Commit - freeipa - a0d90263d62f48f0c04b8b9e7da3aaa10201c3a0

freeipa

`a0d9026` server uninstall fails to remove krb principals

1 file Authored by frenaud 7 years ago, Committed by mbasti 7 years ago,

raw patch tree parent

1 file changed. 7 lines added. 0 lines removed.

    server uninstall fails to remove krb principals
    
    This patch fixes the 3rd issue of ticket 6012:
    ipa-server-install --uninstall -U
    complains while removing Kerberos service principals from /etc/krb5.keytab
    ----
    Failed to remove Kerberos service principals: Command '/usr/sbin/ipa-rmkeytab -k /etc/krb5.keytab -r DOM-221.ABC.IDM.LAB.ENG.BRQ.REDHAT.COM' returned non-zero exit status 5
    ----
    
    This happens because the uninstaller performs the following sequence:
    1/ restore pre-install files, including /etc/krb5.keytab
    At this point /etc/krb5.keytab does not contain any principal for
    IPA domain
    2/ call ipa-client-install --uninstall, which in turns runs
    ipa-rmkeytab -k /etc/krb5.keytab -r <domain>
    to remove the principals.
    
    The fix ignores ipa-rmkeytab's exit code 5 (Principal name or realm not
    found in keytab)
    
    https://fedorahosted.org/freeipa/ticket/6012
    
    Reviewed-By: Martin Basti <mbasti@redhat.com>

client/ipa-client-install

file modified

+7 -0

freeipa

Source Code

a0d9026 server uninstall fails to remove krb principals

1 file Authored by frenaud 7 years ago, Committed by mbasti 7 years ago,

`a0d9026` server uninstall fails to remove krb principals