[Freeipa-devel] [PATCH] 448-449 Switch httpd to use default CCACHE
Martin Kosek
mkosek at redhat.com
Tue Jan 21 16:12:18 UTC 2014
On 01/21/2014 03:07 PM, Petr Viktorin wrote:
> On 01/16/2014 02:16 PM, Martin Kosek wrote:
>> [freeipa-mkosek-448-add-runas-option-to-run-function.patch]:
>>
>> Run function can now run the specified command as different user by
>> setting the EUID and EGID for executed process.
>
> Please add the new argument to the docstring, otherwise ACK
>
>> [freeipa-mkosek-449-switch-httpd-to-use-default-ccache.patch]:
>>
>> Stock httpd no longer uses systemd EnvironmentFile option which is
>> making FreeIPA's KRB5CCNAME setting ineffective. This can lead in hard
>> to debug problems during subsequent ipa-server-install's where HTTP
>> may use a stale CCACHE in the default kernel keyring CCACHE.
>>
>> Avoid forcing custom CCACHE and switch to system one, just make sure
>> that it is properly cleaned by kdestroy run as "apache" user during
>> FreeIPA server installation process.
>>
>> https://fedorahosted.org/freeipa/ticket/4084
>
> This does not fix the issue for me.
> On a fresh f20 machine, I installed the server, uninstalled it, and installed
> again. The second installation failed with the ipa-client-install error
> described in the ticket.
>
On your VM, I saw the method I use for running a command as different process
was indeed not effective. I had to change both effective and real UID/GID to
make the kdestroy function working.
I also added the missing docstrings in 448, both for runas as well as other
missing options.
Martin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mkosek-448-2-add-runas-option-to-run-function.patch
Type: text/x-patch
Size: 4180 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140121/aae328b1/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mkosek-449-2-switch-httpd-to-use-default-ccache.patch
Type: text/x-patch
Size: 3717 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140121/aae328b1/attachment-0001.bin>
More information about the Freeipa-devel
mailing list