[Freeipa-devel] [PATCH] 12 Call generate-rndc-key.sh during ipa-server-install

Rob Crittenden rcritten at redhat.com
Thu Apr 17 14:10:58 UTC 2014

Misnyovszki Adam wrote:
> Hi,
> this patch modifies ipa-server-install to warn the user, if there is
> a lack of entropy, also runs generate-rndc-key.sh before named restart,
> to ensure, that it can start before systemd timeouts.

I think the exception should be logged in check_entropy() in case this 
every does fail (the file name changes, the format changes, etc).

There should be a try/except around the run() call.

I noticed that /etc/rndc.key isn't removed on uninstall, which I guess 
means the same key will be re-used. Should we be removing that?


More information about the Freeipa-devel mailing list