mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-01-15 10:51:56 -06:00
198cd5fab3
- Make sure that the file /var/run/ipa/renewal.lock is deleted upon uninstallation, in order to avoid subsequent installation issues. - Modify certmonger renewal script: restart the http/dirsrv services only if they were already running - Cleanup certmonger ra renewal script: no need to restart httpd - Reorder during http install: request the SSL cert before adding ipa-service-guard Rationale: when a CA helper is modified, certmonger launches the helper with various operations (FETCH_ROOTS, ...) If the CA helper is once again modified, the on-going helper is killed. This can lead to ipa-service-guard being killed and not releasing the renew lock. If the SSL cert is requested with IPA helper before ipa-service-guard is added, we avoid this locking issue. Part of the refactoring effort, certificates sub-effort. https://fedorahosted.org/freeipa/ticket/6433 Reviewed-By: Martin Basti <mbasti@redhat.com> Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: Fraser Tweedale <ftweedal@redhat.com> |
||
|---|---|---|
| .. | ||
| __init__.py | ||
| install.py | ||
| replicainstall.py | ||
| upgrade.py | ||