diff options
author | Petr Viktorin <pviktori@redhat.com> | 2012-11-12 09:49:46 -0500 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2012-11-23 12:19:19 +0100 |
commit | 17f91dac5501b165615453c79f75f7df88459544 (patch) | |
tree | 25821227da12d5669d823a30e549551e34528aa5 /install/tools | |
parent | 5fa3455764cb475078723eebacffefd2baf08016 (diff) | |
download | freeipa.git-17f91dac5501b165615453c79f75f7df88459544.tar.gz freeipa.git-17f91dac5501b165615453c79f75f7df88459544.tar.xz freeipa.git-17f91dac5501b165615453c79f75f7df88459544.zip |
Properly stop tracking certificates on uninstall
Stopping certificate tracking was done as part of the PKI DS uninstall.
Since with the merged DB, thePKI DS is not used any more, this step
was skipped.
Move certificate untracking to a separate step and call it separately.
Also, the post-uninstall check for tracked certificates used the wrong
set of Dogtag constants. Fix the issue.
Diffstat (limited to 'install/tools')
-rwxr-xr-x | install/tools/ipa-server-install | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install index 3e5d9a9d..35b65f66 100755 --- a/install/tools/ipa-server-install +++ b/install/tools/ipa-server-install @@ -482,11 +482,12 @@ def uninstall(): print "ipa-client-install returned: " + str(e) ntpinstance.NTPInstance(fstore).uninstall() - if not dogtag.install_constants.SHARED_DB: + if not dogtag_constants.SHARED_DB: cads_instance = cainstance.CADSInstance( dogtag_constants=dogtag_constants) if cads_instance.is_configured(): cads_instance.uninstall() + cainstance.stop_tracking_certificates(dogtag_constants) ca_instance = cainstance.CAInstance( api.env.realm, certs.NSS_DIR, dogtag_constants=dogtag_constants) if ca_instance.is_configured(): @@ -534,7 +535,7 @@ def uninstall(): # Note that this name will be wrong after the first uninstall. dirname = dsinstance.config_dirname(dsinstance.realm_to_serverid(api.env.realm)) - dirs = [dirname, dogtag.configured_constants().ALIAS_DIR, certs.NSS_DIR] + dirs = [dirname, dogtag_constants.ALIAS_DIR, certs.NSS_DIR] ids = certmonger.check_state(dirs) if ids: root_logger.error('Some certificates may still be tracked by certmonger.\nThis will cause re-installation to fail.\nStart the certmonger service and list the certificates being tracked\n # getcert list\nThese may be untracked by executing\n # getcert stop-tracking -i <request_id>\nfor each id in: %s' % ', '.join(ids)) |