Bug 1430247
Summary: | FreeIPA server deployment runs ipa-custodia on Python 3, should use Python 2 | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Adam Williamson <awilliam> |
Component: | freeipa | Assignee: | IPA Maintainers <ipa-maint> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | urgent | Docs Contact: | |
Priority: | unspecified | ||
Version: | rawhide | CC: | abokovoy, cheimes, ipa-maint, jcholast, jhrozek, mruckman, pvoborni, pvomacka, rcritten, ssorce, tkrizek |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | freeipa-4.4.4-2.fc26 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2017-06-09 19:08:52 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Adam Williamson
2017-03-08 07:36:18 UTC
python3-custodia does not depend on python3-ipalib. Only the specialized Custodia instance of FreeIPA loads an additional plugin that is provided by ipapython and ipaserver. The ipa-custodia is critical for replica install. For FreeIPA 4.4 and Custodia 0.2, ipa-custodia must be run with Python 2. Once https://github.com/freeipa/freeipa/pull/517 has landed, it's all handled by FreeIPA internally. Better? Christian, I don't get how PR 517 should fix F26. Custodia 0.3 is built only for Fedora 27 and not Fedora 26. So neither FreeIPA 4.4 nor 4.5(master) will be fixed by it and it will only says that we are missing dependencies. Or do you plan to add Custodia 0.3 to Fedora 26? Can someone say whether this is a critical issue - i.e. whether FreeIPA will fail to work correctly without ipa-custodia? I'm not sure what it's for. Thanks! I think it is a critical issue. Christian is traveling right now, so his response will be delayed. Adam, which version of Custodia and FreeIPA are you running? The Fedora 26 package should still default to Python 2. I don't understand why your system runs Custodia with Python 3. $ rpm -qa custodia freeipa-server freeipa-server-4.4.3-8.fc26.x86_64 custodia-0.2.0-3.fc26.noarch $ head -n1 /usr/sbin/custodia #!/usr/bin/python2 $ grep ExecStart /usr/lib/systemd/system/ipa-custodia.service ExecStart=/usr/sbin/custodia /etc/ipa/custodia/custodia.conf Discussed in today's Blocker Review meeting. It'd be really good to get a fix in for this before Alpha release. Please update the bug if this issue is more severe than we currently suspect. Note, in further discussion between me and sgallagh, it transpires that this issue may not affect F26. It may only affect 0.3.0-1+, which are only in Rawhide. F26 tests have been running into *other* issues, so we haven't reached this point in the F26 tests yet. Once the other issues are resolved, I'll check if this is really affect current F26. This indeed doesn't seem to affect F26 (at present), so switching to Rawhide and dropping Alpha FE status. Upstream ticket: https://pagure.io/freeipa/issue/5825 Fixed upstream ipa-4-5: https://pagure.io/freeipa/c/403263df7a3be61086c87c5577698cf32a912065 master: https://pagure.io/freeipa/c/f5bf5466eda0de2a211b4f2682e5c50b82577701 freeipa-4.4.4-2.fc26 has been submitted as an update to Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-0d0ec3e0af freeipa-4.4.4-2.fc26 has been pushed to the Fedora 26 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-0d0ec3e0af custodia-0.3.1-2.fc26 freeipa-4.4.4-2.fc26 has been submitted as an update to Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-0d0ec3e0af custodia-0.3.1-2.fc26, freeipa-4.4.4-2.fc26 has been pushed to the Fedora 26 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-0d0ec3e0af custodia-0.3.1-2.fc26, freeipa-4.4.4-2.fc26 has been pushed to the Fedora 26 stable repository. If problems still persist, please make note of it in this bug report. |