On 11.11.2015 11:50, Petr Spacek wrote:
On 11.11.2015 10:49, Martin Babinsky wrote:
On 11/11/2015 10:36 AM, Martin Basti wrote:
On 10.11.2015 17:36, Petr Spacek wrote:
On 4.11.2015 11:56, Martin Babinsky wrote:
On 10/22/2015 05:32 PM, Petr Spacek wrote:
On 21.10.2015 17:55, Martin Babinsky wrote:
On 10/13/2015 09:17 AM, Petr Spacek wrote:
On 12.10.2015 13:38, Martin Babinsky wrote:
each service possessing Kerberos keytab wiil now remove it and
destroy any
associated credentials cache during its uninstall
https://fedorahosted.org/freeipa/ticket/5243
BTW some time ago Simo proposed that we should remove caches and
old keytabs
during *install* so problems caused by failing uninstallation will be
fixed on
repeated install. This is yet another step towards idempotent
installer.
To me this makes more sense than doing so on uninstall. Does it
make sense to
you, too?
Attaching updated patch that does cleanup also before each instance
creation.
It is a bit ugly I admit, but I couldn't think of a better way to
do it and
didn't want to poke into service/instance code more than neccesary.
NACK, but we are almost there!
* kdestroy -A is too aggressive and wipes root's keyring after each
run of
ipa-*-install utils.
* There are some scattered leftovers of ipautil.run['kdestroy'...]
in the
tree. Please get rid of them.
Thank you!
Attaching updated patch. It got lost somewhere in the list.
ACK, thank you for patience.
The patch needs rebase.
Rebased patch attached.
I should have told you :-) Anyway, re-ACK.
Pushed to master: 117bf5af8c5ffa63dc380cb331843396ce8b8286
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
