[Freeipa-devel] [PATCH] 0033 Fix default CA ACL added during upgrade
Fraser Tweedale
ftweedal at redhat.com
Fri Aug 7 10:43:33 UTC 2015
On Fri, Aug 07, 2015 at 11:47:57AM +0200, Martin Babinsky wrote:
> On 08/07/2015 10:04 AM, Fraser Tweedale wrote:
> >The attached patch fixes
> >https://bugzilla.redhat.com/show_bug.cgi?id=1251225
> >
> >Thanks,
> >Fraser
> >
> >
> >
> ACK but please put a link to the upstream ticket into the commit message
> (https://fedorahosted.org/freeipa/ticket/5185)
>
Thanks; updated patch attached.
> --
> Martin^3 Babinsky
-------------- next part --------------
From 27ed22b3779bed6c37195129a04682f76953d13f Mon Sep 17 00:00:00 2001
From: Fraser Tweedale <ftweedal at redhat.com>
Date: Fri, 7 Aug 2015 03:21:43 -0400
Subject: [PATCH] Fix default CA ACL added during upgrade
The upgrade script is adding the default CA ACL with incorrect
attributes - usercategory=all instead of servicecategory=all. Fix
it to create the correct object.
Fixes: https://fedorahosted.org/freeipa/ticket/5185
---
ipaserver/install/server/upgrade.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ipaserver/install/server/upgrade.py b/ipaserver/install/server/upgrade.py
index a342642b03abc05d0ce108ff2b774ea25904bd8e..1306e96e2a46b191b0bb8f33deccda54c5626558 100644
--- a/ipaserver/install/server/upgrade.py
+++ b/ipaserver/install/server/upgrade.py
@@ -1306,7 +1306,7 @@ def add_default_caacl(ca):
if not api.Command.caacl_find()['result']:
api.Command.caacl_add(u'hosts_services_caIPAserviceCert',
- hostcategory=u'all', usercategory=u'all')
+ hostcategory=u'all', servicecategory=u'all')
api.Command.caacl_add_profile(u'hosts_services_caIPAserviceCert',
certprofile=(u'caIPAserviceCert',))
--
2.4.3
More information about the Freeipa-devel
mailing list