From da2605c942b6119b69e14ab5bec53ddda4393808 Mon Sep 17 00:00:00 2001
From: Ana Krivokapic <akrivoka@redhat.com>
Date: Mon, 29 Jul 2013 18:33:09 +0200
Subject: Handle --subject option in ipa-server-install

Properly handle --subject option of ipa-server-install, making sure this
value gets passed to certmap.conf. Introduce a new template variable
$SUBJECT_BASE for this purpose.

Also make sure that this value is preserved on upgrades.

https://fedorahosted.org/freeipa/ticket/3783
---
 ipaserver/install/dsinstance.py | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'ipaserver')

diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py
index e48ced4b8..881575729 100644
--- a/ipaserver/install/dsinstance.py
+++ b/ipaserver/install/dsinstance.py
@@ -37,6 +37,7 @@ import certs
 import ldap
 from ipaserver.install import ldapupdate
 from ipaserver.install import replication
+from ipaserver.install import sysupgrade
 from ipalib import errors
 from ipapython.dn import DN
 
@@ -653,7 +654,12 @@ class DsInstance(service.Service):
         shutil.copyfile(ipautil.SHARE_DIR + "certmap.conf.template",
                         config_dirname(self.serverid) + "certmap.conf")
         installutils.update_file(config_dirname(self.serverid) + "certmap.conf",
-                                 '$REALM', self.realm_name)
+                                 '$SUBJECT_BASE', str(self.subject_base))
+        sysupgrade.set_upgrade_state(
+            'certmap.conf',
+            'subject_base',
+            str(self.subject_base)
+        )
 
     def __enable_ldapi(self):
         self._ldap_mod("ldapi.ldif", self.sub_dict)
-- 
cgit