IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-28 18:01:23 -06:00
Code Issues Packages Projects Releases Wiki Activity

Prevent service restart failures in ipa-replica-install

Browse Source 
Call restart() methods of appropriate services instead of calling
the system service restart command directly as service() method
has a capability to wait until the service is fully up. Without
this patch ipa-replica-install crashed on F-16 because krb5kdc
service was started before dirsrv service was fully up.

https://fedorahosted.org/freeipa/ticket/2139
This commit is contained in:
Martin Kosek 2012-01-04 19:53:18 +01:00
parent 5550ee1607
commit 649d13b597
1 changed files with 16 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
install/tools/ipa-replica-install
View File

@ -152,6 +152,8 @@ def install_krb(config, setup_pkinit=False):
config.domain_name, config.dirman_password, config.domain_name, config.dirman_password,
setup_pkinit, pkcs12_info) setup_pkinit, pkcs12_info)
return krb
def install_ca_cert(config): def install_ca_cert(config):
cafile = config.dir + "/ca.crt" cafile = config.dir + "/ca.crt"
if not ipautil.file_exists(cafile): if not ipautil.file_exists(cafile):
@ -185,6 +187,8 @@ def install_http(config, auto_redirect):
print "error copying files: " + str(e) print "error copying files: " + str(e)
sys.exit(1) sys.exit(1)
return http
def install_bind(config, options): def install_bind(config, options):
api.Backend.ldap2.connect(bind_dn="cn=Directory Manager", api.Backend.ldap2.connect(bind_dn="cn=Directory Manager",
bind_pw=config.dirman_password) bind_pw=config.dirman_password)
@ -420,8 +424,8 @@ def main():
cs.add_simple_service('dogtagldap/%s@%s' % (config.host_name, config.realm_name)) cs.add_simple_service('dogtagldap/%s@%s' % (config.host_name, config.realm_name))
cs.add_cert_to_service() cs.add_cert_to_service()
install_krb(config, setup_pkinit=options.setup_pkinit) krb = install_krb(config, setup_pkinit=options.setup_pkinit)
install_http(config, auto_redirect=options.ui_redirect) http = install_http(config, auto_redirect=options.ui_redirect)
if CA: if CA:
CA.import_ra_cert(dir + "/ra.p12") CA.import_ra_cert(dir + "/ra.p12")
CA.fix_ra_perms() CA.fix_ra_perms()
@ -435,9 +439,16 @@ def main():
service.print_msg("Applying LDAP updates") service.print_msg("Applying LDAP updates")
ds.apply_updates() ds.apply_updates()
ipaservices.knownservices.dirsrv.restart() # Restart ds and krb after configurations have been changed
ipaservices.knownservices.krb5kdc.restart() service.print_msg("Restarting the directory server")
ipaservices.knownservices.httpd.restart() ds.restart()
service.print_msg("Restarting the KDC")
krb.restart()
# Restart httpd to pick up the new IPA configuration
service.print_msg("Restarting the web server")
http.restart()
if options.setup_dns: if options.setup_dns:
install_bind(config, options) install_bind(config, options)