Bug 1255880

Summary: ipactl status should distinguish between different pki-tomcat services
Product: Red Hat Enterprise Linux 7 Reporter: Scott Poore <spoore>
Component: ipaAssignee: IPA Maintainers <ipa-maint>
Status: CLOSED ERRATA QA Contact: Namita Soman <nsoman>
Severity: unspecified Docs Contact:
Priority: medium    
Version: 7.2CC: mkosek, pvoborni, rcritten
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ipa-4.2.0-8.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-11-19 12:05:52 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Scott Poore 2015-08-21 18:46:24 UTC 
Description of problem:


Right now, ipactl status does not present what the pki-tomcatd service is for.  With the ability to add KRA now, I see two services that look the same:

[root@master ~]# ipactl status
Directory Service: RUNNING
krb5kdc Service: RUNNING
kadmin Service: RUNNING
named Service: RUNNING
ipa_memcached Service: RUNNING
httpd Service: RUNNING
pki-tomcatd Service: RUNNING
pki-tomcatd Service: RUNNING
ipa-otpd Service: RUNNING
ipa-dnskeysyncd Service: RUNNING
ipa: INFO: The ipactl command was successful


In the event that everything is working, that may be fine.  But, in the event there are issues, I can't tell what's broken--CA or KRA.

Version-Release number of selected component (if applicable):
ipa-server-4.2.0-5.el7.x86_64

How reproducible:
always

Steps to Reproduce:
1.  ipa-server-install
2.  ipa-kra-install
3.  ipactl status

Actual results:
two identical looking pki-tomcatd services are listed

Expected results:
should list pki services differently


Additional info:
Comment 2 Petr Vobornik 2015-08-24 08:55:30 UTC 
Upstream ticket:
https://fedorahosted.org/freeipa/ticket/5248
Comment 3 Petr Vobornik 2015-08-26 15:45:06 UTC 
Fixed upstream
master:
https://fedorahosted.org/freeipa/changeset/59cc54b6dce29e32e81bfaad25ff13794092d782
ipa-4-2:
https://fedorahosted.org/freeipa/changeset/21cdcbd9a6b6a82d39d40b91a64d4d9b4d7e4e7d
Comment 5 Scott Poore 2015-08-26 21:59:17 UTC 
Just to confirm, in order to verify, I should not see multiple pki-tomcatd services listed?  Only 1?

Thanks,
Scott
Comment 6 Petr Vobornik 2015-08-27 07:23:49 UTC 
Yes, only 1.
Comment 7 Scott Poore 2015-08-27 15:09:42 UTC 
Verified.

Version ::

ipa-server-4.2.0-8.el7.x86_64

Results ::

[root@master ~]# ldapsearch -Y GSSAPI -b cn=master.testrelm.test,cn=masters,cn=ipa,cn=etc,dc=testrelm,dc=test cn=KRA
SASL/GSSAPI authentication started
SASL username: admin
SASL SSF: 56
SASL data security layer installed.
# extended LDIF
#
# LDAPv3
# base <cn=master.testrelm.test,cn=masters,cn=ipa,cn=etc,dc=testrelm,dc=test> with scope subtree
# filter: cn=KRA
# requesting: ALL
#

# KRA, master.testrelm.test, masters, ipa, etc, testrelm.test
dn: cn=KRA,cn=master.testrelm.test,cn=masters,cn=ipa,cn=etc,dc=testrelm,dc=test
objectClass: ipaConfigObject
objectClass: nsContainer
objectClass: top
ipaConfigString: enabledService
ipaConfigString: startOrder 51
cn: KRA

# search result
search: 4
result: 0 Success

# numResponses: 2
# numEntries: 1
[root@master ~]# ipactl status
Directory Service: RUNNING
krb5kdc Service: RUNNING
kadmin Service: RUNNING
named Service: RUNNING
ipa_memcached Service: RUNNING
httpd Service: RUNNING
pki-tomcatd Service: RUNNING
ipa-otpd Service: RUNNING
ipa-dnskeysyncd Service: RUNNING
ipa: INFO: The ipactl command was successful
Comment 8 errata-xmlrpc 2015-11-19 12:05:52 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-2362.html