ipa-getkeytab randomizes the password, so it wasn't possible to
login as ovirtadmin using browser basic auth
---
wui-appliance/wui-devel.ks | 5 +----
wui/scripts/ovirt-wui-install | 6 ++----
2 files changed, 3 insertions(+), 8 deletions(-)
diff --git a/wui-appliance/wui-devel.ks b/wui-appliance/wui-devel.ks
index 5729b60..66927be 100644
--- a/wui-appliance/wui-devel.ks
+++ b/wui-appliance/wui-devel.ks
@@ -45,7 +45,6 @@ principal=ovirtadmin
realm=PRIV.OVIRT.ORG
password=ovirt
cron_file=/etc/cron.hourly/ovirtadmin.cron
-ktab_file=/usr/share/ovirt-wui/ovirtadmin.tab
# automatically refresh the kerberos ticket every hour (we'll create the
# principal on first-boot)
@@ -53,7 +52,7 @@ cat > $cron_file << EOF
#!/bin/bash
export PATH=/usr/kerberos/bin:$PATH
kdestroy
-kinit -k -t $ktab_file $principal@$realm
+echo $password | kinit $principal@$realm
EOF
chmod 755 $cron_file
@@ -128,7 +127,6 @@ sed -e "s, at cron_file@,$cron_file," \
-e "s, at principal@,$principal," \
-e "s, at realm@,$realm," \
-e "s, at password@,$password,g" \
- -e "s, at ktab_file@,$ktab_file," \
> $first_run_file << \EOF
#!/bin/bash
#
@@ -175,7 +173,6 @@ LDAP
# make ovitadmin also an IPA admin
ipa-modgroup -a ovirtadmin admins
ipa-moduser --setattr krbPasswordExpiration=19700101000000Z @principal@
- ipa-getkeytab -s management.priv.ovirt.org -p @principal@ -k @ktab_file@
@cron_file@
) > /var/log/ovirt-wui-dev-first-run.log 2>&1
diff --git a/wui/scripts/ovirt-wui-install b/wui/scripts/ovirt-wui-install
index c39364c..8580134 100755
--- a/wui/scripts/ovirt-wui-install
+++ b/wui/scripts/ovirt-wui-install
@@ -189,10 +189,8 @@ mkdir -p log
rake db:migrate
cd -
-if [ -f ${OVIRT_DIR}/ovirtadmin.tab ]; then
- ${OVIRT_DIR}/script/grant_admin_privileges ovirtadmin
- [ $? != 0 ] && echo "Failed to grant ovirtadmin
privileges" && exit 1
-fi
+${OVIRT_DIR}/script/grant_admin_privileges ovirtadmin
+[ $? != 0 ] && echo "Failed to grant ovirtadmin privileges"
&& exit 1
ovirt-add-host $(hostname) ${OVIRT_DIR}/ovirt.keytab
--
1.5.4.1