Bug 1178190

Summary: pre and post commands do not display in getcert list
Product: Red Hat Enterprise Linux 6 Reporter: Rob Crittenden <rcritten>
Component: certmongerAssignee: Jan Cholasta <jcholast>
Status: CLOSED ERRATA QA Contact: Kaleem <ksiddiqu>
Severity: high Docs Contact:
Priority: unspecified    
Version: 6.6CC: dkupka, ksiddiqu, mkosek, nalin
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: certmonger-0.77.1-1.el6 Doc Type: Bug Fix
Doc Text:
Previously, the "getcert list" command did not display the "pre-save command" and "post-save command" values. As a consequence, running "getcert list" could return incomplete results. With this update, the problem has been fixed, and running "getcert list" displays the "pre-save command" and "post-save command" values as expected. (BZ#1178190)
 Story Points: ---
Clone Of:
: 1181022 (view as bug list) Environment:
Last Closed: 2015-07-22 07:17:38 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1181022    

Description Rob Crittenden 2015-01-02 19:00:49 UTC 
Description of problem:

getcert list no longer displays the pre and post-save commands. The labels are there but not the contents. I confirmed that the values are there in /var/lib/certmonger/requests.


With version certmonger-0.61-3.el6:

Request ID '20150102143632':
        status: MONITORING
        stuck: no
        key pair storage: type=NSSDB,location='/etc/httpd/alias',nickname='Server-Cert',token='NSS Certificate DB',pinfile='/etc/httpd/alias/pwdfile.txt'
        certificate: type=NSSDB,location='/etc/httpd/alias',nickname='Server-Cert',token='NSS Certificate DB'
        CA: IPA
        issuer: CN=Certificate Authority,O=EXAMPLE.COM
        subject: CN=pacer.example.com,O=EXAMPLE.COM
        expires: 2017-01-02 14:36:32 UTC
        eku: id-kp-serverAuth,id-kp-clientAuth
        pre-save command: 
        post-save command: /usr/lib64/ipa/certmonger/restart_httpd
        track: yes
        auto-renew: yes

And certmonger-0.75.13-1.el6:

Request ID '20150102143632':
        status: MONITORING
        stuck: no
        key pair storage: type=NSSDB,location='/etc/httpd/alias',nickname='Server-Cert',token='NSS Certificate DB',pinfile='/etc/httpd/alias/pwdfile.txt'
        certificate: type=NSSDB,location='/etc/httpd/alias',nickname='Server-Cert',token='NSS Certificate DB'
        CA: IPA
        issuer: CN=Certificate Authority,O=EXAMPLE.COM
        subject: CN=pacer.example.com,O=EXAMPLE.COM
        expires: 2017-01-02 14:36:32 UTC
        key usage: digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment
        eku: id-kp-serverAuth,id-kp-clientAuth
        pre-save command: 
        post-save command: 
        track: yes
        auto-renew: yes

Version-Release number of selected component (if applicable):

certmonger-0.75.13-1.el6
Comment 6 Kaleem 2015-04-07 09:40:13 UTC 
Verified.

Certmonger version:
-------------------
[root@dhcp207-188 ~]# rpm -q certmonger
certmonger-0.77.1-1.el6.x86_64
[root@dhcp207-188 ~]# 

Snip from automation log:
-------------------------

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: certmonger_bz1178190 - pre and post commands do not display in getcert list
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [  BEGIN   ] :: Creating tmp directory :: actually running 'TmpDir=`mktemp -d`'
:: [   PASS   ] :: Creating tmp directory (Expected 0, got 0)
:: [  BEGIN   ] :: running getcert to check pre/post commands in output :: actually running 'getcert list | grep command: > /tmp/tmp.jE9I8Pg81L/bz1178190.txt 2>&1'
:: [   PASS   ] :: running getcert to check pre/post commands in output (Expected 0, got 0)
:: [   PASS   ] :: File '/tmp/tmp.jE9I8Pg81L/bz1178190.txt' should contain 'pre-save command: /usr/lib64/ipa/certmonger/stop_pkicad' 
:: [   PASS   ] :: File '/tmp/tmp.jE9I8Pg81L/bz1178190.txt' should contain 'post-save command: /usr/lib64/ipa/certmonger/renew_ca_cert "auditSigningCert cert-pki-ca"' 
:: [  BEGIN   ] :: running getcert to check pre/post commands in output :: actually running 'grep _command /var/lib/certmonger/requests/* > /tmp/tmp.jE9I8Pg81L/bz1178190.txt 2>&1'
:: [   PASS   ] :: running getcert to check pre/post commands in output (Expected 0, got 0)
:: [   PASS   ] :: File '/tmp/tmp.jE9I8Pg81L/bz1178190.txt' should contain 'pre_certsave_command=/usr/lib64/ipa/certmonger/stop_pkicad' 
:: [   PASS   ] :: File '/tmp/tmp.jE9I8Pg81L/bz1178190.txt' should contain 'post_certsave_command=/usr/lib64/ipa/certmonger/renew_ca_cert "auditSigningCert cert-pki-ca"'
Comment 7 errata-xmlrpc 2015-07-22 07:17:38 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-1379.html