[Freeipa-devel] [PATCH 0065] Use private ccache in ipa-server-install
Martin Kosek
mkosek at redhat.com
Mon Jun 3 12:58:56 UTC 2013
On 06/03/2013 02:43 PM, Tomas Babej wrote:
> Hi,
>
> this patch fixes the installation problems on master on F19 with krb5 packages
>>= 1.11.2-6
>
> https://fedorahosted.org/freeipa/ticket/3666
>
> Tomas
1) Leaving cache_desc open:
+ (cache_desc, cache_path) = tempfile.mkstemp(prefix='krbcc')
+ os.environ['KRB5CCNAME'] = cache_path
Why do we keep the descriptor open and close it at the and of the installation?
Can we close it right after tempfile.mkstemp? I think we do it this way in
other places in installation.
2) What about other installers where we handle Kerberos auth, like
ipa-{replica,dns,ca}-install?
A common function, other shared means, of handling KRB5CCNAME may be
appropriate to avoid duplicating code too much.
Martin
More information about the Freeipa-devel
mailing list