StealthOS/subiquity
StealthOS
/
subiquity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Realm doesn't need curtin 

It turns out that the `realm --install /target` does a chroot.
So curtin in target command is not necessary for that.
The same doesn't hold for pam-auth-update.
Setting hostnames is still a requirement, because realm calls adcli
under the hood, which doesn't go through chroot.
This commit is contained in:
Carlos Nihelton 2023-02-24 09:08:29 -03:00
parent 5c059dd6ab
commit 03c80eb8a6
No known key found for this signature in database
GPG Key ID: 6FE346D245197E9A
1 changed files with 19 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
subiquity/server/ad_joiner.py
View File

@ -17,7 +17,8 @@ import asyncio
from contextlib import contextmanager from contextlib import contextmanager
import logging import logging
from socket import gethostname from socket import gethostname
from subiquitycore.utils import run_command from subprocess import CalledProcessError
from subiquitycore.utils import arun_command, run_command
from subiquity.server.curtin import run_curtin_command from subiquity.server.curtin import run_curtin_command
from subiquity.common.types import ( from subiquity.common.types import (
ADConnectionInfo, ADConnectionInfo,
@ -59,25 +60,28 @@ class AdJoinStrategy():
return AdJoinResult.JOIN_ERROR return AdJoinResult.JOIN_ERROR
root_dir = self.app.root root_dir = self.app.root
cp = await run_curtin_command( cp = await arun_command([self.realm, "join", "--install", root_dir,
self.app, context, "in-target", "-t", root_dir, "--user", info.admin_name,
"--", self.realm, "join", "--install", root_dir, "--user", "--computer-name", hostname,
info.admin_name, "--computer-name", hostname, "--unattended", "--unattended", info.domain_name],
info.domain_name, private_mounts=True, input=info.password, input=info.password, timeout=60)
timeout=60)
if not cp.returncode: if not cp.returncode:
# Enable pam_mkhomedir # Enable pam_mkhomedir
cp = await run_curtin_command(self.app, context, "in-target", try:
"-t", root_dir, "--", cp = await run_curtin_command(self.app, context,
self.pam, "--package", "in-target", "-t", root_dir,
"--", self.pam, "--package",
"--enable", "mkhomedir", "--enable", "mkhomedir",
private_mounts=True) private_mounts=False)
if cp.returncode:
return AdJoinResult.PAM_ERROR
else:
return AdJoinResult.OK return AdJoinResult.OK
except CalledProcessError:
# The app command runner doesn't give us output in case of
# failure in the wait() method, which is called by
# run_curtin_command
log.info("Failed to update pam-auth")
return AdJoinResult.PAM_ERROR
return AdJoinResult.JOIN_ERROR return AdJoinResult.JOIN_ERROR