mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-01-28 09:06:44 -06:00
802e54dd0e
When the --server option is provided to ipa-replica-install (1-step install), make sure that the server offers all the required roles (CA, KRA). If it's not the case, refuse the installation. Note that the --server option is ignored when promoting from client to replica (2-step install with ipa-client-install and ipa-replica-install), meaning that the existing behavior is not changed in this use case: by default the host specified in default.conf as server is used for enrollment, but if it does not provide a required role, another host can be picked for CA or KRA setup. Fixes: https://pagure.io/freeipa/issue/7566 Signed-off-by: Florence Blanc-Renaud <flo@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com> Reviewed-By: Mohammad Rizwan Yusuf <myusuf@redhat.com> |
||
|---|---|---|
| .. | ||
| man | ||
| ipa-adtrust-install.in | ||
| ipa-advise.in | ||
| ipa-backup.in | ||
| ipa-ca-install.in | ||
| ipa-cacert-manage.in | ||
| ipa-cert-fix.in | ||
| ipa-compat-manage.in | ||
| ipa-crlgen-manage.in | ||
| ipa-csreplica-manage.in | ||
| ipa-custodia-check.in | ||
| ipa-custodia.in | ||
| ipa-dns-install.in | ||
| ipa-httpd-kdcproxy.in | ||
| ipa-httpd-pwdreader | ||
| ipa-kra-install.in | ||
| ipa-ldap-updater.in | ||
| ipa-managed-entries.in | ||
| ipa-nis-manage.in | ||
| ipa-otptoken-import.in | ||
| ipa-pki-retrieve-key.in | ||
| ipa-pki-wait-running.in | ||
| ipa-pkinit-manage.in | ||
| ipa-replica-conncheck.in | ||
| ipa-replica-install.in | ||
| ipa-replica-manage.in | ||
| ipa-restore.in | ||
| ipa-server-certinstall.in | ||
| ipa-server-install.in | ||
| ipa-server-upgrade.in | ||
| ipa-winsync-migrate.in | ||
| ipactl.in | ||
| Makefile.am | ||