[Pki-devel] [PATCH] PKI TRAC Ticket #899 - RFE - ipa-server should keep backup of CS.cfg
Ade Lee
alee at redhat.com
Wed Jul 2 14:42:29 UTC 2014
ACK. Looks good. Two small nits only - just fix and check in.
1. In operations, no need to further indent the comments in
backup_instance_configuration_files().
2. At the end of start_instance() , you do:
return $?
Why not just move that into the if .. then .. fi clause above?
ie. replace : rv=$? with return $?
Ade
On Fri, 2014-06-27 at 20:58 -0700, Matthew Harmsen wrote:
> Please review the attached patch for:
> * PKI TRAC Ticket #899 - RFE - ipa-server should keep backup of
> CS.cfg
>
> This patch is based upon a previously reviewed patch for the Dogtag 9
> architecture utilized by the IPA_v2_RHEL_6_ERRATA_BRANCH, but was
> modified and tested to work with the Dogtag 10.2 architecture.
>
>
> CAVEAT 1:
>
>
> Although this patch contains changes to multiple PKI
> subsystem's 'CS.cfg' configuration files, an upgrade script
> should not be specifically required for legacy instances since
> the parameter that is added,
> 'archive.configuration_file=true', is presumed even if the
> parameter is missing (as it would be on any legacy instance).
> In this case, it would only be necessary to add this parameter
> to a legacy instance's CS.cfg, and set the value to 'false' in
> order to turn off 'CS.cfg' configuration file archival
> (explicit instructions detailing this are found in the
> 'operations' script). However, if this is desired for
> completeness, I don't mind adding it.
> CAVEAT 2:
> I had originally made the effort to attempt to have specific
> crucial WARNING messages echoed to the display as well as to
> the journal. I believe that this would be beneficial, as, for
> example, it would immediately notify an admin that since an
> error had occurred, 'CS.cfg' backups would be discontinued
> until the error was corrected. My idea was to echo these
> WARNING messages explicitly to stderr via redirecting them
> (>&2), and adding the parameter 'StandardError=journal
> +console' under the [Service] section of the
> 'pki-tomcatd at pki-tomcat.service' file. Unfortunately, I was
> never able to make this work - both stdout and stderr messages
> were stored in the journal, but were never displayed to the
> screen when typing 'systemctl restart
> pki-tomcatd at pki-tomcat.service' (even after a 'systemctl
> daemon-reload' had been performed).
> -- Matt
> _______________________________________________
> Pki-devel mailing list
> Pki-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-devel
More information about the Pki-devel
mailing list