[Freeipa-devel] freshly added service is disabled
Petr Vobornik
pvoborni at redhat.com
Tue Oct 20 08:19:32 UTC 2015
On 10/20/2015 10:12 AM, Oleg Fayans wrote:
> Hi all,
>
> While running the caless tests I've encountered a strange behavior of
> the service module:
> when I add a new service and then try to disable it, it says, it has
> been already disabled:
>
> ofayans at f22master:~]$ ipa service-add --force
> Principal: totest/trololo.pesen.net
> --------------------------------------------------
> Added service "totest/trololo.pesen.net at PESEN.NET"
> --------------------------------------------------
> Principal: totest/trololo.pesen.net at PESEN.NET
> Managed by: trololo.pesen.net
> ofayans at f22master:~]$ ipa service-disable
> Principal: totest/trololo.pesen.net at PESEN.NET
> ipa: ERROR: This entry is already disabled
>
> ipa help service shows there is no service-enable subcommand. So I have
> 2 questions:
> 1. How do I enable previously disabled service?
> 2. Why is a freshly-created service disabled by default?
>
Service disable revokes existing certificate, removes it from the
service entry and also removes Kerberos principal key.
When you create a new service, it does not contain principal key nor a
certificate therefore there is no work to do in disable command and
therefore the message.
--
Petr Vobornik
More information about the Freeipa-devel
mailing list