summaryrefslogtreecommitdiffstats
path: root/ipaserver/install/certs.py
diff options
context:
space:
mode:
authorRob Crittenden <rcritten@redhat.com>2010-02-03 17:40:18 -0500
committerRob Crittenden <rcritten@redhat.com>2010-02-19 14:37:27 -0500
commit33a30fef121dbbf588a73f55c96e040e60b16c06 (patch)
treea4bd1cbaac2e9451bfbfd63ee8661eba252ad22b /ipaserver/install/certs.py
parent4e6373cf95d9626cd42281fc8f85cdbf4a8c2da9 (diff)
downloadfreeipa-33a30fef121dbbf588a73f55c96e040e60b16c06.tar.gz
freeipa-33a30fef121dbbf588a73f55c96e040e60b16c06.tar.xz
freeipa-33a30fef121dbbf588a73f55c96e040e60b16c06.zip
Don't assume local directory is valid or writable.
certutil writes to the local directory when issuing a certificate. Change to the security database directory when issuing the self-signed CA. Also handle the case where a user is in a non-existent directory when doing the install.
Diffstat (limited to 'ipaserver/install/certs.py')
-rw-r--r--ipaserver/install/certs.py7
1 files changed, 6 insertions, 1 deletions
diff --git a/ipaserver/install/certs.py b/ipaserver/install/certs.py
index e01795db3..2df7cb38d 100644
--- a/ipaserver/install/certs.py
+++ b/ipaserver/install/certs.py
@@ -190,7 +190,10 @@ class CertDB(object):
self.certreq_fname = None
self.certder_fname = None
self.host_name = host_name
- self.cwd = os.getcwd()
+ try:
+ self.cwd = os.getcwd()
+ except OSError, e:
+ raise RuntimeError("Unable to determine the current directory: %s" % str(e))
self.self_signed_ca = ipa_self_signed()
@@ -352,6 +355,7 @@ class CertDB(object):
return False
def create_ca_cert(self):
+ os.chdir(self.secdir)
p = subprocess.Popen(["/usr/bin/certutil",
"-d", self.secdir,
"-S", "-n", self.cacert_name,
@@ -382,6 +386,7 @@ class CertDB(object):
p.stdin.write("y\n\ny\n")
p.stdin.write("5\n6\n7\n9\nn\n")
p.wait()
+ os.chdir(self.cwd)
def export_ca_cert(self, nickname, create_pkcs12=False):
"""create_pkcs12 tells us whether we should create a PKCS#12 file