On 08/12/15 16:33, Tomas Babej wrote:



On 12/08/2015 04:20 PM, Oleg Fayans wrote:
ACK. The initial issue is fixed.

On 12/08/2015 03:03 PM, David Kupka wrote:
https://fedorahosted.org/freeipa/ticket/5531




Can we get some more love for the patch and provide at least a sentence
worth of commit message before pushing?

It's not obvious from the title what the patch does, other than it fixes
things.

Tomas

I believe it's pretty obvious from linked ticket and attached patch changing just 5 lines. But you're right verbosity in commit message could save time later. Patch with changed commit message attached.

--
David Kupka
From eee2c606aeba8aff61777cbf54fdb6c006e8c755 Mon Sep 17 00:00:00 2001
From: David Kupka <dku...@redhat.com>
Date: Tue, 8 Dec 2015 14:22:01 +0100
Subject: [PATCH] replica: Fix ipa-replica-install with replica file (domain
 level 0).

Attribute _ca_enabled is set in promote_check() and is not available in
install(). When installing replica in domain level 0 we can determine existence
of CA service based on existence of cacert.p12 file in provided replica-file.

https://fedorahosted.org/freeipa/ticket/5531
---
 ipaserver/install/server/replicainstall.py | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py
index 4554166752ce4e5db2a98a8f495aa061aec963e9..a962ef93442c201f9df80adfb0443ab37cf9dc59 100644
--- a/ipaserver/install/server/replicainstall.py
+++ b/ipaserver/install/server/replicainstall.py
@@ -654,6 +654,8 @@ def install(installer):
     if installer._update_hosts_file:
         installutils.update_hosts_file(config.ips, config.host_name, fstore)
 
+    ca_enabled = ipautil.file_exists(config.dir + "/cacert.p12")
+
     # Create DS user/group if it doesn't exist yet
     dsinstance.create_ds_user()
 
@@ -675,7 +677,7 @@ def install(installer):
             ntp.create_instance()
 
         # Configure dirsrv
-        ds = install_replica_ds(config, options, installer._ca_enabled)
+        ds = install_replica_ds(config, options, ca_enabled)
 
         # Always try to install DNS records
         install_dns_records(config, options, remote_api)
@@ -690,20 +692,20 @@ def install(installer):
         options.domain_name = config.domain_name
         options.host_name = config.host_name
 
-        if ipautil.file_exists(config.dir + "/cacert.p12"):
+        if ca_enabled:
             options.ra_p12 = config.dir + "/ra.p12"
 
         ca.install(False, config, options)
 
     krb = install_krb(config, setup_pkinit=not options.no_pkinit)
     http = install_http(config, auto_redirect=not options.no_ui_redirect,
-                        ca_is_configured=installer._ca_enabled)
+                        ca_is_configured=ca_enabled)
 
     otpd = otpdinstance.OtpdInstance()
     otpd.create_instance('OTPD', config.host_name, config.dirman_password,
                          ipautil.realm_to_suffix(config.realm_name))
 
-    if ipautil.file_exists(config.dir + "/cacert.p12"):
+    if ca_enabled:
         CA = cainstance.CAInstance(config.realm_name, certs.NSS_DIR)
         CA.dm_password = config.dirman_password
 
-- 
2.5.0

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to