rpms/ansible-freeipa
6
0
Fork 0
Code Issues Pull Requests Releases Activity
3f1f3b3cb3
ansible-freeipa/SOURCES/ansible-freeipa-1.6.3-ipaserver-Add-missing-idstart-check_de8911a_RHBZ#2132977.patch
CentOS Sources 3f1f3b3cb3 import ansible-freeipa-1.6.3-2.el9_0
2022-11-02 14:01:39 +00:00

55 lines
2.6 KiB
Diff
Raw Blame History

diff -up ansible-freeipa-1.6.3/roles/ipaserver/library/ipaserver_test.py.idstart_heck ansible-freeipa-1.6.3/roles/ipaserver/library/ipaserver_test.py
--- ansible-freeipa-1.6.3/roles/ipaserver/library/ipaserver_test.py.idstart_heck 2022-10-07 17:06:41.915918624 +0200
+++ ansible-freeipa-1.6.3/roles/ipaserver/library/ipaserver_test.py 2022-10-07 17:09:55.228613556 +0200
@@ -226,7 +226,8 @@ from ansible.module_utils.ansible_ipa_se
read_cache, ca, tasks, check_ldap_conf, timeconf, httpinstance,
check_dirsrv, ScriptError, get_fqdn, verify_fqdn, BadHostError,
validate_domain_name, load_pkcs12, IPA_PYTHON_VERSION,
- encode_certificate, check_available_memory, adtrustinstance
+ encode_certificate, check_available_memory, adtrustinstance,
+ get_min_idstart
)
from ansible.module_utils import six
@@ -580,6 +581,16 @@ def main():
"'--ignore-topology-disconnect/--ignore-last-of-role' "
"options can be used only during uninstallation")
+ if get_min_idstart is not None:
+ min_idstart = get_min_idstart()
+ if self.idstart < min_idstart:
+ raise RuntimeError(
+ "idstart (%i) must be larger than UID_MAX/GID_MAX "
+ "(%i) setting in /etc/login.defs." % (
+ self.idstart, min_idstart
+ )
+ )
+
if self.idmax < self.idstart:
raise RuntimeError(
"idmax (%s) cannot be smaller than idstart (%s)" %
diff -up ansible-freeipa-1.6.3/roles/ipaserver/module_utils/ansible_ipa_server.py.idstart_heck ansible-freeipa-1.6.3/roles/ipaserver/module_utils/ansible_ipa_server.py
--- ansible-freeipa-1.6.3/roles/ipaserver/module_utils/ansible_ipa_server.py.idstart_heck 2022-01-27 14:05:04.000000000 +0100
+++ ansible-freeipa-1.6.3/roles/ipaserver/module_utils/ansible_ipa_server.py 2022-10-07 17:07:35.907833419 +0200
@@ -41,7 +41,7 @@ __all__ = ["IPAChangeConf", "certmonger"
"adtrustinstance", "IPAAPI_USER", "sync_time", "PKIIniLoader",
"default_subject_base", "default_ca_subject_dn",
"check_ldap_conf", "encode_certificate", "decode_certificate",
- "check_available_memory"]
+ "check_available_memory", "get_min_idstart"]
import sys
@@ -178,6 +178,11 @@ else:
from ipalib.x509 import load_certificate
load_pem_x509_certificate = None
+ try:
+ from ipaserver.install.server.install import get_min_idstart
+ except ImportError:
+ get_min_idstart = None
+
else:
# IPA version < 4.5
Reference in New Issue View Git Blame Copy Permalink