[Freeipa-devel] [PATCH] 404 Do not add ipa-ca records on CA-less installs
Rob Crittenden
rcritten at redhat.com
Thu May 9 18:17:39 UTC 2013
Jan Cholasta wrote:
> On 9.5.2013 17:57, Martin Kosek wrote:
>> On 05/09/2013 05:44 PM, Jan Cholasta wrote:
>>> Sorry for this, but NACK. With this patch ipa-ca records are not
>>> created for
>>> existing masters unless ipa-dns-install is run on a replica which has CA
>>> configured. You should instead put the ldap.get_entries() call in a
>>> try/except
>>> block and ignore the NotFound exception which causes the crash.
>>>
>>> You can test it by installing IPA without --setup-dns and without
>>> --external-ca
>>> on server1 and then installing a replica with --setup-dns and without
>>> --setup-ca on server2. After this, ipa-ca record for server1 should
>>> be created.
>>>
>>> Honza
>>>
>>
>> Sending updated patch, please review if you can.
>>
>> Martin
>>
>
> Looks good to me, ACK!
>
pushed to master
More information about the Freeipa-devel
mailing list