Realm doesn't need curtin
It turns out that the `realm --install /target` does a chroot. So curtin in target command is not necessary for that. The same doesn't hold for pam-auth-update. Setting hostnames is still a requirement, because realm calls adcli under the hood, which doesn't go through chroot.
This commit is contained in:
parent
5c059dd6ab
commit
03c80eb8a6
|
@ -17,7 +17,8 @@ import asyncio
|
||||||
from contextlib import contextmanager
|
from contextlib import contextmanager
|
||||||
import logging
|
import logging
|
||||||
from socket import gethostname
|
from socket import gethostname
|
||||||
from subiquitycore.utils import run_command
|
from subprocess import CalledProcessError
|
||||||
|
from subiquitycore.utils import arun_command, run_command
|
||||||
from subiquity.server.curtin import run_curtin_command
|
from subiquity.server.curtin import run_curtin_command
|
||||||
from subiquity.common.types import (
|
from subiquity.common.types import (
|
||||||
ADConnectionInfo,
|
ADConnectionInfo,
|
||||||
|
@ -59,25 +60,28 @@ class AdJoinStrategy():
|
||||||
return AdJoinResult.JOIN_ERROR
|
return AdJoinResult.JOIN_ERROR
|
||||||
|
|
||||||
root_dir = self.app.root
|
root_dir = self.app.root
|
||||||
cp = await run_curtin_command(
|
cp = await arun_command([self.realm, "join", "--install", root_dir,
|
||||||
self.app, context, "in-target", "-t", root_dir,
|
"--user", info.admin_name,
|
||||||
"--", self.realm, "join", "--install", root_dir, "--user",
|
"--computer-name", hostname,
|
||||||
info.admin_name, "--computer-name", hostname, "--unattended",
|
"--unattended", info.domain_name],
|
||||||
info.domain_name, private_mounts=True, input=info.password,
|
input=info.password, timeout=60)
|
||||||
timeout=60)
|
|
||||||
|
|
||||||
if not cp.returncode:
|
if not cp.returncode:
|
||||||
# Enable pam_mkhomedir
|
# Enable pam_mkhomedir
|
||||||
cp = await run_curtin_command(self.app, context, "in-target",
|
try:
|
||||||
"-t", root_dir, "--",
|
cp = await run_curtin_command(self.app, context,
|
||||||
self.pam, "--package",
|
"in-target", "-t", root_dir,
|
||||||
"--enable", "mkhomedir",
|
"--", self.pam, "--package",
|
||||||
private_mounts=True)
|
"--enable", "mkhomedir",
|
||||||
|
private_mounts=False)
|
||||||
|
|
||||||
if cp.returncode:
|
return AdJoinResult.OK
|
||||||
|
except CalledProcessError:
|
||||||
|
# The app command runner doesn't give us output in case of
|
||||||
|
# failure in the wait() method, which is called by
|
||||||
|
# run_curtin_command
|
||||||
|
log.info("Failed to update pam-auth")
|
||||||
return AdJoinResult.PAM_ERROR
|
return AdJoinResult.PAM_ERROR
|
||||||
else:
|
|
||||||
return AdJoinResult.OK
|
|
||||||
|
|
||||||
return AdJoinResult.JOIN_ERROR
|
return AdJoinResult.JOIN_ERROR
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue