On 01/21/2014 05:12 PM, Martin Kosek wrote:
On 01/21/2014 03:07 PM, Petr Viktorin wrote:
On 01/16/2014 02:16 PM, Martin Kosek wrote:
[freeipa-mkosek-448-add-runas-option-to-run-function.patch]:
Run function can now run the specified command as different user by
setting the EUID and EGID for executed process.
Please add the new argument to the docstring, otherwise ACK
[freeipa-mkosek-449-switch-httpd-to-use-default-ccache.patch]:
Stock httpd no longer uses systemd EnvironmentFile option which is
making FreeIPA's KRB5CCNAME setting ineffective. This can lead in hard
to debug problems during subsequent ipa-server-install's where HTTP
may use a stale CCACHE in the default kernel keyring CCACHE.
Avoid forcing custom CCACHE and switch to system one, just make sure
that it is properly cleaned by kdestroy run as "apache" user during
FreeIPA server installation process.
https://fedorahosted.org/freeipa/ticket/4084
This does not fix the issue for me.
On a fresh f20 machine, I installed the server, uninstalled it, and installed
again. The second installation failed with the ipa-client-install error
described in the ticket.
On your VM, I saw the method I use for running a command as different process
was indeed not effective. I had to change both effective and real UID/GID to
make the kdestroy function working.
I also added the missing docstrings in 448, both for runas as well as other
missing options.
Great, thank you! ACK, fixed a typo in the docstring and pushed to
master: f49c26db2c38e5b60a6be990b95c2926ecfa6247
For the record, this problem appeared in an install-uninstall-install
cycle with no reboot. It's unlikely to appear in the wild, but happens
all the time in CI and on some developers' workflows.
--
PetrĀ³
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
