Hi, the attached patch fixes <https://fedorahosted.org/freeipa/ticket/6032>.
Honza -- Jan Cholasta
From 5dc9e3a60dcdec0d9cd00bfc8819c1c01e2c4e0f Mon Sep 17 00:00:00 2001 From: Jan Cholasta <jchol...@redhat.com> Date: Tue, 16 Aug 2016 17:34:06 +0200 Subject: [PATCH] server install: do not prompt for cert file PIN repeatedly Prompt for PIN only once in interactive mode. This fixes ipa-server-install, ipa-server-certinstall and ipa-replica-prepare prompting over and over when the PIN is empty. https://fedorahosted.org/freeipa/ticket/6032 --- ipaserver/install/ipa_replica_prepare.py | 6 +++--- ipaserver/install/ipa_server_certinstall.py | 3 ++- ipaserver/install/server/install.py | 6 +++--- 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/ipaserver/install/ipa_replica_prepare.py b/ipaserver/install/ipa_replica_prepare.py index a6f0f1e..9467276 100644 --- a/ipaserver/install/ipa_replica_prepare.py +++ b/ipaserver/install/ipa_replica_prepare.py @@ -307,7 +307,7 @@ class ReplicaPrepare(admintool.AdminTool): if options.http_pin is None: options.http_pin = installutils.read_password( "Enter Apache Server private key unlock", - confirm=False, validate=False) + confirm=False, validate=False, retry=False) if options.http_pin is None: raise admintool.ScriptError( "Apache Server private key unlock password required") @@ -321,7 +321,7 @@ class ReplicaPrepare(admintool.AdminTool): if options.dirsrv_pin is None: options.dirsrv_pin = installutils.read_password( "Enter Directory Server private key unlock", - confirm=False, validate=False) + confirm=False, validate=False, retry=False) if options.dirsrv_pin is None: raise admintool.ScriptError( "Directory Server private key unlock password required") @@ -335,7 +335,7 @@ class ReplicaPrepare(admintool.AdminTool): if options.pkinit_pin is None: options.pkinit_pin = installutils.read_password( "Enter Kerberos KDC private key unlock", - confirm=False, validate=False) + confirm=False, validate=False, retry=False) if options.pkinit_pin is None: raise admintool.ScriptError( "Kerberos KDC private key unlock password required") diff --git a/ipaserver/install/ipa_server_certinstall.py b/ipaserver/install/ipa_server_certinstall.py index 5ab4730..0a8fb21 100644 --- a/ipaserver/install/ipa_server_certinstall.py +++ b/ipaserver/install/ipa_server_certinstall.py @@ -92,7 +92,8 @@ class ServerCertInstall(admintool.AdminTool): if self.options.pin is None: self.options.pin = installutils.read_password( - "Enter private key unlock", confirm=False, validate=False) + "Enter private key unlock", + confirm=False, validate=False, retry=False) if self.options.pin is None: raise admintool.ScriptError( "Private key unlock password required") diff --git a/ipaserver/install/server/install.py b/ipaserver/install/server/install.py index 8dc7a68..8d7fa9c 100644 --- a/ipaserver/install/server/install.py +++ b/ipaserver/install/server/install.py @@ -488,7 +488,7 @@ def install_check(installer): if options.http_pin is None: options.http_pin = installutils.read_password( "Enter Apache Server private key unlock", - confirm=False, validate=False) + confirm=False, validate=False, retry=False) if options.http_pin is None: raise ScriptError( "Apache Server private key unlock password required") @@ -504,7 +504,7 @@ def install_check(installer): if options.dirsrv_pin is None: options.dirsrv_pin = read_password( "Enter Directory Server private key unlock", - confirm=False, validate=False) + confirm=False, validate=False, retry=False) if options.dirsrv_pin is None: raise ScriptError( "Directory Server private key unlock password required") @@ -520,7 +520,7 @@ def install_check(installer): if options.pkinit_pin is None: options.pkinit_pin = read_password( "Enter Kerberos KDC private key unlock", - confirm=False, validate=False) + confirm=False, validate=False, retry=False) if options.pkinit_pin is None: raise ScriptError( "Kerberos KDC private key unlock password required") -- 2.7.4
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code