67a33e5 Uninstaller: uninstall PKI before shutting down services

Authored and Committed by frenaud a year ago
    Uninstaller: uninstall PKI before shutting down services
    The uninstaller is stopping all the services before
    calling pkidestroy to uninstall the CA.
    With PKI 11.4+ this sequence fails as pkidestroy tries
    to connect to PKI server in order to unregister from the
    security domain. The error interrupts the full completion
    of pkidestroy, is logged but doesn't make ipa uninstallation
    The issue is that trying to re-install later on would fail because
    pkidestroy did not completely uninstall the CA.
    To avoid this, call pkidestroy before shutting down the services.
    Also add an uninstall_check method that restarts IPA if it is
    not running, and use pkidestroy --force to make sure that PKI
    is uninstalled even if restart failed.
    Fixes: https://pagure.io/freeipa/issue/9330
    Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
    Reviewed-By: Rob Crittenden <rcritten@redhat.com>
file modified
+18 -0
file modified
+2 -0