1
0
mirror of https://pagure.io/fedora-qa/os-autoinst-distri-fedora.git synced 2024-11-25 07:13:09 +00:00

Disable systemd-resolved before deploying FreeIPA server/replica

Having systemd-resolved in use seems to cause problems for
FreeIPA servers:
https://bugzilla.redhat.com/show_bug.cgi?id=1880628
until the scripts are enhanced to do this or something, let's
disable it before server/replica deployment.

Signed-off-by: Adam Williamson <awilliam@redhat.com>
This commit is contained in:
Adam Williamson 2020-09-18 13:49:11 -07:00
parent 1ed4fc9ca1
commit 481cb48356
2 changed files with 25 additions and 0 deletions

View File

@ -21,6 +21,14 @@ sub run {
$server_ip = '172.16.2.107'; $server_ip = '172.16.2.107';
$server_mutex = 'replica_ready'; $server_mutex = 'replica_ready';
} }
# disable systemd-resolved, it kinda conflicts with FreeIPA's
# bind: https://bugzilla.redhat.com/show_bug.cgi?id=1880628
unless (script_run "systemctl is-active systemd-resolved.service") {
script_run "systemctl stop systemd-resolved.service";
script_run "systemctl disable systemd-resolved.service";
script_run "rm -f /etc/resolv.conf";
script_run "systemctl restart NetworkManager";
}
# this gets us the name of the first connection in the list, # this gets us the name of the first connection in the list,
# which should be what we want # which should be what we want
my $connection = script_output "nmcli --fields NAME con show | head -2 | tail -1"; my $connection = script_output "nmcli --fields NAME con show | head -2 | tail -1";
@ -39,6 +47,15 @@ sub run {
# do the enrolment # do the enrolment
if (get_var("FREEIPA_REPLICA")) { if (get_var("FREEIPA_REPLICA")) {
# here we're enrolling not just as a client, but as a replica # here we're enrolling not just as a client, but as a replica
# disable systemd-resolved, it kinda conflicts with FreeIPA's
# bind: https://bugzilla.redhat.com/show_bug.cgi?id=1880628
unless (script_run "systemctl is-active systemd-resolved.service") {
script_run "systemctl stop systemd-resolved.service";
script_run "systemctl disable systemd-resolved.service";
script_run "rm -f /etc/resolv.conf";
script_run "systemctl restart NetworkManager";
}
# install server packages # install server packages
assert_script_run "dnf -y groupinstall freeipa-server", 600; assert_script_run "dnf -y groupinstall freeipa-server", 600;

View File

@ -19,6 +19,14 @@ sub run {
# aren't in Modular Server composes) # aren't in Modular Server composes)
my $extraparams = ''; my $extraparams = '';
$extraparams = '--enablerepo=fedora' if (get_var("MODULAR")); $extraparams = '--enablerepo=fedora' if (get_var("MODULAR"));
# disable systemd-resolved, it kinda conflicts with FreeIPA's
# bind: https://bugzilla.redhat.com/show_bug.cgi?id=1880628
unless (script_run "systemctl is-active systemd-resolved.service") {
script_run "systemctl stop systemd-resolved.service";
script_run "systemctl disable systemd-resolved.service";
script_run "rm -f /etc/resolv.conf";
script_run "systemctl restart NetworkManager";
}
# we need a lot of entropy for this, and we don't care how good # we need a lot of entropy for this, and we don't care how good
# it is, so let's use haveged # it is, so let's use haveged
assert_script_run "dnf ${extraparams} -y install haveged", 300; assert_script_run "dnf ${extraparams} -y install haveged", 300;