mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-01-28 09:06:44 -06:00
45b351f8c5
There are currently three sets of CA schema changes applied in ipa-server-upgrade: * addition of ACME schema * addition of certificate profile schema * addition of lightweight CA schema None of these require a restart of the CA to be supported. There is an issue in schema parsing such that it doesn't handle X-ORIGIN properly. A difference is detected and a change applied but no change is recorded in LDAP so every time upgrade is run it thinks a CA restart is needed. The CA is not quick to restart so avoiding one is best, particularly when the update is run as part of an rpm transaction where a user with an itchy finger may think things have hung and break out of it. https://github.com/389ds/389-ds-base/issues/5366 was filed to track this. Related: https://pagure.io/freeipa/issue/9204 Signed-off-by: Rob Crittenden <rcritten@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com> |
||
|---|---|---|
| .. | ||
| advise | ||
| custodia | ||
| dnssec | ||
| install | ||
| plugins | ||
| secrets | ||
| __init__.py | ||
| dcerpc_common.py | ||
| dcerpc.py | ||
| dns_data_management.py | ||
| Makefile.am | ||
| masters.py | ||
| p11helper.py | ||
| rpcserver.py | ||
| servroles.py | ||
| setup.cfg | ||
| setup.py | ||
| topology.py | ||
| wsgi.py | ||