I noticed that the file kpasswd init script reads is called
"/etc/sysconfig/ipa-kpasswd" but krbinstance.py saved and wrote into
"/etc/sysconfig/ipa_kpasswd".

I removed the linkes rather than fixing them for two reasons:
1) /var/kerberos/krb5kdc/kpasswd.keytab is the default
2) it probably wouldn't have worked anyway because the ktname must be
prefixed with "FILE:".
From c85c4a532ff698a9399884fcfac002dc6b0d7adb Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhro...@redhat.com>
Date: Tue, 19 Jul 2011 15:47:57 +0200
Subject: [PATCH 1/2] Remove wrong kpasswd sysconfig

---
 ipaserver/install/krbinstance.py |    3 ---
 1 files changed, 0 insertions(+), 3 deletions(-)

diff --git a/ipaserver/install/krbinstance.py b/ipaserver/install/krbinstance.py
index ecb8427..5326e2f 100644
--- a/ipaserver/install/krbinstance.py
+++ b/ipaserver/install/krbinstance.py
@@ -512,9 +512,6 @@ class KrbInstance(service.Service):
         self.fstore.backup_file("/var/kerberos/krb5kdc/kpasswd.keytab")
         installutils.create_keytab("/var/kerberos/krb5kdc/kpasswd.keytab", "kadmin/changepw")
 
-        self.fstore.backup_file("/etc/sysconfig/ipa_kpasswd")
-        update_key_val_in_file("/etc/sysconfig/ipa_kpasswd", "export KRB5_KTNAME", "/var/kerberos/krb5kdc/kpasswd.keytab")
-
     def __setup_pkinit(self):
         if self.self_signed_ca:
             ca_db = certs.CertDB(self.realm,
-- 
1.7.6

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to