_pw from services
Remove directory manager's password from service's constructors
https://fedorahosted.org/freeipa/ticket/6461
Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Diffstat (limited to 'ipaserver/install/bindinstance.py')
| -rw-r--r-- | ipaserver/install/bindinstance.py | 22 |
1 files changed, 8 insertions, 14 deletions
diff --git a/ipaserver/install/bindinstance.py b/ipaserver/install/bindinstance.py index 65fc462c7..20ae1f20b 100644 --- a/ipaserver/install/bindinstance.py +++ b/ipaserver/install/bindinstance.py @@ -228,8 +228,9 @@ def named_conf_add_include(path): with open(NAMED_CONF, 'a') as f: f.write(named_conf_include_template % {'path': path}) -def dns_container_exists(fqdn, suffix, dm_password=None, ldapi=False, realm=None, - autobind=ipaldap.AUTOBIND_DISABLED): + +def dns_container_exists(fqdn, suffix, dm_password=None, ldapi=False, + realm=None): """ Test whether the dns container exists. """ @@ -240,7 +241,7 @@ def dns_container_exists(fqdn, suffix, dm_password=None, ldapi=False, realm=None ldap_uri = ipaldap.get_ldap_uri(fqdn, 636, ldapi=ldapi, realm=realm, cacert=CACERT) conn = ipaldap.LDAPClient(ldap_uri, cacert=CACERT) - conn.do_bind(dm_password, autobind=autobind) + conn.do_bind(dm_password) except ldap.SERVER_DOWN: raise RuntimeError('LDAP server on %s is not responding. Is IPA installed?' % fqdn) @@ -613,15 +614,10 @@ class DnsBackup(object): class BindInstance(service.Service): - def __init__(self, fstore=None, dm_password=None, api=api, ldapi=False, - start_tls=False, autobind=ipaldap.AUTOBIND_DISABLED): + def __init__(self, fstore=None, api=api): service.Service.__init__( self, "named", - service_desc="DNS", - dm_password=dm_password, - ldapi=ldapi, - autobind=autobind, - start_tls=start_tls + service_desc="DNS" ) self.dns_backup = DnsBackup(self) self.named_user = None @@ -632,7 +628,6 @@ class BindInstance(service.Service): self.forwarders = None self.sub_dict = None self.reverse_zones = [] - self.dm_password = dm_password self.api = api self.named_regular = services.service('named-regular') @@ -665,8 +660,7 @@ class BindInstance(service.Service): self.zonemgr = normalize_zonemgr(zonemgr) self.first_instance = not dns_container_exists( - self.fqdn, self.suffix, realm=self.realm, ldapi=True, - dm_password=self.dm_password, autobind=self.autobind) + self.fqdn, self.suffix, realm=self.realm, ldapi=True) self.__setup_sub_dict() @@ -763,7 +757,7 @@ class BindInstance(service.Service): # Instead we reply on the IPA init script to start only enabled # components as found in our LDAP configuration tree try: - self.ldap_enable('DNS', self.fqdn, self.dm_password, self.suffix) + self.ldap_enable('DNS', self.fqdn, None, self.suffix) except errors.DuplicateEntry: # service already exists (forced DNS reinstall) # don't crash, just report error |