internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-06-13 12:15:53 +00:00
Code Issues Projects Releases Wiki Activity

library/ipatest.py: Fix krb5_keytab_ok detection to work always

Browse Source
This commit is contained in:
Thomas Woerner
2017-10-02 19:00:25 +02:00
parent 92b824d8d2
commit 0611704cb5
1 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
library/ipatest.py
View File

@@ -183,7 +183,7 @@ def main():
host_principal = 'host/%s@%s' % (hostname, realm) host_principal = 'host/%s@%s' % (hostname, realm)
sssd = True sssd = True
krb5_keytab_ok = True krb5_keytab_ok = False
try: try:
(krb_fd, krb_name) = tempfile.mkstemp() (krb_fd, krb_name) = tempfile.mkstemp()
os.close(krb_fd) os.close(krb_fd)
@@ -208,10 +208,9 @@ def main():
paths.IPA_DNS_CCACHE, paths.IPA_DNS_CCACHE,
config=krb_name, config=krb_name,
attempts=kinit_attempts) attempts=kinit_attempts)
krb5_keytab_ok = True
except gssapi.exceptions.GSSError as e: except gssapi.exceptions.GSSError as e:
# failure to get ticket makes it impossible to login and bind pass
# from sssd to LDAP, abort installation and rollback changes
krb5_keytab_ok = False
finally: finally:
try: try:
@@ -219,7 +218,8 @@ def main():
except OSError: except OSError:
module.fail_json(msg="Could not remove %s" % krb_name) module.fail_json(msg="Could not remove %s" % krb_name)
module.exit_json(changed=False, krb5_keytab_ok=krb5_keytab_ok) module.exit_json(changed=False,
krb5_keytab_ok=krb5_keytab_ok)
if __name__ == '__main__': if __name__ == '__main__':
main() main()