Re: [Freeipa-devel] [PATCH] 041 Replica installation fails for self-signed server
Martin Kosek wrote: On Tue, 2011-03-29 at 16:42 -0400, Rob Crittenden wrote: Martin Kosek wrote: When IPA server was configured as self-signed (--selfsign option) the replica always failed to install. https://fedorahosted.org/freeipa/ticket/1122 Why not just make install_ca return (None, None) instead if we aren't installing dogtag? rob Good point, this will be much more readable. Sending updated patch. Martin ack, pushed to master and ipa-2-0 rob ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 041 Replica installation fails for self-signed server
On Tue, 2011-03-29 at 16:42 -0400, Rob Crittenden wrote: > Martin Kosek wrote: > > When IPA server was configured as self-signed (--selfsign option) > > the replica always failed to install. > > > > https://fedorahosted.org/freeipa/ticket/1122 > > > > Why not just make install_ca return (None, None) instead if we aren't > installing dogtag? > > rob Good point, this will be much more readable. Sending updated patch. Martin >From 5fbf85224cbc03e7b97312e43fa222beee37fd29 Mon Sep 17 00:00:00 2001 From: Martin Kosek Date: Fri, 25 Mar 2011 16:35:58 +0100 Subject: [PATCH] Replica installation fails for self-signed server When IPA server was configured as self-signed (--selfsign option) the replica always failed to install. https://fedorahosted.org/freeipa/ticket/1122 --- install/tools/ipa-replica-install |3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install index 2bc9a17e93804fcb435b7a8ea13495208e16f867..999b5ee77e7d46020af3226e957b38e8de924563 100755 --- a/install/tools/ipa-replica-install +++ b/install/tools/ipa-replica-install @@ -153,7 +153,8 @@ def install_ca(config): cafile = config.dir + "/cacert.p12" if not ipautil.file_exists(cafile): -return None +# CA not used on the server, return empty instances +return (None, None) try: from ipaserver.install import cainstance -- 1.7.4 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 041 Replica installation fails for self-signed server
Martin Kosek wrote: When IPA server was configured as self-signed (--selfsign option) the replica always failed to install. https://fedorahosted.org/freeipa/ticket/1122 Why not just make install_ca return (None, None) instead if we aren't installing dogtag? rob ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
[Freeipa-devel] [PATCH] 041 Replica installation fails for self-signed server
When IPA server was configured as self-signed (--selfsign option) the replica always failed to install. https://fedorahosted.org/freeipa/ticket/1122 >From 33624c1e53e34993055f435f60e6ce6df43b8852 Mon Sep 17 00:00:00 2001 From: Martin Kosek Date: Fri, 25 Mar 2011 16:35:58 +0100 Subject: [PATCH] Replica installation fails for self-signed server When IPA server was configured as self-signed (--selfsign option) the replica always failed to install. https://fedorahosted.org/freeipa/ticket/1122 --- install/tools/ipa-replica-install |7 ++- 1 files changed, 6 insertions(+), 1 deletions(-) diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install index 2bc9a17e93804fcb435b7a8ea13495208e16f867..79eae0deb31bb703ac1e6e9366c8ef2c44ab5a5e 100755 --- a/install/tools/ipa-replica-install +++ b/install/tools/ipa-replica-install @@ -482,7 +482,12 @@ def main(): ntp.create_instance() # Configure the CA if necessary -(CA, cs) = install_ca(config) +CA = None +cs = None +ca_info = install_ca(config) + +if ca_info: +(CA, cs) = ca_info # Always try to install DNS records install_dns_records(config, options) -- 1.7.4 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel