Bug 1290142

Summary:	Broken 7.2.0 to 7.2.z upgrade - flawed version comparison
Product:	Red Hat Enterprise Linux 7	Reporter:	Martin Bašti <mbasti>
Component:	ipa	Assignee:	IPA Maintainers <ipa-maint>
Status:	CLOSED ERRATA	QA Contact:	Namita Soman <nsoman>
Severity:	urgent	Docs Contact:	Marc Muehlfeld <mmuehlfe>
Priority:	urgent
Version:	7.2	CC:	ekeck, enewland, gparente, ilmostro7, jcholast, jstephen, ksiddiqu, mbasti, mkosek, ndehadra, orion, puiterwijk, pvoborni, rcritten, sgadekar
Target Milestone:	rc	Keywords:	ZStream
Target Release:	---
Hardware:	All
OS:	Linux
Whiteboard:
Fixed In Version:	ipa-4.2.0-16.el7	Doc Type:	Bug Fix
Doc Text:	The IdM upgrade script now runs successfully Previously, the Identity Management (IdM) server upgrade script failed to detect a version change. As a consequence, upgrading an IdM server failed. This bug has been fixed and the upgrade now succeeds.	Story Points:	---
Clone Of:
Clones:	1298100 (view as bug list)		Environment:
Last Closed:	2016-11-04 05:42:28 UTC	Type:	---
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:
Bug Depends On:
Bug Blocks:	1298100

Description Martin Bašti 2015-12-09 18:03:56 UTC

This bug is created as a clone of upstream ticket:
https://fedorahosted.org/freeipa/ticket/5535

Obviously it was upgrade to never version.
{{{
2015-12-09T15:21:02Z DEBUG The ipa-server-upgrade command failed, exception: ScriptError: ("Unable to execute IPA upgrade: data are in newer version than IPA (data version '4.2.0-15.el7', IPA version '4.2.0-15.el7_2.3')", 1)
2015-12-09T15:21:02Z ERROR ("Unable to execute IPA upgrade: data are in newer version than IPA (data version '4.2.0-15.el7', IPA version '4.2.0-15.el7_2.3')", 1)
"/var/log/ipaupgrade.log" 54696L, 5389464C  
}}}

Comment 3 Martin Kosek 2015-12-10 09:24:35 UTC

The bug manifests in 7.2.0 (ipa-4.2.0-15.el7) to 7.2.z (4.2.0-15.el7_2.3) upgrade. The upgrade does not happen as the version check is flawed and does not detect 7.2.z version as the new one.

The workaround is to run

# ipa-server-upgrade --skip-version-check

after the RPM upgrade and start the service again.

Comment 6 Martin Bašti 2015-12-10 10:05:49 UTC

*** Bug 1290346 has been marked as a duplicate of this bug. ***

Comment 7 ilmostro7 2015-12-10 10:16:03 UTC

Yup...sucks big time

Scriptlet output:
   1 Could not load host key: /etc/ssh/ssh_host_dsa_key
   2 warning: file /lib/modules/3.10.0-229.14.1.el7.x86_64/modules.softdep: remove failed: No such file or directory
   3 warning: file /lib/modules/3.10.0-229.14.1.el7.x86_64/modules.devname: remove failed: No such file or directory
   4 IPA server upgrade failed: Inspect /var/log/ipaupgrade.log and run command ipa-server-upgrade manually.
   5 ("Unable to execute IPA upgrade: data are in newer version than IPA (data version '4.2.0-15.el7', IPA version '4.2.0-15.el7_2.3')", 1)

Comment 8 ilmostro7 2015-12-10 10:18:23 UTC

Not sure why the naming format; perhaps specfile got botched? Maybe it should be version 4.2.3.el7 instead of 4.2.0-15.el7_2.3?

Comment 9 Martin Bašti 2015-12-10 10:24:12 UTC

(In reply to ilmostro7 from comment #8)
> Not sure why the naming format; perhaps specfile got botched? Maybe it
> should be version 4.2.3.el7 instead of 4.2.0-15.el7_2.3?

This is bug in checking version method, 4.2.0-15.el7_2.3 version is okay.

Comment 10 Martin Bašti 2015-12-22 13:20:01 UTC

Fixed upstream
master:
https://fedorahosted.org/freeipa/changeset/91913c5ba7c380fe6456e1c3e35fcbfbecef5ff1
ipa-4-3:
https://fedorahosted.org/freeipa/changeset/a249de3b00f20956214a6ee0c1d614b972826637
ipa-4-2:
https://fedorahosted.org/freeipa/changeset/dccdade484698d5ef553f03ce6aab5d9db7a7cf0

Comment 12 Petr Vobornik 2016-01-08 13:32:59 UTC

the upstream patch causes https://fedorahosted.org/freeipa/ticket/5572 Different approach needs to be used.

Comment 13 Jan Cholasta 2016-01-11 17:22:20 UTC

Upstream ticket:
https://fedorahosted.org/freeipa/ticket/5572

Comment 14 Jan Cholasta 2016-01-11 17:31:50 UTC

Ticket 5572 fixed upstream:
master:
https://fedorahosted.org/freeipa/changeset/7cd99e852053710c64dcb66cd5b15fc8ed4da5de
ipa-4-2:
https://fedorahosted.org/freeipa/changeset/be9af721536b7c05e2ba5ffd7d72cc3727d64ff5
ipa-4-3:
https://fedorahosted.org/freeipa/changeset/6b6a11fda76e70d390d5c55f3aaeba8f455458c0

Comment 18 Nikhil Dehadrai 2016-08-08 10:28:18 UTC

IPA server version: ipa-server-4.4.0-3.el7.x86_64

Verified the bug on the basis of following steps:
1. Verified that no error message is observed during upgrade of IPA server.
2. Verified the bug for upgrade paths:
   a) 7.2(GA) to 7.3
   b) 7.2.z to 7.3 (In my case upgrade from 7.2up6)

 Thus on the basis of above observations marking the status of bug to "VERIFIED".

Comment 23 errata-xmlrpc 2016-11-04 05:42:28 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-2404.html