rpms / ipa

Clone
Source Code
GIT

Blame SOURCES/0049-Upgrade-configure-PKINIT-after-adding-anonymous-prin.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-DL1 c8-beta-stream-client c8-stream-DL1 c8-stream-client c8s-stream-DL1 c8s-stream-client c9 c9-beta
  1.   483b06d68cbb3facb2f1fcff4d857d3e3233a2e0
  2.   SOURCES
  3.   0049-Upgrade-configure-PKINIT-after-adding-anonymous-prin.patch
Blob History Raw
483b06 
From a4140595a3fcb42d9666aea823d3d8cd9ae0c7c3 Mon Sep 17 00:00:00 2001
483b06 
From: Martin Babinsky <mbabinsk@redhat.com>
483b06 
Date: Tue, 21 Mar 2017 17:03:35 +0100
483b06 
Subject: [PATCH] Upgrade: configure PKINIT after adding anonymous principal
483b06
483b06 
In order to set up PKINIT, the anonymous principal must already be
483b06 
created, otherwise the upgrade with fail when trying out anonymous
483b06 
PKINIT. Switch the order of steps so that this issue does not occur.
483b06
483b06 
https://pagure.io/freeipa/issue/6792
483b06
483b06 
Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
483b06 
---
483b06 
 ipaserver/install/server/upgrade.py | 2 +-
483b06 
 1 file changed, 1 insertion(+), 1 deletion(-)
483b06
483b06 
diff --git a/ipaserver/install/server/upgrade.py b/ipaserver/install/server/upgrade.py
483b06 
index 1706079da86d9ba9066f71f02b170c161c1f2963..be07d78585d4772eb6dd0aaa8fb4ccb588c42c65 100644
483b06 
--- a/ipaserver/install/server/upgrade.py
483b06 
+++ b/ipaserver/install/server/upgrade.py
483b06 
@@ -1809,9 +1809,9 @@ def upgrade_configuration():
483b06 
                         KDC_CERT=paths.KDC_CERT,
483b06 
                         KDC_KEY=paths.KDC_KEY,
483b06 
                         CACERT_PEM=paths.CACERT_PEM)
483b06 
-    setup_pkinit(krb)
483b06 
     enable_anonymous_principal(krb)
483b06 
     http.request_anon_keytab()
483b06 
+    setup_pkinit(krb)
483b06
483b06 
     if not ds_running:
483b06 
         ds.stop(ds_serverid)
483b06 
--
483b06 
2.12.2
483b06

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation