#141 Change fedora-cert to use .fedora.upn filename
Merged 7 years ago by ausil. Opened 7 years ago by puiterwijk.
puiterwijk/fedora-packager krb-cert  into  master

file modified
+11
@@ -13,6 +13,7 @@ 

  

  import optparse

  import fedora_cert

+ import os.path

  import sys

  

  def main(opts):
@@ -31,6 +32,14 @@ 

              sys.exit(0)

      else:

          username = opts.username

+ 

+     if opts.confkrb:

+         with open(os.path.expanduser('~/.fedora.upn'), 'w') as f:

+             f.write(username)

+         print('Kerberos username configured. Run kinit %s@FEDORAPROJECT.ORG' %

+               opts.username)

+         sys.exit(0)

+ 

      #has cert expired? do we force a new cert? get a new one

      if opts.newcert:

          print("Getting a new User Certificate")
@@ -68,6 +77,8 @@ 

                       default=False, help="Generate a new Fedora Certificate.")

      opt_p.add_option('-v', '--verify-cert', action='store_true', dest='verifycert',

                       default=False, help="Verify Certificate.")

+     opt_p.add_option('-k', '--configure-krb', action='store_true', dest='confkrb',

+                      default=False, help="Configure krb5.")

  

      (opts, args) = opt_p.parse_args()

  

@@ -29,6 +29,8 @@ 

      Read in the certificate so we dont duplicate the code 

      """

       # Make sure we can even read the thing.

+     if os.path.exists(os.path.expanduser('~/.fedora.upn')):

+         return None

      cert_file = os.path.join(os.path.expanduser('~'), ".fedora.cert")

      if not os.access(cert_file, os.R_OK):

          raise fedora_cert_error("""!!!    cannot read your ~/.fedora.cert file   !!!
@@ -44,6 +46,10 @@ 

      not revoked

      Expiry time warn if less than 21 days

      """

+     if os.path.exists(os.path.expanduser('~/.fedora.upn')):

+         print('Kerberos configured, cert ignored')

+         return

+ 

      my_cert = _open_cert()

      valid_until = my_cert.get_notAfter()[:8].decode()

  
@@ -84,6 +90,10 @@ 

      Figure out the Fedora user name from ~/.fedora.cert

  

      """

+     if os.path.exists(os.path.expanduser('~/.fedora.upn')):

+         with file(os.path.expanduser('~/.fedora.upn'), 'r') as f:

+             return f.read().replace('\n', '')

+ 

      my_cert = _open_cert()

  

      subject = str(my_cert.get_subject())

can we please be consistent with
os.path.join(os.path.expanduser('~'), ".fedora.cert")

what writes ~/.fedora.upn and what is in it?

rebased

7 years ago

Pull-Request has been merged by ausil

7 years ago