[Freeipa-devel] error handling in httpd.service and ipa-httpd-kdcproxy
Christian Heimes
cheimes at redhat.com
Mon Jul 6 15:35:23 UTC 2015
Hello,
I like to ask for your opinion regarding the pre-exec hook
'ipa-httpd-kdcproxy' in httpd.service. Alex has asked me to handle error
cases like LDAP connection timeout more gracefully. At the moment any
error causes the script to return a non-zero exit code. This breaks the
service and apparently also offline RPM upgrades.
How should I handle error cases? I can change httpd.service to simply
ignore the exit code of ipa-httpd-kdcproxy. But that might lead to an
invalid state. I could modify the script to catch connection errors and
to disable kdcproxy in case of an error.
The options are:
1) httpd.service ignores exit code of ipa-httpd-kdcproxy
2) ipa-httpd-kdcproxy removes kdcproxy config file in case of a
connection error
3) 1 + 2
What do you think?
Christian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20150706/b4702d13/attachment.sig>
More information about the Freeipa-devel
mailing list