On Wed, Nov 5, 2014 at 7:45 PM, Natxo Asenjo <[email protected]> wrote: > And I think I found it: > https://fedorahosted.org/freeipa/ticket/3727 > > > permissions of that folder: > > $ ls -ld publish/ > drwxr-xr-x. 2 root root 73728 Jun 13 2013 publish/ > > I just changed them to pkiuser:pkiuser, let's see what the next run does.
and it's fixed (after undoing the change in CS.cfg and re-setting ca.crl.MasterCRL.enableCRLCache=false ca.crl.MasterCRL.enableCRLUpdates=false both to true and reloading pki-cad): -rw-rw-r--. 1 pkiuser pkiuser 1807 Jun 28 2013 MasterCRL-20130628-210000.der -rw-rw-r--. 1 pkiuser pkiuser 5278 Nov 5 21:00 MasterCRL-20141105-210000.der lrwxrwxrwx. 1 pkiuser pkiuser 57 Nov 5 21:00 MasterCRL.bin -> /var/lib/ipa/pki-ca/publish/MasterCRL-20141105-210000.der phew -- Groeten, natxo -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
