Do better detection on status of CA DS instance when installing.

The conditional used to determine if thd CA 389-ds instance was already configured was rather poor so it was possible to pass command-line arguments in to confuse it. This would cause it to not be installed at all causing the dogtag installation to fail in a strange way. https://fedorahosted.org/freeipa/ticket/1244
2025-02-25 18:55:28 -06:00 · 2011-06-10 15:28:46 -04:00
parent cb70784e6f
commit 9f72637b13
1 changed files with 4 additions and 4 deletions
--- a/install/tools/ipa-server-install
+++ b/install/tools/ipa-server-install
@@ -750,15 +750,15 @@ def main():
            print "%s does not exist" % options.external_ca_file
            sys.exit(1);

-        if options.external_cert_file is None:
-            cs = cainstance.CADSInstance()
+        cs = cainstance.CADSInstance(host_name, realm_name, domain_name, dm_password)
+        if not cs.is_configured():
            cs.create_instance(realm_name, host_name, domain_name, dm_password, subject_base=options.subject)
        ca = cainstance.CAInstance(realm_name, certs.NSS_DIR)
        if external == 0:
            ca.configure_instance(host_name, dm_password, dm_password,
                                  subject_base=options.subject)
        elif external == 1:
-            # stage 2 of external CA installation
+            # stage 1 of external CA installation
            options.realm_name = realm_name
            options.domain_name = domain_name
            options.master_password = master_password
@@ -771,11 +771,11 @@ def main():
                                  csr_file="/root/ipa.csr",
                                  subject_base=options.subject)
        else:
+            # stage 2 of external CA installation
            if not ca.is_installed():
                # This can happen if someone passes external_ca_file without
                # already having done the first stage of the CA install.
                sys.exit('CA is not installed yet. To install with an external CA is a two-stage process.\nFirst run the installer with --external-ca.')
-            cs = cainstance.CADSInstance(host_name, realm_name, domain_name, dm_password)
            ca.configure_instance(host_name, dm_password, dm_password,
                                  cert_file=options.external_cert_file,
                                  cert_chain_file=options.external_ca_file,