URL: https://github.com/freeipa/freeipa/pull/528 Author: stlaz Title: #528: Fix CA-less upgrade Action: opened
PR body: """ In CA-less mode there's no /etc/pki/pki-tomcat/password.conf so it does not make sense to try to create a password file for an NSS database from it (the NSS database does not exist either). https://fedorahosted.org/freeipa/ticket/5695 Thanks @HonzaCholasta for discovering this. """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/528/head:pr528 git checkout pr528
From 6ea2aed70868b15ceec4a775c9cada6324d41bae Mon Sep 17 00:00:00 2001 From: Stanislav Laznicka <slazn...@redhat.com> Date: Wed, 1 Mar 2017 15:40:10 +0100 Subject: [PATCH] Fix CA-less upgrade In CA-less mode there's no /etc/pki/pki-tomcat/password.conf so it does not make sense to try to create a password file for an NSS database from it (the NSS database does not exist either). https://fedorahosted.org/freeipa/ticket/5695 --- ipaserver/install/server/upgrade.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ipaserver/install/server/upgrade.py b/ipaserver/install/server/upgrade.py index d3fd432..d7271e5 100644 --- a/ipaserver/install/server/upgrade.py +++ b/ipaserver/install/server/upgrade.py @@ -1537,7 +1537,7 @@ def upgrade_configuration(): # create passswd.txt file in PKI_TOMCAT_ALIAS_DIR if it does not exist # this file will be required on most actions over this NSS DB in FIPS - if not os.path.exists(os.path.join( + if ca.is_configured() and not os.path.exists(os.path.join( paths.PKI_TOMCAT_ALIAS_DIR, 'pwdfile.txt')): ca.create_certstore_passwdfile()
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code