Move the pki-tomcat restart to cainstance creation

pki-tomcat would have been restarted in install and replicainstall for backward compatibility reasons. As Dogtag 9 is not supported anymore, we can move this restart only for DL0 replica installation. https://fedorahosted.org/freeipa/ticket/6392 Reviewed-By: Martin Basti <mbasti@redhat.com> Reviewed-By: Jan Cholasta <jcholast@redhat.com>
rcritten · Nov 11, 2016 · ba4df64 · ba4df64
1 parent bde1d82
commit ba4df64
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 6 deletions.
diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py
@@ -423,6 +423,10 @@ def configure_instance(self, host_name, dm_password, admin_password,
                           configure_lightweight_ca_acls)
                 self.step("Ensure lightweight CAs container exists",
                           ensure_lightweight_cas_container)
+                if self.clone and not promote:
+                    self.step(
+                        "Ensuring backward compatibility",
+                        self.__dogtag10_migration)
                 self.step("configure certificate renewals", self.configure_renewal)
                 self.step("configure Server-Cert certificate renewal", self.track_servercert)
                 self.step("Configure HTTP to proxy connections",
@@ -1276,6 +1280,15 @@ def __add_lightweight_ca_tracking_requests(self):
             root_logger.warning(
                 "Did not find any lightweight CAs; nothing to track")
 
+    def __dogtag10_migration(self):
+        ld = ldapupdate.LDAPUpdate(ldapi=True, sub_dict={
+            'SUFFIX': api.env.basedn,
+            'FQDN': self.fqdn,
+        })
+        ld.update([os.path.join(paths.UPDATES_DIR,
+                                '50-dogtag10-migration.update')]
+                  )
+
 
 def replica_ca_install_check(config, promote):
     if promote:

diff --git a/ipaserver/install/server/install.py b/ipaserver/install/server/install.py
@@ -854,9 +854,6 @@ def install(installer):
     service.print_msg("Restarting the KDC")
     krb.restart()
 
-    if setup_ca:
-        services.knownservices['pki_tomcatd'].restart('pki-tomcat')
-
     if options.setup_dns:
         dns.install(False, False, options)
     else:

diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py
@@ -935,9 +935,6 @@ def install(installer):
     service.print_msg("Restarting the KDC")
     krb.restart()
 
-    if config.setup_ca:
-        services.knownservices['pki_tomcatd'].restart('pki-tomcat')
-
     if options.setup_dns:
         dns.install(False, True, options)
     else: