Re: [Freeipa-devel] [PATCH 0071] replica: Fix ipa-replica-install with replica file (domain, level 0).
On 12/09/2015 08:31 AM, David Kupka wrote: > On 08/12/15 16:33, Tomas Babej wrote: >> >> >> On 12/08/2015 04:20 PM, Oleg Fayans wrote: >>> ACK. The initial issue is fixed. >>> >>> On 12/08/2015 03:03 PM, David Kupka wrote: https://fedorahosted.org/freeipa/ticket/5531 >>> >> >> Can we get some more love for the patch and provide at least a sentence >> worth of commit message before pushing? >> >> It's not obvious from the title what the patch does, other than it fixes >> things. >> >> Tomas >> > I believe it's pretty obvious from linked ticket and attached patch > changing just 5 lines. > But you're right verbosity in commit message could save time later. > Patch with changed commit message attached. > Yes, I'd rather avoid the need to go to the ticket when perusing the git log. ACK, thanks. Tomas -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Re: [Freeipa-devel] [PATCH 0071] replica: Fix ipa-replica-install with replica file (domain, level 0).
On 9.12.2015 08:31, David Kupka wrote: On 08/12/15 16:33, Tomas Babej wrote: On 12/08/2015 04:20 PM, Oleg Fayans wrote: ACK. The initial issue is fixed. On 12/08/2015 03:03 PM, David Kupka wrote: https://fedorahosted.org/freeipa/ticket/5531 Can we get some more love for the patch and provide at least a sentence worth of commit message before pushing? It's not obvious from the title what the patch does, other than it fixes things. Tomas I believe it's pretty obvious from linked ticket and attached patch changing just 5 lines. But you're right verbosity in commit message could save time later. Patch with changed commit message attached. ACK. Pushed to master: b7953cda4fc02637f6e3db574b3d7163efc78a98 -- Jan Cholasta -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Re: [Freeipa-devel] [PATCH 0071] replica: Fix ipa-replica-install with replica file (domain, level 0).
On 08/12/15 16:33, Tomas Babej wrote: On 12/08/2015 04:20 PM, Oleg Fayans wrote: ACK. The initial issue is fixed. On 12/08/2015 03:03 PM, David Kupka wrote: https://fedorahosted.org/freeipa/ticket/5531 Can we get some more love for the patch and provide at least a sentence worth of commit message before pushing? It's not obvious from the title what the patch does, other than it fixes things. Tomas I believe it's pretty obvious from linked ticket and attached patch changing just 5 lines. But you're right verbosity in commit message could save time later. Patch with changed commit message attached. -- David Kupka From eee2c606aeba8aff61777cbf54fdb6c006e8c755 Mon Sep 17 00:00:00 2001 From: David Kupka Date: Tue, 8 Dec 2015 14:22:01 +0100 Subject: [PATCH] replica: Fix ipa-replica-install with replica file (domain level 0). Attribute _ca_enabled is set in promote_check() and is not available in install(). When installing replica in domain level 0 we can determine existence of CA service based on existence of cacert.p12 file in provided replica-file. https://fedorahosted.org/freeipa/ticket/5531 --- ipaserver/install/server/replicainstall.py | 10 ++ 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py index 4554166752ce4e5db2a98a8f495aa061aec963e9..a962ef93442c201f9df80adfb0443ab37cf9dc59 100644 --- a/ipaserver/install/server/replicainstall.py +++ b/ipaserver/install/server/replicainstall.py @@ -654,6 +654,8 @@ def install(installer): if installer._update_hosts_file: installutils.update_hosts_file(config.ips, config.host_name, fstore) +ca_enabled = ipautil.file_exists(config.dir + "/cacert.p12") + # Create DS user/group if it doesn't exist yet dsinstance.create_ds_user() @@ -675,7 +677,7 @@ def install(installer): ntp.create_instance() # Configure dirsrv -ds = install_replica_ds(config, options, installer._ca_enabled) +ds = install_replica_ds(config, options, ca_enabled) # Always try to install DNS records install_dns_records(config, options, remote_api) @@ -690,20 +692,20 @@ def install(installer): options.domain_name = config.domain_name options.host_name = config.host_name -if ipautil.file_exists(config.dir + "/cacert.p12"): +if ca_enabled: options.ra_p12 = config.dir + "/ra.p12" ca.install(False, config, options) krb = install_krb(config, setup_pkinit=not options.no_pkinit) http = install_http(config, auto_redirect=not options.no_ui_redirect, -ca_is_configured=installer._ca_enabled) +ca_is_configured=ca_enabled) otpd = otpdinstance.OtpdInstance() otpd.create_instance('OTPD', config.host_name, config.dirman_password, ipautil.realm_to_suffix(config.realm_name)) -if ipautil.file_exists(config.dir + "/cacert.p12"): +if ca_enabled: CA = cainstance.CAInstance(config.realm_name, certs.NSS_DIR) CA.dm_password = config.dirman_password -- 2.5.0 -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Re: [Freeipa-devel] [PATCH 0071] replica: Fix ipa-replica-install with replica file (domain, level 0).
On 12/08/2015 04:20 PM, Oleg Fayans wrote: > ACK. The initial issue is fixed. > > On 12/08/2015 03:03 PM, David Kupka wrote: >> https://fedorahosted.org/freeipa/ticket/5531 >> >> > Can we get some more love for the patch and provide at least a sentence worth of commit message before pushing? It's not obvious from the title what the patch does, other than it fixes things. Tomas -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Re: [Freeipa-devel] [PATCH 0071] replica: Fix ipa-replica-install with replica file (domain, level 0).
ACK. The initial issue is fixed. On 12/08/2015 03:03 PM, David Kupka wrote: > https://fedorahosted.org/freeipa/ticket/5531 > > -- Oleg Fayans Quality Engineer FreeIPA team RedHat. -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
[Freeipa-devel] [PATCH 0071] replica: Fix ipa-replica-install with replica file (domain, level 0).
https://fedorahosted.org/freeipa/ticket/5531 -- David Kupka From eee2c606aeba8aff61777cbf54fdb6c006e8c755 Mon Sep 17 00:00:00 2001 From: David Kupka Date: Tue, 8 Dec 2015 14:22:01 +0100 Subject: [PATCH] replica: Fix ipa-replica-install with replica file (domain level 0). https://fedorahosted.org/freeipa/ticket/5531 --- ipaserver/install/server/replicainstall.py | 10 ++ 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py index 4554166752ce4e5db2a98a8f495aa061aec963e9..a962ef93442c201f9df80adfb0443ab37cf9dc59 100644 --- a/ipaserver/install/server/replicainstall.py +++ b/ipaserver/install/server/replicainstall.py @@ -654,6 +654,8 @@ def install(installer): if installer._update_hosts_file: installutils.update_hosts_file(config.ips, config.host_name, fstore) +ca_enabled = ipautil.file_exists(config.dir + "/cacert.p12") + # Create DS user/group if it doesn't exist yet dsinstance.create_ds_user() @@ -675,7 +677,7 @@ def install(installer): ntp.create_instance() # Configure dirsrv -ds = install_replica_ds(config, options, installer._ca_enabled) +ds = install_replica_ds(config, options, ca_enabled) # Always try to install DNS records install_dns_records(config, options, remote_api) @@ -690,20 +692,20 @@ def install(installer): options.domain_name = config.domain_name options.host_name = config.host_name -if ipautil.file_exists(config.dir + "/cacert.p12"): +if ca_enabled: options.ra_p12 = config.dir + "/ra.p12" ca.install(False, config, options) krb = install_krb(config, setup_pkinit=not options.no_pkinit) http = install_http(config, auto_redirect=not options.no_ui_redirect, -ca_is_configured=installer._ca_enabled) +ca_is_configured=ca_enabled) otpd = otpdinstance.OtpdInstance() otpd.create_instance('OTPD', config.host_name, config.dirman_password, ipautil.realm_to_suffix(config.realm_name)) -if ipautil.file_exists(config.dir + "/cacert.p12"): +if ca_enabled: CA = cainstance.CAInstance(config.realm_name, certs.NSS_DIR) CA.dm_password = config.dirman_password -- 2.5.0 -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code