diff options
| author | Stanislav Laznicka <slaznick@redhat.com> | 2016-11-07 09:48:52 +0100 |
|---|---|---|
| committer | Jan Cholasta <jcholast@redhat.com> | 2016-11-11 12:17:25 +0100 |
| commit | ba4df6449aaa0843ab43a1a2b3cb1df8bb022c24 (patch) | |
| tree | 0c5d1dfb90b02945bdbaaa2611f2857e3e7cb9bc | |
| parent | bde1d82ebe32be339c30c85048fd18e1ce99867d (diff) | |
| download | freeipa-ba4df6449aaa0843ab43a1a2b3cb1df8bb022c24.tar.gz freeipa-ba4df6449aaa0843ab43a1a2b3cb1df8bb022c24.tar.xz freeipa-ba4df6449aaa0843ab43a1a2b3cb1df8bb022c24.zip | |
Move the pki-tomcat restart to cainstance creation
pki-tomcat would have been restarted in install and replicainstall
for backward compatibility reasons. As Dogtag 9 is not supported
anymore, we can move this restart only for DL0 replica installation.
https://fedorahosted.org/freeipa/ticket/6392
Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
| -rw-r--r-- | ipaserver/install/cainstance.py | 13 | ||||
| -rw-r--r-- | ipaserver/install/server/install.py | 3 | ||||
| -rw-r--r-- | ipaserver/install/server/replicainstall.py | 3 |
3 files changed, 13 insertions, 6 deletions
diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py index 9a42d8e01..7a460940b 100644 --- a/ipaserver/install/cainstance.py +++ b/ipaserver/install/cainstance.py @@ -423,6 +423,10 @@ class CAInstance(DogtagInstance): configure_lightweight_ca_acls) self.step("Ensure lightweight CAs container exists", ensure_lightweight_cas_container) + if self.clone and not promote: + self.step( + "Ensuring backward compatibility", + self.__dogtag10_migration) self.step("configure certificate renewals", self.configure_renewal) self.step("configure Server-Cert certificate renewal", self.track_servercert) self.step("Configure HTTP to proxy connections", @@ -1276,6 +1280,15 @@ class CAInstance(DogtagInstance): root_logger.warning( "Did not find any lightweight CAs; nothing to track") + def __dogtag10_migration(self): + ld = ldapupdate.LDAPUpdate(ldapi=True, sub_dict={ + 'SUFFIX': api.env.basedn, + 'FQDN': self.fqdn, + }) + ld.update([os.path.join(paths.UPDATES_DIR, + '50-dogtag10-migration.update')] + ) + def replica_ca_install_check(config, promote): if promote: diff --git a/ipaserver/install/server/install.py b/ipaserver/install/server/install.py index 60d38dc88..b510ec20a 100644 --- a/ipaserver/install/server/install.py +++ b/ipaserver/install/server/install.py @@ -854,9 +854,6 @@ def install(installer): service.print_msg("Restarting the KDC") krb.restart() - if setup_ca: - services.knownservices['pki_tomcatd'].restart('pki-tomcat') - if options.setup_dns: dns.install(False, False, options) else: diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py index fb7188913..21bcd8691 100644 --- a/ipaserver/install/server/replicainstall.py +++ b/ipaserver/install/server/replicainstall.py @@ -935,9 +935,6 @@ def install(installer): service.print_msg("Restarting the KDC") krb.restart() - if config.setup_ca: - services.knownservices['pki_tomcatd'].restart('pki-tomcat') - if options.setup_dns: dns.install(False, True, options) else: |