Thanks. Updated patch attached. On Fri, Jun 5, 2015 at 9:53 AM, Jakub Hrozek <jhro...@redhat.com> wrote:
> On Fri, Jun 05, 2015 at 09:46:05AM -0600, Gabe Alford wrote: > > How should > > https://www.redhat.com/archives/freeipa-users/2015-June/msg00116.html be > > handled where the user cleared out the db cache? > > Ah, I confused that one with another issue Jan Pazdziora had, which was > incidentally about client uninstall as well. > > In that case, you can just remove the single ldb file that corresponds > to the domain that the client is leaving. Maybe it would be safer to mv > the files instead of remove them, but I guess if you run --uninstall, > you really want just to purge everything.. > > btw do the ipa installer tools support multiple domains at all? > > -- > Manage your subscription for the Freeipa-devel mailing list: > https://www.redhat.com/mailman/listinfo/freeipa-devel > Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code >
From 40f7c3780baaf0b42d10c94c8527c9359a42247f Mon Sep 17 00:00:00 2001 From: Gabe <redhatri...@gmail.com> Date: Fri, 5 Jun 2015 11:27:46 -0600 Subject: [PATCH] Clear SSSD caches when uninstalling the client https://fedorahosted.org/freeipa/ticket/5049 --- ipa-client/ipa-install/ipa-client-install | 13 +++++++++++++ ipaplatform/base/paths.py | 1 + 2 files changed, 14 insertions(+) diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install index 63e3c9800791f3d29c977d63815c4291f5a235b9..a7a4e9780081559398bbbaa5b0e062dabb9e6f98 100755 --- a/ipa-client/ipa-install/ipa-client-install +++ b/ipa-client/ipa-install/ipa-client-install @@ -628,6 +628,19 @@ def uninstall(options, env): "Failed to remove krb5/LDAP configuration: %s", str(e)) return CLIENT_INSTALL_ERROR + # Clean up the SSSD cache before SSSD service is stopped or restarted + remove_file(paths.SSSD_MC_GROUP) + remove_file(paths.SSSD_MC_PASSWD) + + ipa_domain = domain.get_option('ipa_domain') + sssd_domain_ldb = "cache_" + ipa_domain + ".ldb" + sssd_ldb_file = os.path.join(paths.SSSD_DB, sssd_domain_ldb) + remove_file(sssd_ldb_file) + + sssd_domain_ccache = "ccache_" + ipa_domain.upper() + sssd_ccache_file = os.path.join(paths.SSSD_DB, sssd_domain_ccache) + remove_file(sssd_domain_ccache) + # Next if-elif-elif construction deals with sssd.conf file. # Old pre-IPA domains are preserved due merging the old sssd.conf # during the installation of ipa-client but any new domains are diff --git a/ipaplatform/base/paths.py b/ipaplatform/base/paths.py index 9ba87523b5619188f02bdad6c23d2446a2c4b0f2..8bee3e7c5862a3815987fa1bd55fa90e25b95ebc 100644 --- a/ipaplatform/base/paths.py +++ b/ipaplatform/base/paths.py @@ -289,6 +289,7 @@ class BasePathNamespace(object): KRA_BACKUP_KEYS_P12 = "/var/lib/pki/pki-tomcat/alias/kra_backup_keys.p12" KRACERT_P12 = "/root/kracert.p12" SAMBA_DIR = "/var/lib/samba/" + SSSD_DB = "/var/lib/sss/db" SSSD_MC_GROUP = "/var/lib/sss/mc/group" SSSD_MC_PASSWD = "/var/lib/sss/mc/passwd" SSSD_PUBCONF_KNOWN_HOSTS = "/var/lib/sss/pubconf/known_hosts" -- 1.8.3.1
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code