rpms / ipa

Clone
Source Code
GIT

Blame SOURCES/0128-server-upgrade-always-fix-certmonger-tracking-reques.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-DL1 c8-beta-stream-client c8-stream-DL1 c8-stream-client c8s-stream-DL1 c8s-stream-client c9 c9-beta
  1.   080ee67ed58f76050de403b6fc1f8901f21906e5
  2.   SOURCES
  3.   0128-server-upgrade-always-fix-certmonger-tracking-reques.patch
Blob History Raw
ac7d03 
From ba42557e2acb526587b07956e75a2a1394882771 Mon Sep 17 00:00:00 2001
ac7d03 
From: Jan Cholasta <jcholast@redhat.com>
ac7d03 
Date: Tue, 28 Feb 2017 10:55:54 +0000
ac7d03 
Subject: [PATCH] server upgrade: always fix certmonger tracking request
ac7d03
ac7d03 
Fix certmonger tracking requests on every run of ipa-server-upgrade rather
ac7d03 
than only when the tracking configuration has changed and the requests have
ac7d03 
not yet been updated.
ac7d03
ac7d03 
This allows fixing broken tracking requests just by re-running
ac7d03 
ipa-server-upgrade.
ac7d03
ac7d03 
https://pagure.io/freeipa/issue/5799
ac7d03
ac7d03 
Reviewed-By: David Kupka <dkupka@redhat.com>
ac7d03 
Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
ac7d03 
---
ac7d03 
 ipaserver/install/server/upgrade.py | 28 +++++++---------------------
ac7d03 
 1 file changed, 7 insertions(+), 21 deletions(-)
ac7d03
ac7d03 
diff --git a/ipaserver/install/server/upgrade.py b/ipaserver/install/server/upgrade.py
ac7d03 
index 7b0476d442902f2c3dc65819d54953e820f5e560..855056dc1fa20e813d82ecc5090a14cfc4f91831 100644
ac7d03 
--- a/ipaserver/install/server/upgrade.py
ac7d03 
+++ b/ipaserver/install/server/upgrade.py
ac7d03 
@@ -905,8 +905,6 @@ def certificate_renewal_update(ca, ds, http):
ac7d03 
     template = paths.CERTMONGER_COMMAND_TEMPLATE
ac7d03 
     serverid = installutils.realm_to_serverid(api.env.realm)
ac7d03
ac7d03 
-    # bump version when requests is changed
ac7d03 
-    version = 6
ac7d03 
     requests = [
ac7d03 
         {
ac7d03 
             'cert-database': paths.PKI_TOMCAT_ALIAS_DIR,
ac7d03 
@@ -971,25 +969,17 @@ def certificate_renewal_update(ca, ds, http):
ac7d03 
         }
ac7d03 
     ]
ac7d03
ac7d03 
-    root_logger.info("[Update certmonger certificate renewal configuration to "
ac7d03 
-                     "version %d]" % version)
ac7d03 
+    root_logger.info("[Update certmonger certificate renewal configuration]")
ac7d03 
     if not ca.is_configured():
ac7d03 
         root_logger.info('CA is not configured')
ac7d03 
         return False
ac7d03
ac7d03 
-    state = 'certificate_renewal_update_%d' % version
ac7d03 
-    if sysupgrade.get_upgrade_state('dogtag', state):
ac7d03 
-        return False
ac7d03 
-
ac7d03 
     # State not set, lets see if we are already configured
ac7d03 
     for request in requests:
ac7d03 
         request_id = certmonger.get_request_id(request)
ac7d03 
         if request_id is None:
ac7d03 
             break
ac7d03 
     else:
ac7d03 
-        sysupgrade.set_upgrade_state('dogtag', state, True)
ac7d03 
-        root_logger.info("Certmonger certificate renewal configuration is "
ac7d03 
-                         "already at version %d" % version)
ac7d03 
         return False
ac7d03
ac7d03 
     # Ok, now we need to stop tracking, then we can start tracking them
ac7d03 
@@ -998,13 +988,11 @@ def certificate_renewal_update(ca, ds, http):
ac7d03 
     ds.stop_tracking_certificates(serverid)
ac7d03 
     http.stop_tracking_certificates()
ac7d03
ac7d03 
-    if not sysupgrade.get_upgrade_state('dogtag',
ac7d03 
-                                        'certificate_renewal_update_1'):
ac7d03 
-        filename = paths.CERTMONGER_CAS_CA_RENEWAL
ac7d03 
-        if os.path.exists(filename):
ac7d03 
-            with installutils.stopped_service('certmonger'):
ac7d03 
-                root_logger.info("Removing %s" % filename)
ac7d03 
-                installutils.remove_file(filename)
ac7d03 
+    filename = paths.CERTMONGER_CAS_CA_RENEWAL
ac7d03 
+    if os.path.exists(filename):
ac7d03 
+        with installutils.stopped_service('certmonger'):
ac7d03 
+            root_logger.info("Removing %s" % filename)
ac7d03 
+            installutils.remove_file(filename)
ac7d03
ac7d03 
     ca.configure_certmonger_renewal()
ac7d03 
     ca.configure_renewal()
ac7d03 
@@ -1013,9 +1001,7 @@ def certificate_renewal_update(ca, ds, http):
ac7d03 
     ds.start_tracking_certificates(serverid)
ac7d03 
     http.start_tracking_certificates()
ac7d03
ac7d03 
-    sysupgrade.set_upgrade_state('dogtag', state, True)
ac7d03 
-    root_logger.info("Certmonger certificate renewal configuration updated to "
ac7d03 
-                     "version %d" % version)
ac7d03 
+    root_logger.info("Certmonger certificate renewal configuration updated")
ac7d03 
     return True
ac7d03
ac7d03 
 def copy_crl_file(old_path, new_path=None):
ac7d03 
--
ac7d03 
2.9.3
ac7d03

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation