diff options
| author | Florence Blanc-Renaud <frenaud@redhat.com> | 2016-07-11 09:00:44 +0200 |
|---|---|---|
| committer | Martin Basti <mbasti@redhat.com> | 2016-07-20 16:35:49 +0200 |
| commit | a0d90263d62f48f0c04b8b9e7da3aaa10201c3a0 (patch) | |
| tree | aa11a3faaaaea4ade924fcf44a4e0d2ba1a6cef0 /ipapython/errors.py | |
| parent | 15cfd0ee20fd05735473d3677b6f9f349339197e (diff) | |
| download | freeipa-a0d90263d62f48f0c04b8b9e7da3aaa10201c3a0.tar.gz freeipa-a0d90263d62f48f0c04b8b9e7da3aaa10201c3a0.tar.xz freeipa-a0d90263d62f48f0c04b8b9e7da3aaa10201c3a0.zip | |
server uninstall fails to remove krb principals
This patch fixes the 3rd issue of ticket 6012:
ipa-server-install --uninstall -U
complains while removing Kerberos service principals from /etc/krb5.keytab
----
Failed to remove Kerberos service principals: Command '/usr/sbin/ipa-rmkeytab -k /etc/krb5.keytab -r DOM-221.ABC.IDM.LAB.ENG.BRQ.REDHAT.COM' returned non-zero exit status 5
----
This happens because the uninstaller performs the following sequence:
1/ restore pre-install files, including /etc/krb5.keytab
At this point /etc/krb5.keytab does not contain any principal for
IPA domain
2/ call ipa-client-install --uninstall, which in turns runs
ipa-rmkeytab -k /etc/krb5.keytab -r <domain>
to remove the principals.
The fix ignores ipa-rmkeytab's exit code 5 (Principal name or realm not
found in keytab)
https://fedorahosted.org/freeipa/ticket/6012
Reviewed-By: Martin Basti <mbasti@redhat.com>
Diffstat (limited to 'ipapython/errors.py')
0 files changed, 0 insertions, 0 deletions