summaryrefslogtreecommitdiffstats
path: root/ipaserver/install/krainstance.py
diff options
context:
space:
mode:
Diffstat (limited to 'ipaserver/install/krainstance.py')
-rw-r--r--ipaserver/install/krainstance.py14
1 files changed, 10 insertions, 4 deletions
diff --git a/ipaserver/install/krainstance.py b/ipaserver/install/krainstance.py
index e2bd22e71..d7ab6fdaa 100644
--- a/ipaserver/install/krainstance.py
+++ b/ipaserver/install/krainstance.py
@@ -134,7 +134,10 @@ class KRAInstance(DogtagInstance):
self.step("enabling KRA instance", self.__enable_instance)
- self.start_creation(runtime=126)
+ try:
+ self.start_creation(runtime=126)
+ finally:
+ self.clean_pkispawn_files()
def __spawn_instance(self):
"""
@@ -148,6 +151,8 @@ class KRAInstance(DogtagInstance):
os.close(cfg_fd)
pent = pwd.getpwnam(self.service_user)
os.chown(cfg_file, pent.pw_uid, pent.pw_gid)
+ self.tmp_agent_db = tempfile.mkdtemp(
+ prefix="tmp-", dir=paths.VAR_LIB_IPA)
# Create KRA configuration
config = ConfigParser()
@@ -170,9 +175,10 @@ class KRAInstance(DogtagInstance):
config.set("KRA", "pki_backup_password", self.admin_password)
# Client security database
- config.set("KRA", "pki_client_database_dir", self.agent_db)
- config.set("KRA", "pki_client_database_password", self.admin_password)
- config.set("KRA", "pki_client_database_purge", "False")
+ config.set("KRA", "pki_client_database_dir", self.tmp_agent_db)
+ config.set("KRA", "pki_client_database_password",
+ ipautil.ipa_generate_password())
+ config.set("KRA", "pki_client_database_purge", "True")
config.set("KRA", "pki_client_pkcs12_password", self.admin_password)
# Administrator
generated by cgit (git 2.34.1) at 2024-06-27 19:58:19 +0000