Ticket: https://fedorahosted.org/freeipa/ticket/4676
Attached patches:
* Version A: uses wget to get status of CA
* Version B: write warning instead of raising exception (error is false
positive, CA is running)
I'm open to suggestions which approach is better
Martin^2
--
Martin Basti
From 6ca8f768beacc3328a7911f23afc433404ba871e Mon Sep 17 00:00:00 2001
From: Martin Basti mba...@redhat.com
Date: Tue, 18 Nov 2014 19:49:15 +0100
Subject: [PATCH] Using wget to get status of CA
This is just workaround
Ticket: https://fedorahosted.org/freeipa/ticket/4676
---
ipaplatform/redhat/services.py | 21 -
1 file changed, 20 insertions(+), 1 deletion(-)
diff --git a/ipaplatform/redhat/services.py b/ipaplatform/redhat/services.py
index e032b57778cce5e3169910d1e0ebd9902aff1838..10a082e34f5cf9c7e3ba1a2fa96d498c4fcbd386 100644
--- a/ipaplatform/redhat/services.py
+++ b/ipaplatform/redhat/services.py
@@ -24,6 +24,7 @@ Contains Red Hat OS family-specific service class implementations.
import os
import time
+import xml.dom.minidom
from ipaplatform.tasks import tasks
from ipaplatform.base import services as base_services
@@ -185,7 +186,25 @@ class RedHatCAService(RedHatService):
op_timeout = time.time() + timeout
while time.time() op_timeout:
try:
-status = dogtag.ca_status(use_proxy=use_proxy)
+# FIXME
+# workaround https://fedorahosted.org/freeipa/ticket/4716
+# status = dogtag.ca_status(use_proxy=use_proxy)
+url = https://; + api.env.ca_host + /ca/admin/ca/getStatus
+args = [
+paths.BIN_WGET,
+'-S', '-O', '-',
+'--timeout=30',
+url
+]
+
+stdout, stderr, returncode = ipautil.run(args)
+
+#parse body
+doc = xml.dom.minidom.parseString(stdout)
+item_node = doc.getElementsByTagName(XMLResponse)[0]
+item_node = item_node.getElementsByTagName(Status)[0]
+status = item_node.childNodes[0].data
+# end of workaround
except Exception:
status = 'check interrupted'
import traceback
--
1.8.3.1
From 61508160f5ce2947c78a4e1fd1319ddee538b7bc Mon Sep 17 00:00:00 2001
From: Martin Basti mba...@redhat.com
Date: Tue, 18 Nov 2014 18:30:59 +0100
Subject: [PATCH] Show warning instead of error if CA did not start
This is just workaround, checking if CA is working raises false positive
exception during upgrade
Ticket: https://fedorahosted.org/freeipa/ticket/4676
---
install/tools/ipa-upgradeconfig | 4
1 file changed, 4 insertions(+)
diff --git a/install/tools/ipa-upgradeconfig b/install/tools/ipa-upgradeconfig
index b81a474b2bb14f1582dabd649400c13f7ce6d369..02bfe3a79f83e65f428fe2220d940eb39fdbd928 100644
--- a/install/tools/ipa-upgradeconfig
+++ b/install/tools/ipa-upgradeconfig
@@ -1473,6 +1473,10 @@ def main():
ca.restart(dogtag.configured_constants().PKI_INSTANCE_NAME)
except ipautil.CalledProcessError, e:
root_logger.error(Failed to restart %s: %s, ca.service_name, e)
+# FIXME https://fedorahosted.org/freeipa/ticket/4676
+# workaround
+except RuntimeError as e:
+root_logger.warning(str(e))
set_sssd_domain_option('ipa_server_mode', 'True')
--
1.8.3.1
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
