[Freeipa-devel] [PATCH 0327] KRA: fix check if CA is installed on replica
Martin Babinsky
mbabinsk at redhat.com
Mon Oct 26 09:35:42 UTC 2015
On 10/23/2015 05:18 PM, Martin Basti wrote:
>
>
> On 23.10.2015 15:15, Martin Babinsky wrote:
>> On 10/23/2015 03:12 PM, Martin Babinsky wrote:
>>> On 10/16/2015 12:41 PM, Martin Basti wrote:
>>>> https://fedorahosted.org/freeipa/ticket/5345
>>>>
>>>> Patch attached.
>>>>
>>>>
>>> I have tested it on 4-2 branch and it works as expected, ACK.
>>>
>>> Obviously, master branch would require a different patch.
>>>
>>
>> I actually missed your check in ipaserver/install/kra.py which can
>> break ipa-replica-install with --setup-kra, so NACK.
>>
> Updated patches attached.
NACK on the master-branch patch.
You forgot a 'return' in this code snippet:
+ if self.installing_replica:
+ domain_level = dsinstance.get_domain_level(api)
+ if domain_level > DOMAIN_LEVEL_0:
+ self.options.promote = True
+ return
that would make installation abort when domain level is greter than zero.
--
Martin^3 Babinsky
More information about the Freeipa-devel
mailing list