Bug 1108303
| Summary: | Rebase pki-core to 10.1 | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Nathan Kinder <nkinder> |
| Component: | pki-core | Assignee: | Ade Lee <alee> |
| Status: | CLOSED ERRATA | QA Contact: | Asha Akkiangady <aakkiang> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 7.1 | CC: | alee, drieden, jcholast, mharmsen, mkosek, rpattath |
| Target Milestone: | rc | Keywords: | Rebase |
| Target Release: | 7.1 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | pki-core-10.1.2-2.el7 | Doc Type: | Rebase: Bug Fixes and Enhancements |
| Doc Text: |
This bug re-based Dogtag 10.0 to 10.1 to fix numerous bugs.
Additionally, it contained the following notable enhancements for RHEL 7.1:
* Infrastructure/ Version Changes:
** RESTEasy was updated from version 2.3.2 to 3.0.1. As part of this transition, some server code (the interceptors) was modified to implement JAX-RS 2.0.
** Tomcat has changed to more properly use systemd unit files to start up, rather than system V init scripts. Consequently, new Dogtag systemd unit files (based on the tomcat unit files) were required.
* REST interface enhancements:
** The interface has been updated to use standard HTTP return codes under various operations. Paging support has been added to most search operations.
** New REST interfaces have been added for managing certificate profiles on the CA. This includes:
*** Methods to list, add, remove, edit, enable/disable profiles. These methods are protected by ACLs that limit authorization to agents or administrators as appropriate.
*** Extensions to the pki CLI tool to perform all the above operations.
*** A new method to provide enrollment templates to end-entity users for specific profiles. An enrollment template is a certificate request representation that contains all the required inputs for a given profile. End entity users can list available profiles by calling GET /certrequests/profiles, and fetch an enrollment template by navigating to GET /certrequests/profiles/{id}.
* CLI improvements:
** The "pki" CLI commands have been organized according to the target of the operations: the client, the subsystems, and the security domain. The client commands provide an interface to manage client certificates. The subsystem commands provide an interface to access various services in each subsystem. The security domain commands provide an interface for managing subsystems. The old-style commands are still available for backward compatibility.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2015-03-05 08:19:36 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1082754, 1109726 | ||
|
Description
Nathan Kinder
2014-06-11 16:58:18 UTC
Created new branch called 'IPA_V4_RHEL_7_1_ERRATA_BRANCH' off of 'master'. Merged Brew 7.1 'pki-core.spec' changelog histories with 'pki-core.spec' changelog histories on 'IPA_V4_RHEL_7_1_ERRATA_BRANCH': * 9d66a93dbdd8e2a4d047fd44685a2544d4ecf242 The attempted history merge resulted in an 'rpmlint' error in the changelog
order; reverted this patch.
commit 9b698a5d02fc50ab27bd23a067f74140a456c2d2
Author: Matthew Harmsen <mharmsen>
Date: Fri Sep 5 21:44:44 2014 -0700
Revert "Resolves: rhbz #1108303"
This reverts commit 9d66a93dbdd8e2a4d047fd44685a2544d4ecf242.
Reverting the patch which attempted to merge histories of
the Brew 7.1 'pki-core.spec' file with the source 'pki-core.spec'
file located on this branch.
It was determined that RHEL 7.1 would be rebased to Dogtag 10.1 rather than Dogtag 10.2. git push origin :IPA_V4_RHEL_7_1_ERRATA_BRANCH To ssh://git.fedorahosted.org/git/pki.git - [deleted] IPA_V4_RHEL_7_1_ERRATA_BRANCH Recreated IPA_V4_RHEL_7_1_ERRATA_BRANCH off of DOGTAG_10_1_BRANCH: # git clone -b DOGTAG_10_1_BRANCH ssh://git.fedorahosted.org/git/pki.git # cd pki # git checkout -b IPA_V4_RHEL_7_1_ERRATA_BRANCH # git branch DOGTAG_10_1_BRANCH * IPA_V4_RHEL_7_1_ERRATA_BRANCH # git branch -a DOGTAG_10_1_BRANCH * IPA_V4_RHEL_7_1_ERRATA_BRANCH remotes/origin/DOGTAG_10_0_BRANCH remotes/origin/DOGTAG_10_1_BRANCH remotes/origin/DOGTAG_10_2_BRANCH remotes/origin/DOGTAG_9_BRANCH remotes/origin/HEAD -> origin/master remotes/origin/IPA_V3_RHEL_7_ERRATA_BRANCH remotes/origin/IPA_v2_RHEL_6_ERRATA_BRANCH remotes/origin/autoformat remotes/origin/autoformat2 remotes/origin/master # git push -u origin IPA_V4_RHEL_7_1_ERRATA_BRANCH Total 0 (delta 0), reused 0 (delta 0) To ssh://git.fedorahosted.org/git/pki.git * [new branch] IPA_V4_RHEL_7_1_ERRATA_BRANCH -> IPA_V4_RHEL_7_1_ERRATA_BRANCH Branch IPA_V4_RHEL_7_1_ERRATA_BRANCH set up to track remote branch IPA_V4_RHEL_7_1_ERRATA_BRANCH from origin. # git branch -a DOGTAG_10_1_BRANCH * IPA_V4_RHEL_7_1_ERRATA_BRANCH remotes/origin/DOGTAG_10_0_BRANCH remotes/origin/DOGTAG_10_1_BRANCH remotes/origin/DOGTAG_10_2_BRANCH remotes/origin/DOGTAG_9_BRANCH remotes/origin/HEAD -> origin/master remotes/origin/IPA_V3_RHEL_7_ERRATA_BRANCH remotes/origin/IPA_V4_RHEL_7_1_ERRATA_BRANCH remotes/origin/IPA_v2_RHEL_6_ERRATA_BRANCH remotes/origin/autoformat remotes/origin/autoformat2 remotes/origin/master Moving back to ASSIGNED as not all pki-core dependencies are in RHEL-7.1 (we miss tomcat 7.0.47) and pki-ca package cannot be installed. ipa-server-install also does not work due to pkispawn error - see Bug 1141193. pki-ca package was installed successfully and pkispawn successfully created a CA instance using pki-core-10.1.2-4.el7 *** Bug 1141193 has been marked as a duplicate of this bug. *** Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2015-0346.html |