On 7.12.2015 08:14, Jan Cholasta wrote:
On 6.12.2015 21:32, Martin Basti wrote:
On 04.12.2015 16:58, Simo Sorce wrote:
On Fri, 2015-12-04 at 15:39 +0100, Jan Cholasta wrote:
On 4.12.2015 15:16, Jan Cholasta wrote:
On 4.12.2015 15:12, Jan Cholasta wrote:
On 4.12.2015 11:15, Petr Vobornik wrote:
On 12/03/2015 03:11 PM, Martin Basti wrote:
On 01.12.2015 12:19, Jan Cholasta wrote:
On 23.11.2015 15:47, Simo Sorce wrote:
On Mon, 2015-11-23 at 15:37 +0100, Jan Cholasta wrote:
Ad alternative is to add the host to ipaservers before the
done and remove it again if any of them fail.
Too error prone, I am ok with the current way in your patches
until/unless I can think of a fail safe way. :-)
Updated patches attached. Note that 520 should be applied
Simo, do you want to review the ACIs or other things it the
can the patches be pushed?
There were no changes in the ACIs since last time.
Actually, memberPrincipal was removed from the "IPA server hosts can
manage own Custodia secrets" ACI, as per Simo's request.
Rebased patches attached.
Note that 520 should still be applied between 509 and 510.
Pushed to master: 01ddf51df76f3298499973355c5461727e46ab5b
Martin Babinsky found out that ipaservers is not created early enough
when installing a replica of a 4.2 or older server which causes a crash.
The attached patch fixes that.
From eb887cf4291857b5fb5ce1bd991d460e7df4990b Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jchol...@redhat.com>
Date: Wed, 9 Dec 2015 15:56:24 +0100
Subject: [PATCH] replica install: add ipaservers before the server's host
entry is created
This prevents crash when adding the host entry to ipaservers when
installing replica of a 4.2 or older server.
ipaserver/install/dsinstance.py | 4 ++++
ipaserver/install/krbinstance.py | 5 ++++-
2 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py
index a58b0f7..1b82e56 100644
@@ -417,6 +417,10 @@ class DsInstance(service.Service):
self.run_init_memberof = repl.needs_memberof_fixup()
+ ld = ldapupdate.LDAPUpdate(ldapi=True)
# Now that the server is up make sure all changes happen against
# the local server (as repica pomotion does not have the DM password.
diff --git a/ipaserver/install/krbinstance.py b/ipaserver/install/krbinstance.py
index f928e50..1a7b65a 100644
@@ -122,7 +122,10 @@ class KrbInstance(service.Service):
('cn', 'accounts'), self.suffix)
hostgroup_entry = self.admin_conn.get_entry(hostgroup_dn, ['member'])
+ except errors.EmptyModlist:
def __common_setup(self, realm_name, host_name, domain_name, admin_password):
self.fqdn = host_name
Manage your subscription for the Freeipa-devel mailing list:
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code