When DNSSEC master is installed on server, after uninstallation state
[ods-enforcerd] kasp_db_configured = True
is still there, even if uninstaller tries to remove it with restore_state().
This is caused by mixed case of "KASP_DB_configured" that is used in code (see that this has been saved as lower case in statefile). When I changed this value to lower case in code, it worked.
Possible solutions:
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1296196
Sysrestore state 'kasp_db_configured' giving information that OpenDNSSEC database kasp.db has been created. This database must be created only once, it contains metadata for DNSSEC keys. Reinitialization of kasp.sb database will cause lost of those information and DNSSEC keys will not be rotated, respectively new keys will be generated.
This bug causes that installer receives information that kasp.db has not been initialized yet and installer will recreate it. This may happen when user is reinstalling DNS subsystem.
master:
ipa-4-3:
ipa-4-2:
Metadata Update from @mbasti: - Issue assigned to mbasti - Issue set to the milestone: FreeIPA 4.2.4
Login to comment on this ticket.