55 lines
2.2 KiB
Diff
55 lines
2.2 KiB
Diff
|
From 851ce93ac07044172a7db56d54ab9e1d7c7ec79f Mon Sep 17 00:00:00 2001
|
||
|
From: Rob Crittenden <rcritten@redhat.com>
|
||
|
Date: Mon, 15 Jan 2024 09:05:58 -0500
|
||
|
Subject: [PATCH] Server affinity: Don't rely just on [ca|kra]_enabled for
|
||
|
installs
|
||
|
|
||
|
ca_enable and kra_enabled are intended to be used to identify that
|
||
|
a CA or KRA is available in the topology. It was also being used
|
||
|
to determine whether a CA or KRA service is desired on a replica
|
||
|
install, rather than options.setup_[ca|kra]
|
||
|
|
||
|
Fixes: https://pagure.io/freeipa/issue/9510
|
||
|
|
||
|
Signed-off-by: Rob Crittenden <rcritten@redhat.com>
|
||
|
Reviewed-By: Florence Blanc-Renaud <flo@redhat.com>
|
||
|
---
|
||
|
ipaserver/install/server/replicainstall.py | 7 ++++---
|
||
|
1 file changed, 4 insertions(+), 3 deletions(-)
|
||
|
|
||
|
diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py
|
||
|
index 8096b6accb4c94fefdfcc06f19584c63c24d7baf..191913ddb973b94bcd8ad920570edcee27349ffd 100644
|
||
|
--- a/ipaserver/install/server/replicainstall.py
|
||
|
+++ b/ipaserver/install/server/replicainstall.py
|
||
|
@@ -1143,7 +1143,8 @@ def promote_check(installer):
|
||
|
installer._remote_api = remote_api
|
||
|
conn = remote_api.Backend.ldap2
|
||
|
conn.connect(ccache=installer._ccache)
|
||
|
- config.kra_host_name = kra_host
|
||
|
+ config.kra_host_name = kra_host
|
||
|
+ if options.setup_kra: # only reset ca_host if KRA is requested
|
||
|
config.ca_host_name = kra_host
|
||
|
kra_enabled = True # There is a KRA somewhere in the topology
|
||
|
if options.setup_kra and options.server and \
|
||
|
@@ -1381,7 +1382,7 @@ def install(installer):
|
||
|
custodia = custodiainstance.get_custodia_instance(config, mode)
|
||
|
custodia.create_instance()
|
||
|
|
||
|
- if ca_enabled:
|
||
|
+ if options.setup_ca and ca_enabled:
|
||
|
options.realm_name = config.realm_name
|
||
|
options.domain_name = config.domain_name
|
||
|
options.host_name = config.host_name
|
||
|
@@ -1397,7 +1398,7 @@ def install(installer):
|
||
|
service.print_msg("Finalize replication settings")
|
||
|
ds.finalize_replica_config()
|
||
|
|
||
|
- if kra_enabled:
|
||
|
+ if options.setup_kra and kra_enabled:
|
||
|
kra.install(api, config, options, custodia=custodia)
|
||
|
|
||
|
service.print_msg("Restarting the KDC")
|
||
|
--
|
||
|
2.43.0
|
||
|
|