483b06
From c8fcaa5dc792e7b87c8f21c7c322ddfabe219980 Mon Sep 17 00:00:00 2001
483b06
From: Felipe Volpone <fbarreto@redhat.com>
483b06
Date: Wed, 13 Sep 2017 09:26:41 -0300
483b06
Subject: [PATCH] Fixing how sssd.conf is updated when promoting a client to
483b06
 replica
483b06
483b06
When promoting a client to a replica we have to change sssd.conf,
483b06
deleting _srv_ part from 'ipa_server' property and setting
483b06
'ipa_server_mode' to true.
483b06
483b06
Previously, the wrong domain could be updated since the ipa_domain
483b06
variable was not being used properly.
483b06
483b06
https://pagure.io/freeipa/issue/7127
483b06
483b06
Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
483b06
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
483b06
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
483b06
---
483b06
 ipaserver/install/server/replicainstall.py | 27 ++++++++++++---------------
483b06
 ipaserver/install/server/upgrade.py        |  4 ++++
483b06
 2 files changed, 16 insertions(+), 15 deletions(-)
483b06
483b06
diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py
483b06
index 814925de152809808f726c60ae7f35a24bc32a4a..326daf708f091d9d2c56ad399e46aef659dbba2e 100644
483b06
--- a/ipaserver/install/server/replicainstall.py
483b06
+++ b/ipaserver/install/server/replicainstall.py
483b06
@@ -432,30 +432,27 @@ def promote_sssd(host_name):
483b06
     sssdconfig.import_config()
483b06
     domains = sssdconfig.list_active_domains()
483b06
483b06
-    ipa_domain = None
483b06
-
483b06
     for name in domains:
483b06
         domain = sssdconfig.get_domain(name)
483b06
         try:
483b06
             hostname = domain.get_option('ipa_hostname')
483b06
             if hostname == host_name:
483b06
-                ipa_domain = domain
483b06
+                break
483b06
         except SSSDConfig.NoOptionError:
483b06
             continue
483b06
-
483b06
-    if ipa_domain is None:
483b06
-        raise RuntimeError("Couldn't find IPA domain in sssd.conf")
483b06
     else:
483b06
-        domain.set_option('ipa_server', host_name)
483b06
-        domain.set_option('ipa_server_mode', True)
483b06
-        sssdconfig.save_domain(domain)
483b06
-        sssdconfig.write()
483b06
+        raise RuntimeError("Couldn't find IPA domain in sssd.conf")
483b06
483b06
-        sssd = services.service('sssd', api)
483b06
-        try:
483b06
-            sssd.restart()
483b06
-        except CalledProcessError:
483b06
-            root_logger.warning("SSSD service restart was unsuccessful.")
483b06
+    domain.set_option('ipa_server', host_name)
483b06
+    domain.set_option('ipa_server_mode', True)
483b06
+    sssdconfig.save_domain(domain)
483b06
+    sssdconfig.write()
483b06
+
483b06
+    sssd = services.service('sssd', api)
483b06
+    try:
483b06
+        sssd.restart()
483b06
+    except CalledProcessError:
483b06
+        root_logger.warning("SSSD service restart was unsuccessful.")
483b06
483b06
483b06
 def promote_openldap_conf(hostname, master):
483b06
diff --git a/ipaserver/install/server/upgrade.py b/ipaserver/install/server/upgrade.py
483b06
index 732776f2cf513a4bb11d8f3f0dfaac78217e460f..109e922e3a3ea25f882fdd81765788a3881e87bd 100644
483b06
--- a/ipaserver/install/server/upgrade.py
483b06
+++ b/ipaserver/install/server/upgrade.py
483b06
@@ -1816,11 +1816,15 @@ def upgrade_configuration():
483b06
         cainstance.ensure_ipa_authority_entry()
483b06
483b06
     set_sssd_domain_option('ipa_server_mode', 'True')
483b06
+    set_sssd_domain_option('ipa_server', api.env.host)
483b06
 
483b06
     sssdconfig = SSSDConfig.SSSDConfig()
483b06
     sssdconfig.import_config()
483b06
     sssd_enable_service(sssdconfig, 'ifp')
483b06
 
483b06
+    sssd = services.service('sssd', api)
483b06
+    sssd.restart()
483b06
+
483b06
     krb = krbinstance.KrbInstance(fstore)
483b06
     krb.fqdn = fqdn
483b06
     krb.realm = api.env.realm
483b06
--
483b06
2.13.5