freeipa

Clone
Source Code
GIT

b2b36db Clear kernel keyring in client installer, save dbdir on new connections

2 files Authored by rcritten 11 years ago, Committed by mkosek 11 years ago,
raw patch tree parent
2 files changed. 25 lines added. 1 lines removed.
ipa-client/ipa-install/ipa-client-install
file modified
+10 -1
ipalib/rpc.py
file modified
+15 -0 
    Clear kernel keyring in client installer, save dbdir on new connections
    
    This patch addresses two issues:
    
    1. If a client is previously enrolled in an IPA server and the server
       gets re-installed then the client machine may still have a keyring
       entry for the old server. This can cause a redirect from the
       session URI to the negotiate one. As a rule, always clear the keyring
       when enrolling a new client.
    
    2. We save the NSS dbdir in the connection so that when creating a new
       session we can determine if we need to re-initialize NSS or not. Most
       of the time we do not. The dbdir was not always being preserved between
       connections which could cause an NSS_Shutdown() to happen which would
       fail because of existing usage. This preserves the dbdir information when
       a new connection is created as part of the session mechanism.
    
    https://fedorahosted.org/freeipa/ticket/3108
file modified
+10 -1
file modified
+15 -0
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.