From f49c26db2c38e5b60a6be990b95c2926ecfa6247 Mon Sep 17 00:00:00 2001
From: Martin Kosek <mkosek@redhat.com>
Date: Thu, 16 Jan 2014 14:12:29 +0100
Subject: Switch httpd to use default CCACHE

Stock httpd no longer uses systemd EnvironmentFile option which is
making FreeIPA's KRB5CCNAME setting ineffective. This can lead in hard
to debug problems during subsequent ipa-server-install's where HTTP
may use a stale CCACHE in the default kernel keyring CCACHE.

Avoid forcing custom CCACHE and switch to system one, just make sure
that it is properly cleaned by kdestroy run as "apache" user during
FreeIPA server installation process.

https://fedorahosted.org/freeipa/ticket/4084
---
 install/tools/ipa-upgradeconfig | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'install/tools')

diff --git a/install/tools/ipa-upgradeconfig b/install/tools/ipa-upgradeconfig
index ed4852c0d..b281eb4ea 100644
--- a/install/tools/ipa-upgradeconfig
+++ b/install/tools/ipa-upgradeconfig
@@ -1043,10 +1043,15 @@ def main():
     update_dbmodules(api.env.realm)
     uninstall_ipa_kpasswd()
 
+    removed_sysconfig_file = '/etc/sysconfig/httpd'
+    if fstore.has_file(removed_sysconfig_file):
+        root_logger.info('Restoring %s as it is no longer required',
+            removed_sysconfig_file)
+        fstore.restore_file(removed_sysconfig_file)
+
     http = httpinstance.HTTPInstance(fstore)
     http.remove_httpd_ccache()
     http.configure_selinux_for_httpd()
-    http.configure_httpd_ccache()
     http.change_mod_nss_port_from_http()
 
     ds = dsinstance.DsInstance()
-- 
cgit