[freeipa PR#5290][opened] Improve PKI subsystem detection
by flo-renaud
URL: https://github.com/freeipa/freeipa/pull/5290
Author: flo-renaud
Title: #5290: Improve PKI subsystem detection
Action: opened
PR body:
"""
### Improve PKI subsystem detection
The dogtaginstance.is_installed() method currently relies on
the presence of the directory /var/lib/pki/pki-tomcat/{ca|kra},
even if it is empty.
An unwanted consequence is ipa-server-upgrade wrongly assuming the KRA
is installed and crashing when trying to upgrade a not-installed
component.
The fix relies on the command "pki-server subsystem-show {ca|kra}" to
detect if a subsystem is installed. The command does not require PKI
to be running (hence can be called anytime) and is delivered by
the pki-server package which is already required by ipa server pkg.
Fixes: https://pagure.io/freeipa/issue/8596
### ipatests: add test for PKI subsystem detection
Add a new upgrade test. Scenario:
- create an empty /var/lib/pki/pki-tomcat/kra directory
- call ipa-server-upgrade
With issue 8596, the upgrade fails because it assumes KRA is
installed. With the fix, ipa-server-upgrade completes successfully.
Related: https://pagure.io/freeipa/issue/8596
"""
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/5290/head:pr5290
git checkout pr5290
2 months, 3 weeks
[freeipa PR#5279][opened] freeipa.spec.in: unify spec files across upstream RHEL, and Fedora
by abbra
URL: https://github.com/freeipa/freeipa/pull/5279
Author: abbra
Title: #5279: freeipa.spec.in: unify spec files across upstream RHEL, and Fedora
Action: opened
PR body:
"""
In order to reduce maintenance burden and to be able to use automatic
build tools, bring up the differences between RPM spec files in
upstream, RHEL, and Fedora to a minimum.
This gives us an opportunity to:
- start using proper conditional macros (%bcond_with/%bcond_without)
- remove old cruft where Fedora 31+ and RHEL8+ are already the same
- remove Group lines which already deprecated in Fedora packaging
policy
- remove buildroot cleanup
- support release candidate designations: mostly affects downstreams but
it is better to have macro support in the common spec file
Signed-off-by: Alexander Bokovoy <abokovoy(a)redhat.com>
"""
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/5279/head:pr5279
git checkout pr5279
3 months