mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-25 08:21:05 -06:00
97e838e10d
update_ca_renewal_master uses ipaCert certmonger tracking information to decide whether the local server is the CA renewal master or not. The information is lost when migrating from /etc/httpd/alias to /var/lib/ipa/radb in update_ra_cert_store. Make sure update_ra_cert_store is executed after update_ca_renewal_master so that correct information is used. https://fedorahosted.org/freeipa/ticket/5959 Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
34 lines
950 B
Plaintext
34 lines
950 B
Plaintext
# first
|
|
|
|
|
|
# middle
|
|
plugin: update_ca_topology
|
|
plugin: update_ipaconfigstring_dnsversion_to_ipadnsversion
|
|
plugin: update_dnszones
|
|
plugin: update_dns_limits
|
|
plugin: update_sigden_extdom_broken_config
|
|
plugin: update_sids
|
|
plugin: update_default_range
|
|
plugin: update_default_trust_view
|
|
plugin: update_ca_renewal_master
|
|
plugin: update_idrange_type
|
|
plugin: update_pacs
|
|
plugin: update_service_principalalias
|
|
plugin: update_upload_cacrt
|
|
# update_ra_cert_store has to be executed after update_ca_renewal_master
|
|
plugin: update_ra_cert_store
|
|
|
|
# last
|
|
# DNS version 1
|
|
plugin: update_master_to_dnsforwardzones
|
|
# DNS version 2
|
|
plugin: update_dnsforward_emptyzones
|
|
plugin: update_managed_post
|
|
plugin: update_managed_permissions
|
|
plugin: update_read_replication_agreements_permission
|
|
plugin: update_idrange_baserid
|
|
plugin: update_passync_privilege_update
|
|
plugin: update_dnsserver_configuration_into_ldap
|
|
plugin: update_ldap_server_list
|
|
plugin: update_dna_shared_config
|