https://fedorahosted.org/freeipa/ticket/5544
Patch attached.
From a882c48058cca2564265546e557e9d7d542a9553 Mon Sep 17 00:00:00 2001
From: Martin Basti
Date: Wed, 13 Jan 2016 17:27:06 +0100
Subject: [PATCH] Warn about potential loss of CA, KRA, DNSSEC during uninstall
If connection do LDAP failed (or LDAP server is down) we cannot verify
if there is any additonal instance of CA, KRA, DNSSEC master.
In this case a user is warned and promted to confirm uninstallation.
https://fedorahosted.org/freeipa/ticket/5544
---
ipaserver/install/server/install.py | 12 +++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/ipaserver/install/server/install.py b/ipaserver/install/server/install.py
index 8a57886cd91bc4dbb06d30b457844499d3ff6cec..49e97eb667a322898acc3a064f4eae5381ded918 100644
--- a/ipaserver/install/server/install.py
+++ b/ipaserver/install/server/install.py
@@ -1078,8 +1078,18 @@ def uninstall_check(installer):
msg = ("\nWARNING: Failed to connect to Directory Server to find "
"information about replication agreements. Uninstallation "
"will continue despite the possible existing replication "
- "agreements.\n\n")
+ "agreements.\n\n"
+ "If this server is the last instance of CA, KRA, or DNSSEC "
+ "master, uninstallation may result in data loss.\n\n"
+)
print(textwrap.fill(msg, width=80, replace_whitespace=False))
+
+if (installer.interactive and not user_input(
+"Are you sure you want to continue with the uninstall "
+"procedure?", False)):
+print("")
+print("Aborting uninstall operation.")
+sys.exit(1)
else:
dns.uninstall_check(options)
--
2.5.0
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code