[Freeipa-devel] [PATCH 0001] ipa-client-install: attempt to get host TGT several times before aborting client installation
Rob Crittenden
rcritten at redhat.com
Mon Mar 2 15:28:14 UTC 2015
Petr Vobornik wrote:
>>>>>>> On 01/12/2015 05:45 PM, Martin Babinsky wrote:
>>>>>>>> related to ticket https://fedorahosted.org/freeipa/ticket/4808
>
> this patch seems to be a bit forgotten.
>
> It works, looks fine.
>
> One minor issue: trailing whitespaces in the man page.
>
> I also wonder if it shouldn't be used in other tools which call kinit
> with keytab:
> * ipa-client-automount:434
> * ipa-client-install:2591 (this usage should be fine since it's used for
> server installation)
> * dcerpc.py:545
> * rpcserver.py: 971, 981 (armor for web ui forms base auth)
>
> Most importantly the ipa-client-automount because it's called from
> ipa-client-install (if location is specified) and therefore it might
> fail during client installation.
>
> Or also, kinit call with admin creadentials worked for the user but I
> wonder if it was just a coincidence and may break under slightly
> different but similar conditions.
I think that's a fine idea. In fact there is already a function that
could be extended, kinit_hostprincipal().
rob
More information about the Freeipa-devel
mailing list