|
 |
590d18 |
From 6b5411bd9bf98bd7c4bb695b37c2e878f4b0f1ef Mon Sep 17 00:00:00 2001
|
|
|
590d18 |
From: Christian Heimes <cheimes@redhat.com>
|
|
|
590d18 |
Date: Thu, 10 Sep 2015 11:54:32 +0200
|
|
|
590d18 |
Subject: [PATCH] Handle timeout error in ipa-httpd-kdcproxy
|
|
|
590d18 |
|
|
|
590d18 |
The ipa-httpd-kdcproxy script now handles LDAP timeout errors correctly.
|
|
|
590d18 |
A timeout does no longer result into an Apache startup error.
|
|
|
590d18 |
|
|
|
590d18 |
https://fedorahosted.org/freeipa/ticket/5292
|
|
|
590d18 |
|
|
|
590d18 |
Reviewed-By: Martin Basti <mbasti@redhat.com>
|
|
|
590d18 |
---
|
|
|
590d18 |
install/tools/ipa-httpd-kdcproxy | 3 ++-
|
|
|
590d18 |
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
590d18 |
|
|
|
590d18 |
diff --git a/install/tools/ipa-httpd-kdcproxy b/install/tools/ipa-httpd-kdcproxy
|
|
|
590d18 |
index 60b22f2cc321d416871c74f3b4d580594c186a85..5e9863f8bd82e1628030b0b767a6697ab2a1d7bd 100755
|
|
|
590d18 |
--- a/install/tools/ipa-httpd-kdcproxy
|
|
|
590d18 |
+++ b/install/tools/ipa-httpd-kdcproxy
|
|
|
590d18 |
@@ -24,6 +24,7 @@ This script creates or removes the symlink from /etc/ipa/ipa-kdc-proxy.conf
|
|
|
590d18 |
to /etc/httpd/conf.d/. It's called from ExecStartPre hook in httpd.service.
|
|
|
590d18 |
"""
|
|
|
590d18 |
import os
|
|
|
590d18 |
+import socket
|
|
|
590d18 |
import sys
|
|
|
590d18 |
|
|
|
590d18 |
from ipalib import api, errors
|
|
|
590d18 |
@@ -81,7 +82,7 @@ class KDCProxyConfig(object):
|
|
|
590d18 |
# EXTERNAL bind as root user
|
|
|
590d18 |
self.con.ldapi = True
|
|
|
590d18 |
self.con.do_bind(timeout=self.time_limit)
|
|
|
590d18 |
- except errors.NetworkError as e:
|
|
|
590d18 |
+ except (errors.NetworkError, socket.timeout) as e:
|
|
|
590d18 |
msg = 'Unable to connect to dirsrv: %s' % e
|
|
|
590d18 |
raise CheckError(msg)
|
|
|
590d18 |
except errors.AuthorizationError as e:
|
|
|
590d18 |
--
|
|
|
590d18 |
2.4.3
|
|
|
590d18 |
|