pgreco / rpms / ipa

Forked from forks/areguera/rpms/ipa 4 years ago
Clone
Source Code
GIT

Blame SOURCES/0049-Upgrade-configure-PKINIT-after-adding-anonymous-prin.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-DL1 c8-beta-stream-client c8-stream-DL1 c8-stream-client
  1.   ac7d03c67af81669700da761908f3f0de3d23372
  2.   SOURCES
  3.   0049-Upgrade-configure-PKINIT-after-adding-anonymous-prin.patch
Blob History Raw
ac7d03 
From a4140595a3fcb42d9666aea823d3d8cd9ae0c7c3 Mon Sep 17 00:00:00 2001
ac7d03 
From: Martin Babinsky <mbabinsk@redhat.com>
ac7d03 
Date: Tue, 21 Mar 2017 17:03:35 +0100
ac7d03 
Subject: [PATCH] Upgrade: configure PKINIT after adding anonymous principal
ac7d03
ac7d03 
In order to set up PKINIT, the anonymous principal must already be
ac7d03 
created, otherwise the upgrade with fail when trying out anonymous
ac7d03 
PKINIT. Switch the order of steps so that this issue does not occur.
ac7d03
ac7d03 
https://pagure.io/freeipa/issue/6792
ac7d03
ac7d03 
Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
ac7d03 
---
ac7d03 
 ipaserver/install/server/upgrade.py | 2 +-
ac7d03 
 1 file changed, 1 insertion(+), 1 deletion(-)
ac7d03
ac7d03 
diff --git a/ipaserver/install/server/upgrade.py b/ipaserver/install/server/upgrade.py
ac7d03 
index 1706079da86d9ba9066f71f02b170c161c1f2963..be07d78585d4772eb6dd0aaa8fb4ccb588c42c65 100644
ac7d03 
--- a/ipaserver/install/server/upgrade.py
ac7d03 
+++ b/ipaserver/install/server/upgrade.py
ac7d03 
@@ -1809,9 +1809,9 @@ def upgrade_configuration():
ac7d03 
                         KDC_CERT=paths.KDC_CERT,
ac7d03 
                         KDC_KEY=paths.KDC_KEY,
ac7d03 
                         CACERT_PEM=paths.CACERT_PEM)
ac7d03 
-    setup_pkinit(krb)
ac7d03 
     enable_anonymous_principal(krb)
ac7d03 
     http.request_anon_keytab()
ac7d03 
+    setup_pkinit(krb)
ac7d03
ac7d03 
     if not ds_running:
ac7d03 
         ds.stop(ds_serverid)
ac7d03 
--
ac7d03 
2.12.2
ac7d03

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation