BIGTOP-2800: provisioner fails for kerberos on centos-7
Project: http://git-wip-us.apache.org/repos/asf/bigtop/repo Commit: http://git-wip-us.apache.org/repos/asf/bigtop/commit/74e58d27 Tree: http://git-wip-us.apache.org/repos/asf/bigtop/tree/74e58d27 Diff: http://git-wip-us.apache.org/repos/asf/bigtop/diff/74e58d27 Branch: refs/heads/branch-1.2 Commit: 74e58d27696dfdfe76eef3120fa54f59854809e2 Parents: 0bc37b2 Author: Olaf Flebbe <[email protected]> Authored: Wed Jun 7 20:23:08 2017 +0200 Committer: Evans Ye <[email protected]> Committed: Sat Jul 1 12:52:57 2017 +0000 ---------------------------------------------------------------------- .../puppet/modules/kerberos/manifests/init.pp | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/bigtop/blob/74e58d27/bigtop-deploy/puppet/modules/kerberos/manifests/init.pp ---------------------------------------------------------------------- diff --git a/bigtop-deploy/puppet/modules/kerberos/manifests/init.pp b/bigtop-deploy/puppet/modules/kerberos/manifests/init.pp index 946f425..c6480f8 100644 --- a/bigtop-deploy/puppet/modules/kerberos/manifests/init.pp +++ b/bigtop-deploy/puppet/modules/kerberos/manifests/init.pp @@ -121,20 +121,23 @@ class kerberos { class admin_server inherits kerberos::kdc { - $se_hack = "setsebool -P kadmind_disable_trans 1 ; setsebool -P krb5kdc_disable_trans 1" package { "$package_name_admin": ensure => installed, require => Package["$package_name_kdc"], - } - + } + + exec { '/usr/bin/setsebool -P kadmind_disable_trans 1': + onlyif => '/usr/bin/test -f /usr/bin/setsebook' + } -> + exec { '/usr/bin/setsebool -P krb5kdc_disable_trans 1': + onlyif => '/usr/bin/test -f /usr/bin/setsebook' + } -> service { "$service_name_admin": ensure => running, require => [Package["$package_name_admin"], Service["$service_name_kdc"]], subscribe => [File["${kdc_etc_path}/kadm5.acl"], File["${kdc_etc_path}/kdc.conf"]], hasrestart => true, - restart => "${se_hack} ; service ${service_name_admin} restart", - start => "${se_hack} ; service ${service_name_admin} start", } } }
