jcholast's pull request #89: "client: remove hard dependency on pam_krb5" was opened
PR body: """ If ipa-client-install is executed with --no-sssd, check if pam_krb5 is available before proceeding with the install. https://fedorahosted.org/freeipa/ticket/5557 """ See the full pull-request at https://github.com/freeipa/freeipa/pull/89 ... or pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/89/head:pr89 git checkout pr89
From d3c69a74c9009bc394fc5bec974ad4add207fd8c Mon Sep 17 00:00:00 2001 From: Jan Cholasta <jchol...@redhat.com> Date: Mon, 1 Aug 2016 10:51:24 +0200 Subject: [PATCH] client: remove hard dependency on pam_krb5 If ipa-client-install is executed with --no-sssd, check if pam_krb5 is available before proceeding with the install. https://fedorahosted.org/freeipa/ticket/5557 --- client/ipa-client-install | 4 ++++ freeipa.spec.in | 1 - ipaplatform/base/paths.py | 2 ++ ipaplatform/redhat/paths.py | 1 + 4 files changed, 7 insertions(+), 1 deletion(-) diff --git a/client/ipa-client-install b/client/ipa-client-install index 535fe65..f22e653 100755 --- a/client/ipa-client-install +++ b/client/ipa-client-install @@ -2289,6 +2289,10 @@ def install(options, env, fstore, statestore): # when installing with '--no-sssd' option, check whether nss-ldap is installed if not options.sssd: + if not os.path.exists(paths.PAM_KRB5_SO): + root_logger.error("The pam_krb5 package must be installed") + return CLIENT_INSTALL_ERROR + (nssldap_installed, nosssd_files) = nssldap_exists() if not nssldap_installed: root_logger.error("One of these packages must be installed: " + diff --git a/freeipa.spec.in b/freeipa.spec.in index 589060b..3b0e4b2 100644 --- a/freeipa.spec.in +++ b/freeipa.spec.in @@ -326,7 +326,6 @@ Requires: cyrus-sasl-gssapi%{?_isa} Requires: ntp Requires: krb5-workstation Requires: authconfig -Requires: pam_krb5 Requires: curl # NIS domain name config: /usr/lib/systemd/system/*-domainname.service Requires: initscripts diff --git a/ipaplatform/base/paths.py b/ipaplatform/base/paths.py index f927a7a..3926c94 100644 --- a/ipaplatform/base/paths.py +++ b/ipaplatform/base/paths.py @@ -191,11 +191,13 @@ class BasePathNamespace(object): USR_LIB_DIRSRV = "/usr/lib/dirsrv" LIB_FIREFOX = "/usr/lib/firefox" LIBSOFTHSM2_SO = "/usr/lib/pkcs11/libsofthsm2.so" + PAM_KRB5_SO = "/usr/lib64/security/pam_krb5.so" LIB_SYSTEMD_SYSTEMD_DIR = "/usr/lib/systemd/system/" BIND_LDAP_SO_64 = "/usr/lib64/bind/ldap.so" USR_LIB_DIRSRV_64 = "/usr/lib64/dirsrv" LIB64_FIREFOX = "/usr/lib64/firefox" LIBSOFTHSM2_SO_64 = "/usr/lib64/pkcs11/libsofthsm2.so" + PAM_KRB5_SO_64 = "/usr/lib64/security/pam_krb5.so" DOGTAG_IPA_CA_RENEW_AGENT_SUBMIT = "/usr/libexec/certmonger/dogtag-ipa-ca-renew-agent-submit" DOGTAG_IPA_RENEW_AGENT_SUBMIT = "/usr/libexec/certmonger/dogtag-ipa-renew-agent-submit" IPA_SERVER_GUARD = "/usr/libexec/certmonger/ipa-server-guard" diff --git a/ipaplatform/redhat/paths.py b/ipaplatform/redhat/paths.py index b80a1b4..b27b065 100644 --- a/ipaplatform/redhat/paths.py +++ b/ipaplatform/redhat/paths.py @@ -32,6 +32,7 @@ class RedHatPathNamespace(BasePathNamespace): # https://docs.python.org/2/library/platform.html#cross-platform if sys.maxsize > 2**32: LIBSOFTHSM2_SO = BasePathNamespace.LIBSOFTHSM2_SO_64 + PAM_KRB5_SO = BasePathNamespace.PAM_KRB5_SO_64 paths = RedHatPathNamespace()
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
