On 11/24/2015 04:44 PM, Martin Babinsky wrote:
https://fedorahosted.org/freeipa/ticket/5459
forgot to attach the actual file *slaps himself* -- Martin^3 Babinsky
From 3ca5e8348cf1448dd61a069dc4b01e2fdf7ed201 Mon Sep 17 00:00:00 2001 From: Martin Babinsky <mbabi...@redhat.com> Date: Tue, 24 Nov 2015 16:40:52 +0100 Subject: [PATCH] do not disconnect when using existing connection to check default CA ACLs https://fedorahosted.org/freeipa/ticket/5459 --- ipaserver/install/cainstance.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py index c72d11d1e0b86c040dc497744cda87aab22caafd..dd3dbd737c0ae89b27756a94b47ea5a9493260ef 100644 --- a/ipaserver/install/cainstance.py +++ b/ipaserver/install/cainstance.py @@ -1846,7 +1846,8 @@ def _create_dogtag_profile(profile_id, profile_data): def ensure_default_caacl(): """Add the default CA ACL if missing.""" - if not api.Backend.ldap2.isconnected(): + is_already_connected = api.Backed.ldap2.isconnected() + if not is_already_connected: try: api.Backend.ldap2.connect(autobind=True) except errors.PublicError as e: @@ -1870,7 +1871,7 @@ def ensure_default_caacl(): api.Command.caacl_add_profile(u'hosts_services_caIPAserviceCert', certprofile=(u'caIPAserviceCert',)) - if api.Backend.ldap2.isconnected(): + if not is_already_connected: api.Backend.ldap2.disconnect() -- 2.4.3
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
