| Summary: | "ipa-kra-install" command reports incorrect message when it is executed on server already installed with KRA. | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Nikhil Dehadrai <ndehadra> |
| Component: | ipa | Assignee: | IPA Maintainers <ipa-maint> |
| Status: | CLOSED ERRATA | QA Contact: | Kaleem <ksiddiqu> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 7.2 | CC: | pvoborni, rcritten |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | ipa-4.4.0-0.el7.1.alpha1 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2016-11-04 05:53:16 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
|
Description
Nikhil Dehadrai
2016-04-19 15:54:22 UTC
Fixed upstream. Not sure in what ticket, could be one of: https://fedorahosted.org/freeipa/ticket/3872 https://fedorahosted.org/freeipa/ticket/4468 https://fedorahosted.org/freeipa/ticket/5197 alich: tested on F23, the issue has been fixed - test PASSED 4.3.90.201604181305GIT2a20c74, API_VERSION: 2.164 pki-server-10.2.6-14.fc23.noarch pki-kra-10.2.6-14.fc23.noarch IPA -server version: ipa-server-4.4.0-11.el7.x86_64
Verified the bug on the basis of below points:
1. Verified that ipa-kra-install -p <password> -U is successfully installed on latest version of ipa-server.
2. Verified that when the same command (ipa-kra-install -p <password> -U) is re-run, following valid message is displayed:
# ipa-kra-install -p Secret123 -U
KRA already installed
The ipa-kra-install command failed. See /var/log/ipaserver-kra-install.log for more information
3. Also proper logs are captured within /var/log/ipaserver-kra-install.log:
# tail -f /var/log/ipaserver-kra-install.log
2016-09-13T10:20:43Z DEBUG IPA version 4.4.0-11.el7
2016-09-13T10:20:43Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
2016-09-13T10:20:43Z DEBUG File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 171, in execute
return_value = self.run()
File "/usr/lib/python2.7/site-packages/ipaserver/install/ipa_kra_install.py", line 164, in run
raise admintool.ScriptError("KRA already installed")
2016-09-13T10:20:43Z DEBUG The ipa-kra-install command failed, exception: ScriptError: KRA already installed
2016-09-13T10:20:43Z ERROR KRA already installed
2016-09-13T10:20:43Z ERROR The ipa-kra-install command failed. See /var/log/ipaserver-kra-install.log for more information
4. Also correct behavior is observed when ipa-kra-install -p <password> -U --uninstall' is run:
# ipa-kra-install -p Secret123 -U --uninstall
Configuring certmonger to stop tracking system certificates for KRA
Unconfiguring KRA
The ipa-kra-install command was successful
# ipa-kra-install -p Secret123 -U --uninstall
Usage: ipa-kra-install [options] [replica_file]
ipa-kra-install: error: Cannot uninstall. There is no KRA installed on this system.
The ipa-kra-install command failed. See /var/log/ipaserver-kra-uninstall.log for more information
Thus on the basis of above observations marking status of bug to "VERIFIED".
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2016-2404.html |