I've polished the patch attached to #5586 by Timo Aaltonen.
Thanks for the patch. I've fixed the path in specfile and removed unused import but otherwise it works, ACK.
https://fedorahosted.org/freeipa/ticket/5586 -- David Kupka
From 8344b67c2cec25f0fb458a9bd1826a5e06c88aab Mon Sep 17 00:00:00 2001 From: Timo Aaltonen <tjaal...@ubuntu.com> Date: Tue, 19 Jan 2016 12:37:56 +0100 Subject: [PATCH] Move freeipa certmonger helpers to libexecdir. The scripts in this directory are simple python scripts, nothing arch-specific in them. Having them under libexec would simplify the code a bit too, since there would be no need to worry about lib vs lib64 (which also cause trouble on Debian). https://fedorahosted.org/freeipa/ticket/5586 --- freeipa.spec.in | 4 ++-- install/restart_scripts/Makefile.am | 2 +- ipaplatform/base/paths.py | 2 +- ipapython/certmonger.py | 13 ++----------- ipaserver/install/certs.py | 6 +----- 5 files changed, 7 insertions(+), 20 deletions(-) diff --git a/freeipa.spec.in b/freeipa.spec.in index 961d8c38e0dd5f954bfca47e8209a5655eaacc86..c30a9fd0c4189c5b57bc4b7eaa29da99cb96a976 100644 --- a/freeipa.spec.in +++ b/freeipa.spec.in @@ -1035,8 +1035,8 @@ fi %attr(0755,root,root) %{_libexecdir}/ipa/oddjob/org.freeipa.server.conncheck %config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.freeipa.server.conf %config(noreplace) %{_sysconfdir}/oddjobd.conf.d/ipa-server.conf -%dir %{_libdir}/ipa/certmonger -%attr(755,root,root) %{_libdir}/ipa/certmonger/* +%dir %{_libexecdir}/ipa/certmonger +%attr(755,root,root) %{_libexecdir}/ipa/certmonger/* # NOTE: systemd specific section %attr(644,root,root) %{_unitdir}/ipa.service %attr(644,root,root) %{_unitdir}/ipa-otpd.socket diff --git a/install/restart_scripts/Makefile.am b/install/restart_scripts/Makefile.am index c4bf8195ea85ee0a9dba53fc2581e90c18a9127d..dd949a940218641f99b4ec29e5cd3abdaad0e75a 100644 --- a/install/restart_scripts/Makefile.am +++ b/install/restart_scripts/Makefile.am @@ -1,6 +1,6 @@ NULL = -appdir = $(libdir)/ipa/certmonger +appdir = $(libexecdir)/ipa/certmonger app_DATA = \ restart_dirsrv \ restart_httpd \ diff --git a/ipaplatform/base/paths.py b/ipaplatform/base/paths.py index ee383711a711e7467d7b09dae4278d9dc1c41f63..bdff4f3934f3250bdfef3f913631b98d55d759b6 100644 --- a/ipaplatform/base/paths.py +++ b/ipaplatform/base/paths.py @@ -149,7 +149,7 @@ class BasePathNamespace(object): TMP_CA_P12 = "/tmp/ca.p12" TMP_KRB5CC = "/tmp/krb5cc_%d" USR_DIR = "/usr" - CERTMONGER_COMMAND_TEMPLATE = "/usr/%s/ipa/certmonger/%s" + CERTMONGER_COMMAND_TEMPLATE = "/usr/libexec/ipa/certmonger/%s" PKCS12EXPORT = "/usr/bin/PKCS12Export" CERTUTIL = "/usr/bin/certutil" CHROMIUM_BROWSER = "/usr/bin/chromium-browser" diff --git a/ipapython/certmonger.py b/ipapython/certmonger.py index f89ca0b7a1cbb9d34b0c044e30e213e7aa1c74fd..d62bdc320323608adfe0075f53484650d5595e94 100644 --- a/ipapython/certmonger.py +++ b/ipapython/certmonger.py @@ -25,7 +25,6 @@ from __future__ import print_function import os -import sys import time import dbus import shlex @@ -491,19 +490,11 @@ def dogtag_start_tracking(ca, nickname, pin, pinfile, secdir, pre_command, params['KEY_PIN_FILE'] = os.path.abspath(pinfile) if pre_command: if not os.path.isabs(pre_command): - if sys.maxsize > 2**32: - libpath = 'lib64' - else: - libpath = 'lib' - pre_command = certmonger_cmd_template % (libpath, pre_command) + pre_command = certmonger_cmd_template % (pre_command) params['cert-presave-command'] = pre_command if post_command: if not os.path.isabs(post_command): - if sys.maxsize > 2**32: - libpath = 'lib64' - else: - libpath = 'lib' - post_command = certmonger_cmd_template % (libpath, post_command) + post_command = certmonger_cmd_template % (post_command) params['cert-postsave-command'] = post_command if profile: params['ca-profile'] = profile diff --git a/ipaserver/install/certs.py b/ipaserver/install/certs.py index f74b76090bfe2670a998373e3c7cdc3c5727c465..c220ffdb3fea957bafc8d180da9c8c73d0cc2813 100644 --- a/ipaserver/install/certs.py +++ b/ipaserver/install/certs.py @@ -296,11 +296,7 @@ class CertDB(object): /usr/lib[64]/ipa/certmonger. """ if command is not None and not os.path.isabs(command): - if sys.maxsize > 2**32: - libpath = 'lib64' - else: - libpath = 'lib' - command = paths.CERTMONGER_COMMAND_TEMPLATE % (libpath, command) + command = paths.CERTMONGER_COMMAND_TEMPLATE % (command) try: request_id = certmonger.start_tracking(nickname, self.secdir, password_file, command) except RuntimeError as e: -- 2.5.0
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code