destroy httpd ccache after stopping the service

This will force recreation of the file-based ccache after IPA restore and prevent a mismatch between cached and restored Kerberos keys. https://fedorahosted.org/freeipa/ticket/5296 Reviewed-By: Martin Basti <mbasti@redhat.com>
author: Martin Babinsky <mbabinsk@redhat.com> 2015-09-16 18:35:21 +0200
committer: Martin Basti <mbasti@redhat.com> 2015-09-23 13:04:18 +0200
commit: 93d080d726359db16749104c8bc20d14a5455dc0 (patch)
tree: 30692189732568b060e544d6b4a837d06a980f3f /init
parent: 0de860318332114ca739a8dd45902f7cc9a3c722 (diff)
download: freeipa-93d080d726359db16749104c8bc20d14a5455dc0.tar.gz
freeipa-93d080d726359db16749104c8bc20d14a5455dc0.tar.xz
freeipa-93d080d726359db16749104c8bc20d14a5455dc0.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/init/systemd/httpd.service b/init/systemd/httpd.service
index e68f39eca..7ce8f04d8 100644
--- a/init/systemd/httpd.service
+++ b/init/systemd/httpd.service
@@ -4,3 +4,4 @@
 Environment=KRB5CCNAME=/var/run/httpd/ipa/krbcache/krb5ccache
 Environment=KDCPROXY_CONFIG=/etc/ipa/kdcproxy/kdcproxy.conf
 ExecStartPre=/usr/libexec/ipa/ipa-httpd-kdcproxy
+ExecStopPost=-/usr/bin/kdestroy -A
author	Martin Babinsky <mbabinsk@redhat.com>	2015-09-16 18:35:21 +0200
committer	Martin Basti <mbasti@redhat.com>	2015-09-23 13:04:18 +0200
commit	93d080d726359db16749104c8bc20d14a5455dc0 (patch)
tree	30692189732568b060e544d6b4a837d06a980f3f /init
parent	0de860318332114ca739a8dd45902f7cc9a3c722 (diff)
download	freeipa-93d080d726359db16749104c8bc20d14a5455dc0.tar.gz freeipa-93d080d726359db16749104c8bc20d14a5455dc0.tar.xz freeipa-93d080d726359db16749104c8bc20d14a5455dc0.zip