Fix creating a host with --password= (yes, an empty password). The
ticket has full reproduction details.
rob
From 1f854bf29e8584169a6f7e0607b2dcc9d641f84d Mon Sep 17 00:00:00 2001
From: Rob Crittenden rcrit...@redhat.com
Date: Tue, 14 Jan 2014 14:23:47 -0500
Subject: [PATCH] Change the way we determine if the host has a password set.
When creating a host with a password we don't set a Kerberos
principal or add the Kerberos objectclasses. Those get added when the
host is enrolled. If one passed in --password= (so no password) then
we incorrectly thought the user was in fact setting a password, so the
principal and objectclasses weren't updated.
https://fedorahosted.org/freeipa/ticket/4102
---
ipalib/plugins/host.py | 2 +-
ipatests/test_xmlrpc/test_host_plugin.py | 27 +++
2 files changed, 28 insertions(+), 1 deletion(-)
diff --git a/ipalib/plugins/host.py b/ipalib/plugins/host.py
index ef7ec5284aeda87971a1aa5e19107dd572f674e0..27b692a9e6bea57daa15561931b06be994800284 100644
--- a/ipalib/plugins/host.py
+++ b/ipalib/plugins/host.py
@@ -424,7 +424,7 @@ class host_add(LDAPCreate):
entry_attrs['l'] = entry_attrs['locality']
entry_attrs['cn'] = keys[-1]
entry_attrs['serverhostname'] = keys[-1].split('.', 1)[0]
-if 'userpassword' not in entry_attrs and not options.get('random', False):
+if not entry_attrs.get('userpassword', False) and not options.get('random', False):
entry_attrs['krbprincipalname'] = 'host/%s@%s' % (
keys[-1], self.api.env.realm
)
diff --git a/ipatests/test_xmlrpc/test_host_plugin.py b/ipatests/test_xmlrpc/test_host_plugin.py
index a23a34112f5c041a8325d5090580b535d93c7a72..7b64398fadd236b9b06723ef561cb19d61bca6d5 100644
--- a/ipatests/test_xmlrpc/test_host_plugin.py
+++ b/ipatests/test_xmlrpc/test_host_plugin.py
@@ -863,6 +863,33 @@ class test_host(Declarative):
),
),
+
+dict(
+desc='Create a host with a NULL password',
+command=('host_add', [fqdn3],
+dict(
+description=u'Test host 3',
+force=True,
+userpassword=None,
+),
+),
+expected=dict(
+value=fqdn3,
+summary=u'Added host %s' % fqdn3,
+result=dict(
+dn=dn3,
+fqdn=[fqdn3],
+description=[u'Test host 3'],
+krbprincipalname=[u'host/%s@%s' % (fqdn3, api.env.realm)],
+objectclass=objectclasses.host,
+ipauniqueid=[fuzzy_uuid],
+managedby_host=[u'%s' % fqdn3],
+has_keytab=False,
+has_password=False,
+),
+),
+),
+
]
class test_host_false_pwd_change(XMLRPC_test):
--
1.8.4.2
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel