[freeipa PR#2117][opened] [Backport][ipa-4-6] ipa client uninstall: clean the state store when restoring hostname
by tiran
URL: https://github.com/freeipa/freeipa/pull/2117
Author: tiran
Title: #2117: [Backport][ipa-4-6] ipa client uninstall: clean the state store when restoring hostname
Action: opened
PR body:
"""
Manual backport of PR #2113 to 4.6 branch.
When ipa client was installed with the --hostname= option, it stores
[network]
hostname = (current hostname)
in /var/lib/ipa-client/sysrestore/sysrestore.state and changes the hostname
from (current hostname) to the value provided in --hostname.
During uninstall, the previous hostname is restored but the entry does
not get removed from sysrestore.state. As the uninstaller checks if all
entries from sysrestore.state have been restored, it warns that some
state has not been restored.
The fix calls statestore.restore_state() instead of statestore.get_state()
as this method also clears the entry.
https://pagure.io/freeipa/issue/7620
Reviewed-By: Rob Crittenden <rcritten(a)redhat.com>
"""
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/2117/head:pr2117
git checkout pr2117
5 years, 9 months
[freeipa PR#2113][opened] ipa client uninstall: clean the state store when restoring hostname
by flo-renaud
URL: https://github.com/freeipa/freeipa/pull/2113
Author: flo-renaud
Title: #2113: ipa client uninstall: clean the state store when restoring hostname
Action: opened
PR body:
"""
When ipa client was installed with the --hostname= option, it stores
[network]
hostname = (current hostname)
in /var/lib/ipa-client/sysrestore/sysrestore.state and changes the hostname
from (current hostname) to the value provided in --hostname.
During uninstall, the previous hostname is restored but the entry does
not get removed from sysrestore.state. As the uninstaller checks if all
entries from sysrestore.state have been restored, it warns that some
state has not been restored.
The fix calls statestore.restore_state() instead of statestore.get_state()
as this method also clears the entry.
https://pagure.io/freeipa/issue/7620
"""
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/2113/head:pr2113
git checkout pr2113
5 years, 9 months
[freeipa PR#2112][opened] [Backport][ipa-4-6] Delay enablement of services and DNS SRV entries
by tiran
URL: https://github.com/freeipa/freeipa/pull/2112
Author: tiran
Title: #2112: [Backport][ipa-4-6] Delay enablement of services and DNS SRV entries
Action: opened
PR body:
"""
Manual backport of PR #2102 to 4.6 branch.
### Query for server role IPA master
server_find and server_role plugin were hiding IPA master role
information. It's now possible to fetch IPA master role information and
to filter by IPA master role, e.g. to ignore servers that have some
services configured but not (yet) enabled.
### Only create DNS SRV records for ready server
When installing multiple replicas in parallel, one replica may create
SRV entries for other replicas, although the replicas aren't fully
installed yet. This may cause some services to connect to a server, that
isn't ready to serve requests.
The DNS IPASystemRecords framework now skips all servers that aren't
ready IPA masters.
### Delay enabling services until end of installer
Service entries in cn=FQDN,cn=masters,cn=ipa,cn=etc are no longer
created as enabled. Instead they are flagged as configuredService. At
the very end of the installer, the service entries are switched from
configured to enabled service.
- SRV records are created at the very end of the installer.
- Dogtag installer only picks fully installed servers
- Certmonger ignores all configured but not yet enabled servers.
Fixes: pagure.io/freeipa/issue/7566
"""
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/2112/head:pr2112
git checkout pr2112
5 years, 9 months
[freeipa PR#2107][opened] [Backport][ipa-4-5] Delay enablement of services and DNS SRV entries
by tiran
URL: https://github.com/freeipa/freeipa/pull/2107
Author: tiran
Title: #2107: [Backport][ipa-4-5] Delay enablement of services and DNS SRV entries
Action: opened
PR body:
"""
Manual backport of PR #2102 to 4.5 branch.
### Query for server role IPA master
server_find and server_role plugin were hiding IPA master role
information. It's now possible to fetch IPA master role information and
to filter by IPA master role, e.g. to ignore servers that have some
services configured but not (yet) enabled.
### Only create DNS SRV records for ready server
When installing multiple replicas in parallel, one replica may create
SRV entries for other replicas, although the replicas aren't fully
installed yet. This may cause some services to connect to a server, that
isn't ready to serve requests.
The DNS IPASystemRecords framework now skips all servers that aren't
ready IPA masters.
### Delay enabling services until end of installer
Service entries in cn=FQDN,cn=masters,cn=ipa,cn=etc are no longer
created as enabled. Instead they are flagged as configuredService. At
the very end of the installer, the service entries are switched from
configured to enabled service.
- SRV records are created at the very end of the installer.
- Dogtag installer only picks fully installed servers
- Certmonger ignores all configured but not yet enabled servers.
Fixes: pagure.io/freeipa/issue/7566
"""
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/2107/head:pr2107
git checkout pr2107
5 years, 9 months