Re: [Freeipa-devel] [PATCH 0071] replica: Fix ipa-replica-install with replica file (domain, level 0).
On 12/09/2015 08:31 AM, David Kupka wrote: > On 08/12/15 16:33, Tomas Babej wrote: >> >> >> On 12/08/2015 04:20 PM, Oleg Fayans wrote: >>> ACK. The initial issue is fixed. >>> >>> On 12/08/2015 03:03 PM, David Kupka wrote: https://fedorahosted.org/freeipa/ticket/5531 >>> >> >> Can we get some more love for the patch and provide at least a sentence >> worth of commit message before pushing? >> >> It's not obvious from the title what the patch does, other than it fixes >> things. >> >> Tomas >> > I believe it's pretty obvious from linked ticket and attached patch > changing just 5 lines. > But you're right verbosity in commit message could save time later. > Patch with changed commit message attached. > Yes, I'd rather avoid the need to go to the ticket when perusing the git log. ACK, thanks. Tomas -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Re: [Freeipa-devel] [PATCH 0071] replica: Fix ipa-replica-install with replica file (domain, level 0).
On 9.12.2015 08:31, David Kupka wrote: On 08/12/15 16:33, Tomas Babej wrote: On 12/08/2015 04:20 PM, Oleg Fayans wrote: ACK. The initial issue is fixed. On 12/08/2015 03:03 PM, David Kupka wrote: https://fedorahosted.org/freeipa/ticket/5531 Can we get some more love for the patch and provide at least a sentence worth of commit message before pushing? It's not obvious from the title what the patch does, other than it fixes things. Tomas I believe it's pretty obvious from linked ticket and attached patch changing just 5 lines. But you're right verbosity in commit message could save time later. Patch with changed commit message attached. ACK. Pushed to master: b7953cda4fc02637f6e3db574b3d7163efc78a98 -- Jan Cholasta -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Re: [Freeipa-devel] [PATCH 0071] replica: Fix ipa-replica-install with replica file (domain, level 0).
On 08/12/15 16:33, Tomas Babej wrote:
On 12/08/2015 04:20 PM, Oleg Fayans wrote:
ACK. The initial issue is fixed.
On 12/08/2015 03:03 PM, David Kupka wrote:
https://fedorahosted.org/freeipa/ticket/5531
Can we get some more love for the patch and provide at least a sentence
worth of commit message before pushing?
It's not obvious from the title what the patch does, other than it fixes
things.
Tomas
I believe it's pretty obvious from linked ticket and attached patch
changing just 5 lines.
But you're right verbosity in commit message could save time later.
Patch with changed commit message attached.
--
David Kupka
From eee2c606aeba8aff61777cbf54fdb6c006e8c755 Mon Sep 17 00:00:00 2001
From: David Kupka
Date: Tue, 8 Dec 2015 14:22:01 +0100
Subject: [PATCH] replica: Fix ipa-replica-install with replica file (domain
level 0).
Attribute _ca_enabled is set in promote_check() and is not available in
install(). When installing replica in domain level 0 we can determine existence
of CA service based on existence of cacert.p12 file in provided replica-file.
https://fedorahosted.org/freeipa/ticket/5531
---
ipaserver/install/server/replicainstall.py | 10 ++
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py
index 4554166752ce4e5db2a98a8f495aa061aec963e9..a962ef93442c201f9df80adfb0443ab37cf9dc59 100644
--- a/ipaserver/install/server/replicainstall.py
+++ b/ipaserver/install/server/replicainstall.py
@@ -654,6 +654,8 @@ def install(installer):
if installer._update_hosts_file:
installutils.update_hosts_file(config.ips, config.host_name, fstore)
+ca_enabled = ipautil.file_exists(config.dir + "/cacert.p12")
+
# Create DS user/group if it doesn't exist yet
dsinstance.create_ds_user()
@@ -675,7 +677,7 @@ def install(installer):
ntp.create_instance()
# Configure dirsrv
-ds = install_replica_ds(config, options, installer._ca_enabled)
+ds = install_replica_ds(config, options, ca_enabled)
# Always try to install DNS records
install_dns_records(config, options, remote_api)
@@ -690,20 +692,20 @@ def install(installer):
options.domain_name = config.domain_name
options.host_name = config.host_name
-if ipautil.file_exists(config.dir + "/cacert.p12"):
+if ca_enabled:
options.ra_p12 = config.dir + "/ra.p12"
ca.install(False, config, options)
krb = install_krb(config, setup_pkinit=not options.no_pkinit)
http = install_http(config, auto_redirect=not options.no_ui_redirect,
-ca_is_configured=installer._ca_enabled)
+ca_is_configured=ca_enabled)
otpd = otpdinstance.OtpdInstance()
otpd.create_instance('OTPD', config.host_name, config.dirman_password,
ipautil.realm_to_suffix(config.realm_name))
-if ipautil.file_exists(config.dir + "/cacert.p12"):
+if ca_enabled:
CA = cainstance.CAInstance(config.realm_name, certs.NSS_DIR)
CA.dm_password = config.dirman_password
--
2.5.0
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Re: [Freeipa-devel] [PATCH 0071] replica: Fix ipa-replica-install with replica file (domain, level 0).
On 12/08/2015 04:20 PM, Oleg Fayans wrote: > ACK. The initial issue is fixed. > > On 12/08/2015 03:03 PM, David Kupka wrote: >> https://fedorahosted.org/freeipa/ticket/5531 >> >> > Can we get some more love for the patch and provide at least a sentence worth of commit message before pushing? It's not obvious from the title what the patch does, other than it fixes things. Tomas -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Re: [Freeipa-devel] [PATCH 0071] replica: Fix ipa-replica-install with replica file (domain, level 0).
ACK. The initial issue is fixed. On 12/08/2015 03:03 PM, David Kupka wrote: > https://fedorahosted.org/freeipa/ticket/5531 > > -- Oleg Fayans Quality Engineer FreeIPA team RedHat. -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
[Freeipa-devel] [PATCH 0071] replica: Fix ipa-replica-install with replica file (domain, level 0).
https://fedorahosted.org/freeipa/ticket/5531
--
David Kupka
From eee2c606aeba8aff61777cbf54fdb6c006e8c755 Mon Sep 17 00:00:00 2001
From: David Kupka
Date: Tue, 8 Dec 2015 14:22:01 +0100
Subject: [PATCH] replica: Fix ipa-replica-install with replica file (domain
level 0).
https://fedorahosted.org/freeipa/ticket/5531
---
ipaserver/install/server/replicainstall.py | 10 ++
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py
index 4554166752ce4e5db2a98a8f495aa061aec963e9..a962ef93442c201f9df80adfb0443ab37cf9dc59 100644
--- a/ipaserver/install/server/replicainstall.py
+++ b/ipaserver/install/server/replicainstall.py
@@ -654,6 +654,8 @@ def install(installer):
if installer._update_hosts_file:
installutils.update_hosts_file(config.ips, config.host_name, fstore)
+ca_enabled = ipautil.file_exists(config.dir + "/cacert.p12")
+
# Create DS user/group if it doesn't exist yet
dsinstance.create_ds_user()
@@ -675,7 +677,7 @@ def install(installer):
ntp.create_instance()
# Configure dirsrv
-ds = install_replica_ds(config, options, installer._ca_enabled)
+ds = install_replica_ds(config, options, ca_enabled)
# Always try to install DNS records
install_dns_records(config, options, remote_api)
@@ -690,20 +692,20 @@ def install(installer):
options.domain_name = config.domain_name
options.host_name = config.host_name
-if ipautil.file_exists(config.dir + "/cacert.p12"):
+if ca_enabled:
options.ra_p12 = config.dir + "/ra.p12"
ca.install(False, config, options)
krb = install_krb(config, setup_pkinit=not options.no_pkinit)
http = install_http(config, auto_redirect=not options.no_ui_redirect,
-ca_is_configured=installer._ca_enabled)
+ca_is_configured=ca_enabled)
otpd = otpdinstance.OtpdInstance()
otpd.create_instance('OTPD', config.host_name, config.dirman_password,
ipautil.realm_to_suffix(config.realm_name))
-if ipautil.file_exists(config.dir + "/cacert.p12"):
+if ca_enabled:
CA = cainstance.CAInstance(config.realm_name, certs.NSS_DIR)
CA.dm_password = config.dirman_password
--
2.5.0
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
