diff options
author | Tomas Babej <tbabej@redhat.com> | 2014-05-29 14:47:17 +0200 |
---|---|---|
committer | Petr Viktorin <pviktori@redhat.com> | 2014-06-16 19:48:20 +0200 |
commit | 4d2ef43f287aa96df3d65b97977fc7a824b6b33c (patch) | |
tree | 4adba8f39e1f874c89a73993d6a6455b649b7bb9 /ipaserver/rpcserver.py | |
parent | c7edd7b68c98d105f02a5977a0ff7c2a3081f2c9 (diff) | |
download | freeipa-4d2ef43f287aa96df3d65b97977fc7a824b6b33c.tar.gz freeipa-4d2ef43f287aa96df3d65b97977fc7a824b6b33c.tar.xz freeipa-4d2ef43f287aa96df3d65b97977fc7a824b6b33c.zip |
ipaplatform: Move all filesystem paths to ipaplatform.paths module
https://fedorahosted.org/freeipa/ticket/4052
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
Diffstat (limited to 'ipaserver/rpcserver.py')
-rw-r--r-- | ipaserver/rpcserver.py | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/ipaserver/rpcserver.py b/ipaserver/rpcserver.py index edce23654..ff1b7fe65 100644 --- a/ipaserver/rpcserver.py +++ b/ipaserver/rpcserver.py @@ -51,6 +51,7 @@ from ipalib.krb_utils import ( KRB5_CCache, krb_ticket_expiration_threshold, krb5_format_principal_name, krb5_format_service_principal_name) from ipapython import ipautil +from ipaplatform.paths import paths from ipapython.version import VERSION from ipalib.text import _ @@ -977,7 +978,7 @@ class login_password(Backend, KerberosSession, HTTP_Status): # get http service ccache as an armor for FAST to enable OTP authentication armor_principal = krb5_format_service_principal_name( 'HTTP', self.api.env.host, realm) - keytab = '/etc/httpd/conf/ipa.keytab' + keytab = paths.IPA_KEYTAB armor_name = "%sA_%s" % (krbccache_prefix, user) armor_path = os.path.join(krbccache_dir, armor_name) @@ -985,7 +986,7 @@ class login_password(Backend, KerberosSession, HTTP_Status): armor_principal, keytab, armor_path) (stdout, stderr, returncode) = ipautil.run( - ['/usr/bin/kinit', '-kt', keytab, armor_principal], + [paths.KINIT, '-kt', keytab, armor_principal], env={'KRB5CCNAME': armor_path}, raiseonerr=False) if returncode != 0: @@ -995,7 +996,7 @@ class login_password(Backend, KerberosSession, HTTP_Status): principal = krb5_format_principal_name(user, realm) (stdout, stderr, returncode) = ipautil.run( - ['/usr/bin/kinit', principal, '-T', armor_path], + [paths.KINIT, principal, '-T', armor_path], env={'KRB5CCNAME': ccache_name}, stdin=password, raiseonerr=False) self.debug('kinit: principal=%s returncode=%s, stderr="%s"', @@ -1003,7 +1004,7 @@ class login_password(Backend, KerberosSession, HTTP_Status): self.debug('Cleanup the armor ccache') ipautil.run( - ['/usr/bin/kdestroy', '-A', '-c', armor_path], + [paths.KDESTROY, '-A', '-c', armor_path], env={'KRB5CCNAME': armor_path}, raiseonerr=False) |