← Back to branch summary

~ubuntu-branches/ubuntu/trusty/freeipa/trusty-updates

« back to all changes in this revision

Viewing changes to debian/patches/use-new-nssdb.diff

  • Committer: Package Import Robot
  • Author(s): Timo Aaltonen
  • Date: 2014-04-10 11:57:53 UTC
  • Revision ID: package-import@ubuntu.com-20140410115753-epi2yo0kuv8g11vc
Tags: 3.3.4-0ubuntu3
https://launchpad.net/bugs/1282818
* Merge from unreleased debian git:
  Fix ipa-client-install issues (LP: #1282818)
  - fix auth platform module
  - use new pykerberos api
  - don't install a default conf
  - use sqlite-based nssdb's instead of old

Show diffs side-by-side

added added

removed removed

Lines of Context:
debian/patches/use-new-nssdb.diff
 
1
--- a/ipa-client/ipa-install/ipa-client-install
 
2
+++ b/ipa-client/ipa-install/ipa-client-install
 
3
@@ -201,7 +201,7 @@ def log_service_error(name, action, erro
 
4
     root_logger.error("%s failed to %s: %s", name, action, str(error))
 
5
 
 
6
 def nickname_exists(nickname):
 
7
-        (sout, serr, returncode) = run(["/usr/bin/certutil", "-L", "-d", "/etc/pki/nssdb", "-n", nickname], raiseonerr=False)
 
8
+        (sout, serr, returncode) = run(["/usr/bin/certutil", "-L", "-d", "sql:/etc/pki/nssdb", "-n", nickname], raiseonerr=False)
 
9
 
 
10
         if returncode == 0:
 
11
             return True
 
12
@@ -365,7 +365,7 @@ def uninstall(options, env):
 
13
     # Remove our host cert and CA cert
 
14
     if nickname_exists("IPA CA"):
 
15
         try:
 
16
-            run(["/usr/bin/certutil", "-D", "-d", "/etc/pki/nssdb", "-n", "IPA CA"])
 
17
+            run(["/usr/bin/certutil", "-D", "-d", "sql:/etc/pki/nssdb", "-n", "IPA CA"])
 
18
         except Exception, e:
 
19
             root_logger.error(
 
20
                 "Failed to remove IPA CA from /etc/pki/nssdb: %s", str(e))
 
21
@@ -393,7 +393,7 @@ def uninstall(options, env):
 
22
 
 
23
     if nickname_exists(client_nss_nickname):
 
24
         try:
 
25
-            run(["/usr/bin/certutil", "-D", "-d", "/etc/pki/nssdb", "-n", client_nss_nickname])
 
26
+            run(["/usr/bin/certutil", "-D", "-d", "sql:/etc/pki/nssdb", "-n", client_nss_nickname])
 
27
         except Exception, e:
 
28
             root_logger.error("Failed to remove %s from /etc/pki/nssdb: %s",
 
29
                 client_nss_nickname, str(e))
 
30
@@ -2297,7 +2297,7 @@ def install(options, env, fstore, states
 
31
 
 
32
     # Add the CA to the default NSS database and trust it
 
33
     try:
 
34
-        run(["/usr/bin/certutil", "-A", "-d", "/etc/pki/nssdb", "-n", "IPA CA", "-t", "CT,C,C", "-a", "-i", CACERT])
 
35
+        run(["/usr/bin/certutil", "-A", "-d", "sql:/etc/pki/nssdb", "-n", "IPA CA", "-t", "CT,C,C", "-a", "-i", CACERT])
 
36
     except CalledProcessError, e:
 
37
         root_logger.info("Failed to add CA to the default NSS database.")
 
38
         return CLIENT_INSTALL_ERROR
 
39
--- a/ipalib/rpc.py
 
40
+++ b/ipalib/rpc.py
 
41
@@ -322,7 +322,7 @@ class SSLTransport(LanguageAwareTranspor
 
42
             if self._connection and host == self._connection[0]:
 
43
                 return self._connection[1]
 
44
 
 
45
-        dbdir = '/etc/pki/nssdb'
 
46
+        dbdir = 'sql:/etc/pki/nssdb'
 
47
         no_init = self.__nss_initialized(dbdir)
 
48
         if sys.version_info < (2, 7):
 
49
             conn = NSSHTTPS(host, 443, dbdir=dbdir, no_init=no_init)