As bug https://bugzilla.redhat.com/show_bug.cgi?id=1504701 showed, restoring a backup of a server where AD trust feature was configured does not necessarily leads to a working configuration if AD trust feature-providing packages were not installed.
A sequence of events is following:
The same will happen for any additional feature where ipa-restore replaces a configuration file tracked by rpm.
In order to avoid this problem, ipa-restore should track that features have their corresponding packages installed before performing a restore if files from a feature exist in the backup. In case of some packages missing, full backup should be refused and an error message with suggestions should be printed.
Metadata Update from @abiagion:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1613015
Issue linked to Bugzilla: Bug 1613015
Metadata Update from @abbra:
- Issue set to the milestone: FreeIPA 4.8
iparestore --full checks that packages for extra features such as dns and adtrust are installed in the system before restoring a backup in case the backup includes content for these features. If the packages are not installed full backup is going to be refused and an error message with suggestions will be showed.
Metadata Update from @okozlov:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)
to comment on this ticket.