Misnyovszki Adam wrote:
this patch modifies ipa-server-install to warn the user, if there is
a lack of entropy, also runs generate-rndc-key.sh before named restart,
to ensure, that it can start before systemd timeouts.
I think the exception should be logged in check_entropy() in case this
every does fail (the file name changes, the format changes, etc).
There should be a try/except around the run() call.
I noticed that /etc/rndc.key isn't removed on uninstall, which I guess
means the same key will be re-used. Should we be removing that?
Freeipa-devel mailing list