URL: https://github.com/freeipa/freeipa/pull/1672 Author: flo-renaud Title: #1672: ipa-restore: remove /etc/httpd/conf.d/nss.conf Action: opened
PR body: """ When ipa-restore is called, it needs to delete the file nss.conf, otherwise httpd server will try to initialize the NSS engine and access NSSCertificateDatabase. This is a regression introduced with the switch from NSS to SSL. https://pagure.io/freeipa/issue/7440 """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/1672/head:pr1672 git checkout pr1672
From 756c5f48f9b6af306fcfe691cdbf9d1b5789a466 Mon Sep 17 00:00:00 2001 From: Florence Blanc-Renaud <f...@redhat.com> Date: Mon, 12 Mar 2018 15:59:33 +0100 Subject: [PATCH] ipa-restore: remove /etc/httpd/conf.d/nss.conf When ipa-restore is called, it needs to delete the file nss.conf, otherwise httpd server will try to initialize the NSS engine and access NSSCertificateDatabase. This is a regression introduced with the switch from NSS to SSL. https://pagure.io/freeipa/issue/7440 --- ipaserver/install/ipa_restore.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/ipaserver/install/ipa_restore.py b/ipaserver/install/ipa_restore.py index bae71b0907..3e84f84551 100644 --- a/ipaserver/install/ipa_restore.py +++ b/ipaserver/install/ipa_restore.py @@ -147,7 +147,9 @@ class Restore(admintool.AdminTool): paths.DNSSEC_TOKENS_DIR, ] - FILES_TO_BE_REMOVED = [] + FILES_TO_BE_REMOVED = [ + paths.HTTPD_NSS_CONF, + ] def __init__(self, options, args): super(Restore, self).__init__(options, args)
_______________________________________________ FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org
