diff options
-rwxr-xr-x | install/tools/ipa-ca-install | 5 | ||||
-rw-r--r-- | ipapython/ipautil.py | 24 | ||||
-rw-r--r-- | ipaserver/dcerpc.py | 4 | ||||
-rw-r--r-- | ipaserver/install/installutils.py | 22 | ||||
-rw-r--r-- | ipaserver/install/server/install.py | 3 |
5 files changed, 29 insertions, 29 deletions
diff --git a/install/tools/ipa-ca-install b/install/tools/ipa-ca-install index 36b89b643..8b1cea8d5 100755 --- a/install/tools/ipa-ca-install +++ b/install/tools/ipa-ca-install @@ -25,8 +25,7 @@ from ipapython import ipautil from ipaserver.install import installutils from ipaserver.install import certs -from ipaserver.install.installutils import (private_ccache, - create_replica_config) +from ipaserver.install.installutils import create_replica_config from ipaserver.install import dsinstance, ca from ipapython import version from ipalib import api @@ -209,7 +208,7 @@ Run /usr/sbin/ipa-server-install --uninstall to clean up. if __name__ == '__main__': try: - with private_ccache(): + with ipautil.private_ccache(): installutils.run_script(main, log_file_name=log_file_name, operation_name='ipa-ca-install', fail_message=fail_message) diff --git a/ipapython/ipautil.py b/ipapython/ipautil.py index abdb96d9b..f0c9c6b5a 100644 --- a/ipapython/ipautil.py +++ b/ipapython/ipautil.py @@ -38,6 +38,7 @@ import krbV import pwd from dns import resolver, rdatatype from dns.exception import DNSException +from contextlib import contextmanager from ipapython.ipa_log_manager import * from ipapython import ipavalidate @@ -1300,3 +1301,26 @@ def restore_hostname(statestore): run([paths.BIN_HOSTNAME, old_hostname]) except CalledProcessError, e: print >>sys.stderr, "Failed to set this machine hostname back to %s: %s" % (old_hostname, str(e)) + + +@contextmanager +def private_ccache(path=None): + + if path is None: + (desc, path) = tempfile.mkstemp(prefix='krbcc') + os.close(desc) + + original_value = os.environ.get('KRB5CCNAME', None) + + os.environ['KRB5CCNAME'] = path + + try: + yield + finally: + if original_value is not None: + os.environ['KRB5CCNAME'] = original_value + else: + os.environ.pop('KRB5CCNAME') + + if os.path.exists(path): + os.remove(path) diff --git a/ipaserver/dcerpc.py b/ipaserver/dcerpc.py index 44689cc96..a1c57d22c 100644 --- a/ipaserver/dcerpc.py +++ b/ipaserver/dcerpc.py @@ -590,7 +590,7 @@ class DomainValidator(object): (ccache_name, principal) = self.kinit_as_http(info['dns_domain']) if ccache_name: - with installutils.private_ccache(path=ccache_name): + with ipautil.private_ccache(path=ccache_name): entries = None try: @@ -1093,7 +1093,7 @@ def fetch_domains(api, mydomain, trustdomain, creds=None): td.creds = credentials.Credentials() td.creds.set_kerberos_state(credentials.MUST_USE_KERBEROS) if ccache_name: - with installutils.private_ccache(path=ccache_name): + with ipautil.private_ccache(path=ccache_name): td.creds.guess(td.parm) td.creds.set_workstation(domain_validator.flatname) domains = communicate(td) diff --git a/ipaserver/install/installutils.py b/ipaserver/install/installutils.py index ef95b4907..9d0998f5f 100644 --- a/ipaserver/install/installutils.py +++ b/ipaserver/install/installutils.py @@ -915,28 +915,6 @@ def load_pkcs12(cert_files, key_password, key_nickname, ca_cert_files, return out_file, out_password, ca_cert -@contextmanager -def private_ccache(path=None): - - if path is None: - (desc, path) = tempfile.mkstemp(prefix='krbcc') - os.close(desc) - - original_value = os.environ.get('KRB5CCNAME', None) - - os.environ['KRB5CCNAME'] = path - - try: - yield - finally: - if original_value is not None: - os.environ['KRB5CCNAME'] = original_value - else: - os.environ.pop('KRB5CCNAME') - - if os.path.exists(path): - os.remove(path) - @contextmanager def stopped_service(service, instance_name=""): diff --git a/ipaserver/install/server/install.py b/ipaserver/install/server/install.py index faa96127a..7bcb5d176 100644 --- a/ipaserver/install/server/install.py +++ b/ipaserver/install/server/install.py @@ -28,8 +28,7 @@ from ipaserver.install import ( otpdinstance, replication, service, sysupgrade) from ipaserver.install.installutils import ( IPA_MODULES, BadHostError, get_fqdn, get_server_ip_address, - is_ipa_configured, load_pkcs12, private_ccache, - read_password, verify_fqdn) + is_ipa_configured, load_pkcs12, read_password, verify_fqdn) from ipaserver.plugins.ldap2 import ldap2 try: from ipaserver.install import adtrustinstance |