|
|
ac7d03 |
From f6ecef4bdf8f5f99c89c0649232a230c28191869 Mon Sep 17 00:00:00 2001
|
|
|
ac7d03 |
From: Jan Cholasta <jcholast@redhat.com>
|
|
|
ac7d03 |
Date: Fri, 7 Apr 2017 07:40:19 +0200
|
|
|
ac7d03 |
Subject: [PATCH] dsinstance: reconnect ldap2 after DS is restarted by
|
|
|
ac7d03 |
certmonger
|
|
|
ac7d03 |
|
|
|
ac7d03 |
DS is restarted by certmonger in the restart_dirsrv script after the DS
|
|
|
ac7d03 |
certificate is saved. This breaks the ldap2 backend and makes any operation
|
|
|
ac7d03 |
fail with NetworkError until it is reconnected.
|
|
|
ac7d03 |
|
|
|
ac7d03 |
Reconnect ldap2 after the DS certificate request is finished to fix the
|
|
|
ac7d03 |
issue. Make sure restart_dirsrv waits for the ldapi socket so that the
|
|
|
ac7d03 |
reconnect does not fail.
|
|
|
ac7d03 |
|
|
|
ac7d03 |
https://pagure.io/freeipa/issue/6757
|
|
|
ac7d03 |
|
|
|
ac7d03 |
Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
|
|
|
ac7d03 |
---
|
|
|
ac7d03 |
install/restart_scripts/restart_dirsrv | 2 +-
|
|
|
ac7d03 |
ipaserver/install/dsinstance.py | 4 ++++
|
|
|
ac7d03 |
2 files changed, 5 insertions(+), 1 deletion(-)
|
|
|
ac7d03 |
|
|
|
ac7d03 |
diff --git a/install/restart_scripts/restart_dirsrv b/install/restart_scripts/restart_dirsrv
|
|
|
ac7d03 |
index b4c9490c10506aba60eee16c3f46ee7cb0474f50..ff476cac46f76d4964d39b12c04401dfc19c2d3a 100644
|
|
|
ac7d03 |
--- a/install/restart_scripts/restart_dirsrv
|
|
|
ac7d03 |
+++ b/install/restart_scripts/restart_dirsrv
|
|
|
ac7d03 |
@@ -41,7 +41,7 @@ def _main():
|
|
|
ac7d03 |
|
|
|
ac7d03 |
try:
|
|
|
ac7d03 |
if services.knownservices.dirsrv.is_running():
|
|
|
ac7d03 |
- services.knownservices.dirsrv.restart(instance)
|
|
|
ac7d03 |
+ services.knownservices.dirsrv.restart(instance, ldapi=True)
|
|
|
ac7d03 |
except Exception as e:
|
|
|
ac7d03 |
syslog.syslog(syslog.LOG_ERR, "Cannot restart dirsrv (instance: '%s'): %s" % (instance, str(e)))
|
|
|
ac7d03 |
|
|
|
ac7d03 |
diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py
|
|
|
ac7d03 |
index 79dc90e92cac49a2b64ff6645f75dc3a8cbcc104..fb5f925de8e658dca9370714413012527f00c39d 100644
|
|
|
ac7d03 |
--- a/ipaserver/install/dsinstance.py
|
|
|
ac7d03 |
+++ b/ipaserver/install/dsinstance.py
|
|
|
ac7d03 |
@@ -837,6 +837,10 @@ class DsInstance(service.Service):
|
|
|
ac7d03 |
finally:
|
|
|
ac7d03 |
certmonger.modify_ca_helper('IPA', prev_helper)
|
|
|
ac7d03 |
|
|
|
ac7d03 |
+ # restart_dirsrv in the request above restarts DS, reconnect ldap2
|
|
|
ac7d03 |
+ api.Backend.ldap2.disconnect()
|
|
|
ac7d03 |
+ api.Backend.ldap2.connect()
|
|
|
ac7d03 |
+
|
|
|
ac7d03 |
self.dercert = dsdb.get_cert_from_db(self.nickname, pem=False)
|
|
|
ac7d03 |
|
|
|
ac7d03 |
dsdb.create_pin_file()
|
|
|
ac7d03 |
--
|
|
|
ac7d03 |
2.9.3
|
|
|
ac7d03 |
|