Bug 1024578

Summary: ipa-client-install occasionally updates ldap.conf with improper formatting
Product: Red Hat Enterprise Linux 7 Reporter: Michael Gregg <mgregg>
Component: ipaAssignee: Martin Kosek <mkosek>
Status: CLOSED WORKSFORME QA Contact: Namita Soman <nsoman>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.0CC: jcholast, rcritten
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-10-30 20:06:53 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Michael Gregg 2013-10-30 01:20:14 UTC
Description of problem:
In one of our client tests, I occasionally see ipa-client install update ldap.conf with the line "URI ldap://ipaqa64vmc.testrelm.com". the problem is that the line is occasionally added to ldap.conf without a CR or a LF in front of the line. 

I am having difficulty reproducing this problem. I only had it happen once manually when I ran "ipa-client-install --domain=testrelm.com --principal=admin --server=ipaqa64vmc.testrelm.com --password=<pw> --unattended --realm=TESTRELM.COM --fixed-primary --force --force-ntpd --hostname=ipaqavmg.testrelm.com --mkhomedir --no-dns-sshfp --noac"

Version-Release number of selected component (if applicable):
ipa-client-3.3.2-4.el7.x86_64

How reproducible:
occasionally. 

Steps to Reproduce:
1. ipa-client-install --domain=testrelm.com --principal=admin --server=ipaqa64vmc.testrelm.com --password=<pw> --unattended --realm=TESTRELM.COM --fixed-primary --force --force-ntpd --hostname=ipaqavmg.testrelm.com --mkhomedir --no-dns-sshfp --noac

Actual results:

:: [ 20:14:03 ] ::  contents of /etc/openldap/ldap.conf
#
# LDAP Defaults
#

# See ldap.conf(5) for details
# This file should be world readable but not world writable.

#BASE	dc=example,dc=com
#URI	ldap://ldap.example.com ldap://ldap-master.example.com:666

#SIZELIMIT	12
#TIMELIMIT	15
#DEREF		never

TLS_CACERTDIR /etc/openldap/cacerts

# Turning this off breaks GSSAPI used with krb5 when rdns = false
SASL_NOCANON	onURI ldap://ipaqa64vmc.testrelm.com
BASE dc=example,dc=com


Expected results: I am expecting the "URI ldap://<etc>" line to be on it's own line.



Additional info:

Comment 2 Martin Kosek 2013-10-30 08:37:33 UTC
I did look in the code and run the installation few times, but I was never able to reproduce. Jan, any idea what could cause this?

Comment 3 Michael Gregg 2013-10-30 18:03:30 UTC
I am doing my best to find a way to reproduce this reliably today.

Comment 4 Michael Gregg 2013-10-30 20:06:53 UTC
I have been trying for two hours, but I am unable to reproduce this in ipa-server-3.3.2-5.el7.x86_64

I suppose I will close this bug as "worksforme". I have tagged the QA test that was hitting this in the past. If this seems to come back, we can reopen this bug.

Comment 5 Martin Kosek 2013-10-30 20:58:58 UTC
Michael, thanks for all the work when reproducing it. Let's resurrect this Bugzilla if we manage to find the reproducer, eventually.

Comment 6 Jan Cholasta 2013-10-31 08:39:11 UTC
I was not able to reproduce this either. I suspected that the bug would be triggered by removing trailing newline from ldap.conf, but it was not.