diff options
author | Christian Heimes <cheimes@redhat.com> | 2018-02-08 12:23:27 +0100 |
---|---|---|
committer | Christian Heimes <cheimes@redhat.com> | 2018-02-08 14:45:58 +0100 |
commit | 939db89cacdd9450400093be33af891d17545c10 (patch) | |
tree | d6c7907b99303df76ecc6a17151bcbafaacf87dd | |
parent | b07937d0b80c8ccc714ea62fafcc7090bbaecc23 (diff) | |
download | freeipa-939db89cacdd9450400093be33af891d17545c10.tar.gz freeipa-939db89cacdd9450400093be33af891d17545c10.tar.xz freeipa-939db89cacdd9450400093be33af891d17545c10.zip |
Update existing 389-DS cn=RSA,cn=encryption config
389-DS >= 1.4.0 on Fedora 28 has a default entry for
cn=RSA,cn=encryption,cn=config. The installer now updates the entry in
case it already exists. This ensures that token and personality are
correct for freeIPA
Fixes: https://pagure.io/freeipa/issue/7393
Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
-rw-r--r-- | ipaserver/install/dsinstance.py | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py index f1c866136..2493b8a54 100644 --- a/ipaserver/install/dsinstance.py +++ b/ipaserver/install/dsinstance.py @@ -878,7 +878,11 @@ class DsInstance(service.Service): nsSSLToken=["internal (software)"], nsSSLActivation=["on"], ) - conn.add_entry(entry) + try: + conn.add_entry(entry) + except errors.DuplicateEntry: + # 389-DS >= 1.4.0 has a default entry, update it. + conn.update_entry(entry) conn.unbind() |