class ManageIQ::ApplianceConsole::Principal

Kerberos principal

Attributes

ca_name[RW]
hostname[RW]
name[RW]

kerberos principal name

realm[RW]
service[RW]

Public Class Methods

new(options = {}) click to toggle source
# File lib/manageiq/appliance_console/principal.rb, line 14
def initialize(options = {})
  options.each { |n, v| public_send("#{n}=", v) }
  @ca_name ||= "ipa"
  @realm = @realm.upcase if @realm
  @name ||= "#{service}/#{hostname}@#{realm}"
end

Public Instance Methods

ipa?() click to toggle source
# File lib/manageiq/appliance_console/principal.rb, line 29
def ipa?
  @ca_name == "ipa"
end
register() click to toggle source
# File lib/manageiq/appliance_console/principal.rb, line 21
def register
  request if ipa? && !exist?
end
subject_name() click to toggle source
# File lib/manageiq/appliance_console/principal.rb, line 25
def subject_name
  "CN=#{hostname},OU=#{service},O=#{realm}"
end

Private Instance Methods

exist?() click to toggle source
# File lib/manageiq/appliance_console/principal.rb, line 35
def exist?
  AwesomeSpawn.run("/usr/bin/ipa", :params => ["-e", "skip_version_check=1", "service-find", "--principal", name]).success?
end
request() click to toggle source
# File lib/manageiq/appliance_console/principal.rb, line 39
def request
  # using --force because these services tend not to be in dns
  # this is like VERIFY_NONE
  AwesomeSpawn.run!("/usr/bin/ipa", :params => ["-e", "skip_version_check=1", "service-add", "--force", name])
end