On Wed, 15 Jan 2014, Jan Cholasta wrote:
Hi,
the attached patch should fix
<https://fedorahosted.org/freeipa/ticket/4078>.
I have also attached patch 179, which fixes a related bug in
certificate renewal.
NACK for this part:
This fixes a possible NSS database corruption in renew_ca_cert.
---
ipaserver/install/installutils.py | 3 ---
1 file changed, 3 deletions(-)
diff --git a/ipaserver/install/installutils.py
b/ipaserver/install/installutils.py
index 67eabc2..0ba9c2e 100644
--- a/ipaserver/install/installutils.py
+++ b/ipaserver/install/installutils.py
@@ -820,9 +820,6 @@ def stopped_service(service, instance_name=""):
root_logger.debug('Service %s%s is not running, continue.', service,
log_instance_name)
yield
- root_logger.debug('Starting %s%s.', service, log_instance_name)
- ipaservices.knownservices[service].start(instance_name)
- return
else:
# Stop the service, do the required stuff and start it again
root_logger.debug('Stopping %s%s.', service, log_instance_name)
You need to wrap yield into try: finally: block. I have a patch for
similar case in private_cache() few lines above this code.
diff --git a/ipalib/constants.py b/ipalib/constants.py
index d3e61ca..ae08277 100644
--- a/ipalib/constants.py
+++ b/ipalib/constants.py
@@ -119,7 +119,7 @@ DEFAULT_CONFIG = (
('rpc_protocol', 'jsonrpc'),
# Time to wait for a service to start, in seconds
- ('startup_timeout', 120),
+ ('startup_timeout', 300),
# Web Application mount points
('mount_ipa', '/ipa/'),
ACK for this one.
--
/ Alexander Bokovoy
_______________________________________________
Freeipa-devel mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/freeipa-devel
