diff options
| author | Martin Babinsky <mbabinsk@redhat.com> | 2017-02-17 14:33:40 +0100 |
|---|---|---|
| committer | Martin Basti <mbasti@redhat.com> | 2017-02-22 18:50:30 +0100 |
| commit | ce3baf28ce81458e1c5bf57188858d3d120ec3dd (patch) | |
| tree | 0d8634729fc94c7a3d36f1f03c6d71e09b79e935 /ipaserver | |
| parent | 6c0baa6208c2bf97b5ed7ea6e9836963dced64b0 (diff) | |
| download | freeipa-ce3baf28ce81458e1c5bf57188858d3d120ec3dd.tar.gz freeipa-ce3baf28ce81458e1c5bf57188858d3d120ec3dd.tar.xz freeipa-ce3baf28ce81458e1c5bf57188858d3d120ec3dd.zip | |
httpinstance: re-use parent's methods to retrieve anonymous keytab
https://fedorahosted.org/freeipa/ticket/6638
Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Diffstat (limited to 'ipaserver')
| -rw-r--r-- | ipaserver/install/httpinstance.py | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py index 435130b31..7979ca116 100644 --- a/ipaserver/install/httpinstance.py +++ b/ipaserver/install/httpinstance.py @@ -317,12 +317,15 @@ class HTTPInstance(service.Service): parent = os.path.dirname(paths.ANON_KEYTAB) if not os.path.exists(parent): os.makedirs(parent, 0o755) + + self.clean_previous_keytab(keytab=paths.ANON_KEYTAB) self.run_getkeytab(self.api.env.ldap_uri, paths.ANON_KEYTAB, ANON_USER) pent = pwd.getpwnam(IPAAPI_USER) os.chmod(parent, 0o700) os.chown(parent, pent.pw_uid, pent.pw_gid) - os.chown(paths.ANON_KEYTAB, pent.pw_uid, pent.pw_gid) + + self.set_keytab_owner(keytab=paths.ANON_KEYTAB, owner=IPAAPI_USER) def create_password_conf(self): """ |