From 19738b56604f50e3806b220e74ac4a5ab52f71a4 Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jcholast@redhat.com>
Date: Fri, 7 Apr 2017 07:40:41 +0200
Subject: [PATCH] httpinstance: avoid httpd restart during certificate request
httpd is restarted by certmonger in the restart_httpd script after the
httpd certificate is saved if it was previously running. The restart will
fail because httpd is not properly configured at this point.
Stop httpd at the beginning of httpd install to avoid the restart.
https://pagure.io/freeipa/issue/6757
Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
---
ipaserver/install/httpinstance.py | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py
index 079ea92606cc53f98beca1759a7e24db64bfd3f4..d7cd776ab9831b5408797ae41b7c7fbb10707b18 100644
--- a/ipaserver/install/httpinstance.py
+++ b/ipaserver/install/httpinstance.py
@@ -160,6 +160,7 @@ class HTTPInstance(service.Service):
self.ca_is_configured = ca_is_configured
self.promote = promote
+ self.step("stopping httpd", self.__stop)
self.step("setting mod_nss port to 443", self.__set_mod_nss_port)
self.step("setting mod_nss cipher suite",
self.set_mod_nss_cipher_suite)
@@ -185,15 +186,15 @@ class HTTPInstance(service.Service):
self.step("create KDC proxy user", create_kdcproxy_user)
self.step("create KDC proxy config", self.create_kdcproxy_conf)
self.step("enable KDC proxy", self.enable_kdcproxy)
- self.step("restarting httpd", self.__start)
+ self.step("starting httpd", self.start)
self.step("configuring httpd to start on boot", self.__enable)
self.step("enabling oddjobd", self.enable_and_start_oddjobd)
self.start_creation()
- def __start(self):
+ def __stop(self):
self.backup_state("running", self.is_running())
- self.restart()
+ self.stop()
def __enable(self):
self.backup_state("enabled", self.is_enabled())
--
2.9.3