Ticket: https://fedorahosted.org/freeipa/ticket/4676
Attached patches:
* Version A: uses wget to get status of CA
* Version B: write warning instead of raising exception (error is false
positive, CA is running)
I'm open to suggestions which approach is better
Martin^2
--
Martin Basti
From 6ca8f768beacc3328a7911f23afc433404ba871e Mon Sep 17 00:00:00 2001
From: Martin Basti <mba...@redhat.com>
Date: Tue, 18 Nov 2014 19:49:15 +0100
Subject: [PATCH] Using wget to get status of CA
This is just workaround
Ticket: https://fedorahosted.org/freeipa/ticket/4676
---
ipaplatform/redhat/services.py | 21 ++++++++++++++++++++-
1 file changed, 20 insertions(+), 1 deletion(-)
diff --git a/ipaplatform/redhat/services.py b/ipaplatform/redhat/services.py
index e032b57778cce5e3169910d1e0ebd9902aff1838..10a082e34f5cf9c7e3ba1a2fa96d498c4fcbd386 100644
--- a/ipaplatform/redhat/services.py
+++ b/ipaplatform/redhat/services.py
@@ -24,6 +24,7 @@ Contains Red Hat OS family-specific service class implementations.
import os
import time
+import xml.dom.minidom
from ipaplatform.tasks import tasks
from ipaplatform.base import services as base_services
@@ -185,7 +186,25 @@ class RedHatCAService(RedHatService):
op_timeout = time.time() + timeout
while time.time() < op_timeout:
try:
- status = dogtag.ca_status(use_proxy=use_proxy)
+ # FIXME
+ # workaround https://fedorahosted.org/freeipa/ticket/4716
+ # status = dogtag.ca_status(use_proxy=use_proxy)
+ url = "https://"; + api.env.ca_host + "/ca/admin/ca/getStatus"
+ args = [
+ paths.BIN_WGET,
+ '-S', '-O', '-',
+ '--timeout=30',
+ url
+ ]
+
+ stdout, stderr, returncode = ipautil.run(args)
+
+ #parse body
+ doc = xml.dom.minidom.parseString(stdout)
+ item_node = doc.getElementsByTagName("XMLResponse")[0]
+ item_node = item_node.getElementsByTagName("Status")[0]
+ status = item_node.childNodes[0].data
+ # end of workaround
except Exception:
status = 'check interrupted'
import traceback
--
1.8.3.1
From 61508160f5ce2947c78a4e1fd1319ddee538b7bc Mon Sep 17 00:00:00 2001
From: Martin Basti <mba...@redhat.com>
Date: Tue, 18 Nov 2014 18:30:59 +0100
Subject: [PATCH] Show warning instead of error if CA did not start
This is just workaround, checking if CA is working raises false positive
exception during upgrade
Ticket: https://fedorahosted.org/freeipa/ticket/4676
---
install/tools/ipa-upgradeconfig | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/install/tools/ipa-upgradeconfig b/install/tools/ipa-upgradeconfig
index b81a474b2bb14f1582dabd649400c13f7ce6d369..02bfe3a79f83e65f428fe2220d940eb39fdbd928 100644
--- a/install/tools/ipa-upgradeconfig
+++ b/install/tools/ipa-upgradeconfig
@@ -1473,6 +1473,10 @@ def main():
ca.restart(dogtag.configured_constants().PKI_INSTANCE_NAME)
except ipautil.CalledProcessError, e:
root_logger.error("Failed to restart %s: %s", ca.service_name, e)
+ # FIXME https://fedorahosted.org/freeipa/ticket/4676
+ # workaround
+ except RuntimeError as e:
+ root_logger.warning(str(e))
set_sssd_domain_option('ipa_server_mode', 'True')
--
1.8.3.1
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
