Remove dangling Default domain cfg file
The multi-domain LDAP support added in 12.0.6 left behind a keystone.Default.conf file that causes Keystone errors when adding a new domain backed by LDAP. This patch removes the file unless the deployer has specifically created a domain called 'Default'. This is a combined backport of: - https://review.openstack.org/287440 (patch) - https://review.openstack.org/287444 (release notes) Closes-bug: 1547542 Change-Id: I28cbd9afece968002db10e899c5172f1fd3dcc1a
This commit is contained in:
parent
9fc96eb7e1
commit
aafb287c64
|
@ -39,3 +39,15 @@
|
|||
tags:
|
||||
- keystone-ldap-domain-config
|
||||
|
||||
# Bug 1547542 - Older versions of the keystone role would deploy a blank
|
||||
# keystone.Default.conf and this will cause errors when adding LDAP-backed
|
||||
# domains.
|
||||
- name: Remove Keystone Default domain configuration file if not needed
|
||||
file:
|
||||
path: "{{ keystone_ldap_domain_config_dir }}/keystone.Default.conf"
|
||||
state: absent
|
||||
when: keystone_ldap.Default is not defined
|
||||
notify:
|
||||
- Restart Apache
|
||||
tags:
|
||||
- keystone-ldap-domain-config
|
||||
|
|
|
@ -0,0 +1,6 @@
|
|||
fixes:
|
||||
- The addition of multi-domain LDAP configuration support left behind a
|
||||
configuration file for the default domain that causes problems with
|
||||
Keystone. This file will automatically be removed if the deployer is not
|
||||
using the Default domain with an LDAP back end.
|
||||
(`Bug 1547542 <https://bugs.launchpad.net/openstack-ansible/+bug/1547542>`_)
|
Loading…
Reference in New Issue