From 186d2373e65ae30e0fe0f7e1c606ad78e297a282 Mon Sep 17 00:00:00 2001
From: Thomas Woerner <twoerner@redhat.com>
Date: Mon, 22 Jul 2019 17:52:14 +0200
Subject: [PATCH] ansible_ipa_replica: Dropped unused ds_init_info and
krb_init_info functions
These functions are not used and therefore these functions have been
removed.
---
.../module_utils/ansible_ipa_replica.py | 137 ------------------
1 file changed, 137 deletions(-)
diff --git a/roles/ipareplica/module_utils/ansible_ipa_replica.py b/roles/ipareplica/module_utils/ansible_ipa_replica.py
index c2664209..ae05e45e 100644
--- a/roles/ipareplica/module_utils/ansible_ipa_replica.py
+++ b/roles/ipareplica/module_utils/ansible_ipa_replica.py
@@ -326,40 +326,6 @@ def gen_ReplicaConfig():
return config
-def ds_init_info(ansible_log, fstore, domainlevel, dirsrv_config_file,
- realm_name, host_name, domain_name, dm_password,
- idstart, idmax, subject_base, ca_subject,
- #no_hbac_allow,
- dirsrv_pkcs12_info, no_pkinit,
- external_cert_files, dirsrv_cert_files):
-
- if not external_cert_files:
- ds = dsinstance.DsInstance(fstore=fstore, domainlevel=domainlevel,
- config_ldif=dirsrv_config_file)
- ds.set_output(ansible_log)
-
- if dirsrv_cert_files:
- _dirsrv_pkcs12_info = dirsrv_pkcs12_info
- else:
- _dirsrv_pkcs12_info = None
-
- with redirect_stdout(ansible_log):
- ds.init_info(realm_name, host_name, domain_name, dm_password,
- subject_base, ca_subject, idstart, idmax,
- #hbac_allow=not no_hbac_allow,
- _dirsrv_pkcs12_info, setup_pkinit=not no_pkinit)
- else:
- ds = dsinstance.DsInstance(fstore=fstore, domainlevel=domainlevel)
- ds.set_output(ansible_log)
-
- with redirect_stdout(ansible_log):
- ds.init_info(realm_name, host_name, domain_name, dm_password,
- subject_base, ca_subject, 1101, 1100, None,
- setup_pkinit=not no_pkinit)
-
- return ds
-
-
def replica_ds_init_info(ansible_log,
config, options, ca_is_configured, remote_api,
ds_ca_subject, ca_file,
@@ -425,109 +391,6 @@ def replica_ds_init_info(ansible_log,
return ds
-def krb_init_info(ansible_log, fstore, realm_name, host_name, no_pkinit,
- subject_base):
- krb = krbinstance.KrbInstance(fstore)
- krb.set_output(ansible_log)
- with redirect_stdout(ansible_log):
- krb.init_info(realm_name, host_name, etup_pkinit=not no_pkinit,
- subject_base=subject_base)
-
-
-def replica_krb_init_info(ansible_log, fstore, realm_name, master_host_name,
- host_name, domain_name, admin_password,
- no_pkinit, subject_base, pkcs12_info=None):
- # promote is not needed here
-
- # From replicainstall.install_krb
- krb = krbinstance.KrbInstance(fstore=fstore)
- krb.set_output(ansible_log)
-
- # pkinit files
- if pkcs12_info is None:
- pkcs12_info = make_pkcs12_info(config.dir, "pkinitcert.p12",
- "pkinit_pin.txt")
-
- #krb.create_replica(realm_name,
- # master_host_name, host_name,
- # domain_name, dirman_password,
- # setup_pkinit, pkcs12_info,
- # subject_base=subject_base,
- # promote=promote)
- with redirect_stdout(ansible_log):
- krb.init_info(realm_name, host_name, setup_pkinit=not no_pkinit,
- subject_base=subject_base)
-
- # From ipaserver.install.krbinstance.create_replica
-
- krb.pkcs12_info = pkcs12_info
- krb.subject_base = subject_base
- krb.master_fqdn = master_host_name
- krb.config_pkinit = not no_pkinit
-
- #krb.__common_setup(realm_name, host_name, domain_name, admin_password)
- krb.fqdn = host_name
- krb.realm = realm_name.upper()
- krb.host = host_name.split(".")[0]
- krb.ip = socket.getaddrinfo(host_name, None, socket.AF_UNSPEC, socket.SOCK_STREAM)[0][4][0]
- krb.domain = domain_name
- krb.suffix = ipautil.realm_to_suffix(krb.realm)
- krb.kdc_password = ipautil.ipa_generate_password()
- krb.admin_password = admin_password
- krb.dm_password = admin_password
-
- #krb.__setup_sub_dict()
- if os.path.exists(paths.COMMON_KRB5_CONF_DIR):
- includes = 'includedir {}'.format(paths.COMMON_KRB5_CONF_DIR)
- else:
- includes = ''
-
- krb.sub_dict = dict(FQDN=krb.fqdn,
- IP=krb.ip,
- PASSWORD=krb.kdc_password,
- SUFFIX=krb.suffix,
- DOMAIN=krb.domain,
- HOST=krb.host,
- SERVER_ID=installutils.realm_to_serverid(krb.realm),
- REALM=krb.realm,
- KRB5KDC_KADM5_ACL=paths.KRB5KDC_KADM5_ACL,
- DICT_WORDS=paths.DICT_WORDS,
- KRB5KDC_KADM5_KEYTAB=paths.KRB5KDC_KADM5_KEYTAB,
- KDC_CERT=paths.KDC_CERT,
- KDC_KEY=paths.KDC_KEY,
- CACERT_PEM=paths.CACERT_PEM,
- KDC_CA_BUNDLE_PEM=paths.KDC_CA_BUNDLE_PEM,
- CA_BUNDLE_PEM=paths.CA_BUNDLE_PEM,
- INCLUDES=includes)
-
- # IPA server/KDC is not a subdomain of default domain
- # Proper domain-realm mapping needs to be specified
- domain = dnsname.from_text(krb.domain)
- fqdn = dnsname.from_text(krb.fqdn)
- if not fqdn.is_subdomain(domain):
- logger.debug("IPA FQDN '%s' is not located in default domain '%s'",
- fqdn, domain)
- server_domain = fqdn.parent().to_unicode(omit_final_dot=True)
- logger.debug("Domain '%s' needs additional mapping in krb5.conf",
- server_domain)
- dr_map = " .%(domain)s = %(realm)s\n %(domain)s = %(realm)s\n" \
- % dict(domain=server_domain, realm=krb.realm)
- else:
- dr_map = ""
- krb.sub_dict['OTHER_DOMAIN_REALM_MAPS'] = dr_map
-
- # Configure KEYRING CCACHE if supported
- if kernel_keyring.is_persistent_keyring_supported():
- logger.debug("Enabling persistent keyring CCACHE")
- krb.sub_dict['OTHER_LIBDEFAULTS'] = \
- " default_ccache_name = KEYRING:persistent:%{uid}\n"
- else:
- logger.debug("Persistent keyring CCACHE is not enabled")
- krb.sub_dict['OTHER_LIBDEFAULTS'] = ''
-
- return krb
-
-
def ansible_module_get_parsed_ip_addresses(ansible_module,
param='ip_addresses'):
ip_addrs = []
--
GitLab