import ansible-freeipa-0.3.2-2.el8

This commit is contained in:
CentOS Sources 2021-03-10 08:10:48 +00:00 committed by Stepan Oksanichenko
parent 9a3dc26cbd
commit 96b951fdde
2 changed files with 46 additions and 1 deletions

View File

@ -0,0 +1,39 @@
From 976cd1baa70b3ac1a271a362163e469b8d54d04a Mon Sep 17 00:00:00 2001
From: Thomas Woerner <twoerner@redhat.com>
Date: Mon, 22 Feb 2021 13:28:04 +0100
Subject: [PATCH] ipaclient: Do not fail on rmkeytab error #7
Due to commit f3f9672d527008dc741ac90aa465bac842eea08d (ipa-rmkeytab: Check
return value of krb5_kt_(start|end)_seq_get) in IPA 4.9.2 there is a new
error reported for ipa-rmkeytab in case of a non existing keytab file.
Using ipa-rmkeytab now results in the error #7 in this case.
The client role is using ipa-rmkeytab and needs to ignore error #7 also.
Fixes: #510 (ipa-client installation with OTP is failed with error code 7
(keytab: /usr/sbin/ipa-rmkeytab returned 7))
---
roles/ipaclient/tasks/install.yml | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/roles/ipaclient/tasks/install.yml b/roles/ipaclient/tasks/install.yml
index fccc72e..23f9529 100644
--- a/roles/ipaclient/tasks/install.yml
+++ b/roles/ipaclient/tasks/install.yml
@@ -181,8 +181,12 @@
# Do not fail on error codes 3 and 5:
# 3 - Unable to open keytab
# 5 - Principal name or realm not found in keytab
+ # 7 - Failed to set cursor, typically when errcode
+ # would be issued in past
failed_when: result_ipa_rmkeytab.rc != 0 and
- result_ipa_rmkeytab.rc != 3 and result_ipa_rmkeytab.rc != 5
+ result_ipa_rmkeytab.rc != 3 and
+ result_ipa_rmkeytab.rc != 5 and
+ result_ipa_rmkeytab.rc != 7
when: (ipaclient_use_otp | bool or ipaclient_force_join | bool) and not ipaclient_on_master | bool
- name: Install - Backup and set hostname
--
2.29.2

View File

@ -8,10 +8,11 @@
Summary: Roles and playbooks to deploy FreeIPA servers, replicas and clients
Name: ansible-freeipa
Version: 0.3.2
Release: 1%{?dist}
Release: 2%{?dist}
URL: https://github.com/freeipa/ansible-freeipa
License: GPLv3+
Source: https://github.com/freeipa/ansible-freeipa/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
Patch0: ansible-freeipa-0.3.2-ipaclient-Do-not-fail-on-rmkeytab-error-7_rhbz#1931381.patch
BuildArch: noarch
%description
@ -108,6 +109,7 @@ to get the needed requrements to run the tests.
%prep
%setup -q
%patch0 -p1
# Do not create backup files with patches
# Fix python modules and module utils:
@ -165,6 +167,10 @@ cp -rp tests %{buildroot}%{_datadir}/ansible-freeipa/
%{_datadir}/ansible-freeipa/requirements-tests.txt
%changelog
* Thu Mar 4 2021 Thomas Woerner <twoerner@redhat.com> - 0.3.2-2
- Fix ipaclient: Do not fail on rmkeytab error 7
Resolves: RHBZ#1931381
* Mon Jan 18 2021 Thomas Woerner <twoerner@redhat.com> - 0.3.2-1
- Update to version 0.3.2
https://github.com/freeipa/ansible-freeipa/releases/tag/v0.3.2