rpms / ipa

Clone
Source Code
GIT

Blame SOURCES/0142-Fix-missing-file-that-fails-DL1-replica-installation.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-DL1 c8-beta-stream-client c8-stream-DL1 c8-stream-client c8s-stream-DL1 c8s-stream-client c9 c9-beta
  1.   34929d065a95a7fae204bba9f71f67eeb89d7330
  2.   SOURCES
  3.   0142-Fix-missing-file-that-fails-DL1-replica-installation.patch
Blob History Raw
fef02c 
From eb844fe9e56a30be9462508f1e5330aaa73342b3 Mon Sep 17 00:00:00 2001
fef02c 
From: Stanislav Laznicka <slaznick@redhat.com>
fef02c 
Date: Mon, 31 Oct 2016 16:51:49 +0100
fef02c 
Subject: [PATCH] Fix missing file that fails DL1 replica installation
fef02c
fef02c 
Replica installation on DL1 would fail to create a httpd instance
fef02c 
due to missing '/etc/httpd/alias/cacert.asc'. Create this file
fef02c 
in the setup_ssl step to avoid the error.
fef02c
fef02c 
https://fedorahosted.org/freeipa/ticket/6393
fef02c
fef02c 
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
fef02c 
---
fef02c 
 ipaserver/install/httpinstance.py | 25 +++++++++++++++++--------
fef02c 
 1 file changed, 17 insertions(+), 8 deletions(-)
fef02c
fef02c 
diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py
fef02c 
index 431671eaf55d4ac63dc01190e254931dac096dec..aeae10902e6597ca1e494240a625caed9f7b7192 100644
fef02c 
--- a/ipaserver/install/httpinstance.py
fef02c 
+++ b/ipaserver/install/httpinstance.py
fef02c 
@@ -343,14 +343,23 @@ class HTTPInstance(service.Service):
fef02c 
             self.__set_mod_nss_nickname(nickname)
fef02c 
             self.add_cert_to_service()
fef02c
fef02c 
-        elif not self.promote:
fef02c 
-            db.create_password_conf()
fef02c 
-            self.dercert = db.create_server_cert(self.cert_nickname, self.fqdn,
fef02c 
-                                                 ca_db)
fef02c 
-            db.track_server_cert(self.cert_nickname, self.principal,
fef02c 
-                                 db.passwd_fname, 'restart_httpd')
fef02c 
-            db.create_signing_cert("Signing-Cert", "Object Signing Cert", ca_db)
fef02c 
-            self.add_cert_to_service()
fef02c 
+        else:
fef02c 
+            if not self.promote:
fef02c 
+                db.create_password_conf()
fef02c 
+                self.dercert = db.create_server_cert(self.cert_nickname, self.fqdn,
fef02c 
+                                                     ca_db)
fef02c 
+                db.track_server_cert(self.cert_nickname, self.principal,
fef02c 
+                                     db.passwd_fname, 'restart_httpd')
fef02c 
+                db.create_signing_cert("Signing-Cert", "Object Signing Cert", ca_db)
fef02c 
+                self.add_cert_to_service()
fef02c 
+
fef02c 
+            server_certs = db.find_server_certs()
fef02c 
+            if not server_certs:
fef02c 
+                raise RuntimeError("Could not find a suitable server cert.")
fef02c 
+
fef02c 
+            # We only handle one server cert
fef02c 
+            nickname = server_certs[0][0]
fef02c 
+            db.export_ca_cert(nickname)
fef02c
fef02c 
         # Fix the database permissions
fef02c 
         os.chmod(certs.NSS_DIR + "/cert8.db", 0o660)
fef02c 
--
fef02c 
2.7.4
fef02c

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation