From fdf142dbd592561a67b0f478cc97ca8ef64792e3 Mon Sep 17 00:00:00 2001
From: Adam Williamson <awilliam@redhat.com>
Date: Fri, 18 Sep 2020 13:49:11 -0700
Subject: [PATCH] Disable systemd-resolved before deploying FreeIPA
 server/replica

Having systemd-resolved in use seems to cause problems for
FreeIPA servers:
https://bugzilla.redhat.com/show_bug.cgi?id=1880628
until the scripts are enhanced to do this or something, let's
disable it before server/replica deployment.

Signed-off-by: Adam Williamson <awilliam@redhat.com>
---
 tests/realmd_join_sssd.pm              | 9 +++++++++
 tests/role_deploy_domain_controller.pm | 8 ++++++++
 2 files changed, 17 insertions(+)

diff --git a/tests/realmd_join_sssd.pm b/tests/realmd_join_sssd.pm
index 25ebd5f3..e4fe03de 100644
--- a/tests/realmd_join_sssd.pm
+++ b/tests/realmd_join_sssd.pm
@@ -41,6 +41,15 @@ sub run {
     # do the enrolment
     if (get_var("FREEIPA_REPLICA")) {
         # here we're enrolling not just as a client, but as a replica
+        # disable systemd-resolved, it kinda conflicts with FreeIPA's
+        # bind: https://bugzilla.redhat.com/show_bug.cgi?id=1880628
+        unless (script_run "systemctl is-active systemd-resolved.service") {
+            script_run "systemctl stop systemd-resolved.service";
+            script_run "systemctl disable systemd-resolved.service";
+            script_run "rm -f /etc/resolv.conf";
+            script_run "systemctl restart NetworkManager";
+        }
+
         # install server packages
         assert_script_run "dnf -y groupinstall freeipa-server", 600;
 
diff --git a/tests/role_deploy_domain_controller.pm b/tests/role_deploy_domain_controller.pm
index 6302aa81..d17f4cea 100644
--- a/tests/role_deploy_domain_controller.pm
+++ b/tests/role_deploy_domain_controller.pm
@@ -19,6 +19,14 @@ sub run {
     # aren't in Modular Server composes)
     my $extraparams = '';
     $extraparams = '--enablerepo=fedora' if (get_var("MODULAR"));
+    # disable systemd-resolved, it kinda conflicts with FreeIPA's
+    # bind: https://bugzilla.redhat.com/show_bug.cgi?id=1880628
+    unless (script_run "systemctl is-active systemd-resolved.service") {
+        script_run "systemctl stop systemd-resolved.service";
+        script_run "systemctl disable systemd-resolved.service";
+        script_run "rm -f /etc/resolv.conf";
+        script_run "systemctl restart NetworkManager";
+    }
     # we need a lot of entropy for this, and we don't care how good
     # it is, so let's use haveged
     assert_script_run "dnf ${extraparams} -y install haveged", 300;