subject:"\[Freeipa\-users\] F19 \-> F20 yum upgrade success report \(WAS\: Re\: WARNING\: Do not upgrade FreeIPA deployments to Fedora 20 final \(yet\)\)"

Re: [Freeipa-users] F19 - F20 yum upgrade success report (WAS: Re: WARNING: Do not upgrade FreeIPA deployments to Fedora 20 final (yet))

2014-03-07 Thread Martin Kosek

On 03/03/2014 09:54 PM, Anthony Messina wrote:
 On Saturday, March 01, 2014 04:18:11 AM Anthony Messina wrote:
 I've been waiting patiently for F20 to settle before upgrading my two
 VM installations of FreeIPA:
 
 ipa1 (original master) ipa2 (clone)
 
 I'm considering doing a yum upgrade this weekend and was wondering if
 any users had found any gotchas?  One that I can think of is the
 addition of the following in F20's default /etc/krb5.conf:
 
 [libdefaults] ... default_ccache_name = KEYRING:persistent:%{uid} ...
 
 I've seen on some of my freshly installed F20 FreeIPA clients that this 
 option  is no longer present after ipa-client-install.  On those
 clients, I've manually added it post client install and things seem to
 work OK with the exception of SELinux errors reported here:
 
 https://bugzilla.redhat.com/show_bug.cgi?id=1001703
 
 Should I place this option in /etc/krb5.conf on the masters
 before/after the  yum upgrade (or at all)?
 
 Should I run ipactl stop prior to running the yum upgrade?
 
 Of note, I'm considering the yum upgrade option rather than creating
 F20 replicas of F19 masters due to:
 
 https://fedorahosted.org/pki/ticket/816 
 https://fedorahosted.org/389/ticket/47721
 
 Any guidance is appreciated.  Thanks, and have a good weekend.
 
 -A
 
 I can report to the list that I've upgraded my ipa1 and ipa2 machines from
 F19 to F20 via yum upgrade in SELinux permissive mode and things went 
 swimmingly.

I always like to hear user reports like this one :) Thanks!

 
 As far as my concerns above, I added the following to /etc/krb5.conf after
 the upgrade, but before the reboot:
 
 default_ccache_name = KEYRING:persistent:%{uid}
 
 And I did not issue ipactl stop prior to the upgrade.
 
 The only post-upgrade issue I am seeing is invalid characters passed to
 dirsrv queries when using FreeIPA web interface:
 
 https://fedorahosted.org/freeipa/ticket/4214

Thanks for the report. I think I found the root cause, patch sent.

Martin

___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

[Freeipa-users] F19 - F20 yum upgrade success report (WAS: Re: WARNING: Do not upgrade FreeIPA deployments to Fedora 20 final (yet))

2014-03-03 Thread Anthony Messina

On Saturday, March 01, 2014 04:18:11 AM Anthony Messina wrote:
 I've been waiting patiently for F20 to settle before upgrading my two VM 
 installations of FreeIPA:
 
 ipa1 (original master)
 ipa2 (clone)
 
 I'm considering doing a yum upgrade this weekend and was wondering if any 
 users had found any gotchas?  One that I can think of is the addition of
 the following in F20's default /etc/krb5.conf:
 
 [libdefaults]
   ...
   default_ccache_name = KEYRING:persistent:%{uid}
   ...
 
 I've seen on some of my freshly installed F20 FreeIPA clients that this
 option  is no longer present after ipa-client-install.  On those clients,
 I've manually added it post client install and things seem to work OK with
 the exception of SELinux errors reported here:
 
 https://bugzilla.redhat.com/show_bug.cgi?id=1001703
 
 Should I place this option in /etc/krb5.conf on the masters before/after
 the  yum upgrade (or at all)?
 
 Should I run ipactl stop prior to running the yum upgrade?
 
 Of note, I'm considering the yum upgrade option rather than creating F20 
 replicas of F19 masters due to:
 
 https://fedorahosted.org/pki/ticket/816
 https://fedorahosted.org/389/ticket/47721
 
 Any guidance is appreciated.  Thanks, and have a good weekend.
 
 -A

I can report to the list that I've upgraded my ipa1 and ipa2 machines from F19 
to F20 via yum upgrade in SELinux permissive mode and things went 
swimmingly.

As far as my concerns above, I added the following to /etc/krb5.conf after the 
upgrade, but before the reboot:

default_ccache_name = KEYRING:persistent:%{uid}

And I did not issue ipactl stop prior to the upgrade.

The only post-upgrade issue I am seeing is invalid characters passed to dirsrv 
queries when using FreeIPA web interface:

https://fedorahosted.org/freeipa/ticket/4214

Thanks again to the FreeIPA team!

-A

-- 
Anthony - http://messinet.com - http://messinet.com/~amessina/gallery
8F89 5E72 8DF0 BCF0 10BE 9967 92DC 35DC B001 4A4E


signature.asc
Description: This is a digitally signed message part.
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Re: [Freeipa-users] F19 - F20 yum upgrade success report (WAS: Re: WARNING: Do not upgrade FreeIPA deployments to Fedora 20 final (yet))

[Freeipa-users] F19 - F20 yum upgrade success report (WAS: Re: WARNING: Do not upgrade FreeIPA deployments to Fedora 20 final (yet))

2 matches

Site Navigation

Mail list logo

Footer information