From 3de09709cc33f1d26f2d605bac82110fe73dde03 Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jcholast@redhat.com>
Date: Thu, 16 Mar 2017 12:51:29 +0000
Subject: tasks: run `systemctl daemon-reload` after httpd.service.d updates

Run `systemctl daemon-reload` after
`/etc/systemd/system/httpd.service.d/ipa.conf` is created or deleted,
otherwise systemd will not merge the file into httpd.service and therefore
required environment variables will not be set for httpd.

This fixes authentication failures ("No valid Negotiate header in server
response") due to missing `GSS_USE_PROXY=yes` in httpd environment.

https://pagure.io/freeipa/issue/6773

Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
---
 ipaplatform/redhat/tasks.py | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/ipaplatform/redhat/tasks.py b/ipaplatform/redhat/tasks.py
index c1b574e06..d0ef5fbd1 100644
--- a/ipaplatform/redhat/tasks.py
+++ b/ipaplatform/redhat/tasks.py
@@ -483,6 +483,9 @@ class RedHatTaskNamespace(BaseTaskNamespace):
         os.chmod(paths.SYSTEMD_SYSTEM_HTTPD_IPA_CONF, 0o644)
         self.restore_context(paths.SYSTEMD_SYSTEM_HTTPD_IPA_CONF)
 
+        ipautil.run([paths.SYSTEMCTL, "--system", "daemon-reload"],
+                    raiseonerr=False)
+
     def configure_http_gssproxy_conf(self):
         ipautil.copy_template_file(
             os.path.join(paths.USR_SHARE_IPA_DIR, 'gssproxy.conf.template'),
@@ -513,6 +516,10 @@ class RedHatTaskNamespace(BaseTaskNamespace):
                     'Error removing %s: %s',
                     paths.SYSTEMD_SYSTEM_HTTPD_IPA_CONF, e
                 )
+            return
+
+        ipautil.run([paths.SYSTEMCTL, "--system", "daemon-reload"],
+                    raiseonerr=False)
 
     def set_hostname(self, hostname):
         ipautil.run([paths.BIN_HOSTNAMECTL, 'set-hostname', hostname])
-- 
cgit