IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-11 00:31:56 -06:00
Code Issues Packages Projects Releases Wiki Activity
05d96e16dc
freeipa/ipaserver/install
History
Rob Crittenden 7572174175 Remove extraneous AJP secret from server.xml on upgrades 
PKI 10.10 unconditionally added an upgrade script for the AJP
connector which replaced the AJP secret regardless of tomcat
version.  It replaced requiredSecret with secret. IPA expects
the attribute by version so this could make the secrets out of
date and/or have connectors with both secrets and different
values.

PKI commit e70373ab131aba810f318c1d917896392b49ff4b has since
been reverted but there may be servers with both secrets still.
On next IPA upgrade clean them up.

Also allow re-writing ipa-pki-proxy.conf in case the secret
changes to ensure they remain in sync.

Fixes: https://pagure.io/freeipa/issue/9176

Signed-off-by: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
2022-06-14 15:54:50 +03:00
..
plugins ipatests: extend AES keyset to SHA2-based ones 2022-03-08 12:54:47 +01:00
server Remove extraneous AJP secret from server.xml on upgrades 2022-06-14 15:54:50 +03:00
__init__.py Remove __all__ specifications in ipaclient and ipaserver.install 2013-09-06 15:42:33 +02:00
adtrust.py adtrust install: define constants for rid bases 2021-11-02 10:11:28 +01:00
adtrustinstance.py SMB: switch IPA domain controller role 2021-11-10 15:00:27 -05:00
bindinstance.py LDAP autobind authenticateAsDN for BIND named 2021-06-15 14:13:16 +03:00
ca.py Add support for Random Serial Numbers v3 2022-06-09 08:35:15 +02:00
cainstance.py ipaldap: fix conversion from boolean OID to Python 2022-06-10 09:25:27 +02:00
certs.py pylint: Fix useless-suppression 2022-03-11 13:37:08 -05:00
conncheck.py install: introduce installer class hierarchy 2016-11-11 12:17:25 +01:00
custodiainstance.py pylint: Fix unused-private-member 2022-03-11 13:37:08 -05:00
dns.py pylint: Fix useless-suppression 2022-03-11 13:37:08 -05:00
dnskeysyncinstance.py dnskeysyncinstance: use late binding for UID/GID resolution 2020-12-22 14:05:13 +02:00
dogtag.py Verify pki ini override early 2019-04-10 13:43:23 +02:00
dogtaginstance.py Remove extraneous AJP secret from server.xml on upgrades 2022-06-14 15:54:50 +03:00
dsinstance.py Configure and enable the graceperiod plugin on upgrades 2022-06-02 15:24:22 -04:00
httpinstance.py Enable the ccache sweep timer during installation 2022-02-09 10:41:56 -05:00
installutils.py pylint: Fix useless-suppression 2022-03-11 13:37:08 -05:00
ipa_acme_manage.py ipa-acme-manage: user a cookie created for the communication with dogtag REST endpoints 2020-11-17 18:48:24 +02:00
ipa_backup.py BIND: Setup logging 2021-05-25 10:45:49 +03:00
ipa_cacert_manage.py ipa-cacert-manage: add prune option 2021-02-12 14:08:11 -05:00
ipa_cert_fix.py ipa-cert-fix man page: add note about certmonger renewal 2021-06-10 20:59:27 +02:00
ipa_crlgen_manage.py CRL generation master: new utility to enable|disable 2019-03-14 09:39:55 +01:00
ipa_kra_install.py Change FreeIPA references to IPA and Identity Management 2021-01-21 13:51:45 +01:00
ipa_ldap_updater.py Remove -s option from ipa-ldap-updater usage 2021-05-20 14:45:27 -04:00
ipa_otptoken_import.py pylint: Fix useless-suppression 2022-03-11 13:37:08 -05:00
ipa_pkinit_manage.py Allow PKINIT to be enabled when updating from a pre-PKINIT IPA CA server 2021-06-17 17:28:48 -04:00
ipa_replica_install.py pylint: Fix useless-suppression 2022-03-11 13:37:08 -05:00
ipa_restore.py pylint: Fix useless-suppression 2022-03-11 13:37:08 -05:00
ipa_server_certinstall.py Require an ipa-ca SAN on 3rd party certs if ACME is enabled 2020-11-02 14:01:05 -05:00
ipa_server_install.py pylint: Fix useless-suppression 2022-03-11 13:37:08 -05:00
ipa_server_upgrade.py ipa commands: print 'IPA is not configured' when ipa is not setup 2018-08-23 12:08:45 +02:00
ipa_subids.py pylint: Fix arguments-renamed 2022-03-11 13:37:08 -05:00
ipa_trust_enable_agent.py ipa-adtrust-install: run remote configuration for new agents 2020-03-05 14:40:58 +01:00
ipa_winsync_migrate.py ipa commands: print 'IPA is not configured' when ipa is not setup 2018-08-23 12:08:45 +02:00
ipactl.py pylint: Fix useless-suppression 2022-03-11 13:37:08 -05:00
kra.py ipa-kra-install: exit if ca_host is overriden 2021-07-27 13:27:36 +02:00
krainstance.py Add support for Random Serial Numbers v3 2022-06-09 08:35:15 +02:00
krbinstance.py Kerberos instance: default to AES256-SHA2 for master key encryption 2022-03-16 11:14:35 +02:00
ldapupdate.py pylint: Fix unused-variable 2022-03-11 13:37:08 -05:00
odsexporterinstance.py odsexporterinstance: use late binding for UID/GID resolution 2020-12-22 14:05:13 +02:00
opendnssecinstance.py opendnssecinstance: use late binding for UID/GID resolution 2020-12-22 14:05:13 +02:00
otpdinstance.py Enable pylint missing-final-newline check 2015-12-23 07:59:22 +01:00
replication.py ipa-replica-install: nsds5replicaUpdateInProgress is a Boolean 2022-06-13 09:07:38 +02:00
schemaupdate.py Unify access to FQDN 2020-10-26 17:11:19 +11:00
service.py LDAP autobind authenticateAsDN for BIND named 2021-06-15 14:13:16 +03:00
sysupgrade.py Add absolute_import future imports 2018-04-20 09:43:37 +02:00
upgradeinstance.py Use get_replication_plugin_name in LDAP updater 2021-06-21 10:58:02 +02:00