Note: This bug is displayed in read-only format because
the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Description of problem:
In case keystone is using multiple ldap backend, sosreport should also get /etc/keystone/domains
Version-Release number of selected component (if applicable):
How reproducible:
Always ?
Steps to Reproduce:
1. sosreport of the title
2.
3.
Actual results:
/etc/keystone/domains is missing (or whatever string is configured in the keystone.conf file)
Expected results:
Additional info:
Do I get it right, that it is required from sos to:
- inspect content of keystone.conf (I expect /etc/keystone/keystone.conf)
- find a value of ??which-one?? property, if present
- collect that value of that property (should be /etc/keystone/domains)
- if not specified / not found, collect /etc/keystone/domains as a default
Am I right here? What is the property name, please? Can't be the value of that property obtained from a command (as a preffered way to sos grepping the property manualy and relying the syntax of the config file is stable over years)?
What's the rationale for the path being configurable, and is a non-default path a supported configuration fro Red Hat products?
We can parse the configuration file if it is absolutely necessary but it seems curious to allow this path to be specified by the administrator.
It would be bit tricky to parse the config file that way, since we have to ensure that:
- [identity] is preceded the domain_config_dir
- no other section is between [identity] and domain_config_dir
- read that value
I am checking various keystone.conf in sosreports I have got access to - and so far the stats are:
- 773 sosreports with that config found
- 103 have that option uncommented
- none of them sets non-default value
So I think the parsing would be error-prone while providing very limited to none additional info/data.
I don't agree on this one. It really helps to have that information as we actually are asking the customer to copy/paste that in the cases but if it was in sos_report, we could simply look at those configurations ... But it's up to you here.
(In reply to David Hill from comment #6)
> I don't agree on this one. It really helps to have that information as we
> actually are asking the customer to copy/paste that in the cases but if it
> was in sos_report, we could simply look at those configurations ... But
> it's up to you here.
Is that alternate config location supported?
What support cases are you asking for that (to see if their config really points to non-default dir. location)
(I mean, we _will_ collect the content of /etc/keystone/domains but I am not convinced we should parse the config file to optionally collect non-default directory content)
Oh no... I'm not asking for that either but if 99% of the cases don't have the default location, we can always tell the customer to not change it . That'd be great to have in sosreport.
Also https://github.com/sosreport/sos/pull/1147 needs to be present in 7.5 (if nothing else then to scrub LDAP passwords in the default domains dir that doesnt happen ATM).
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.
https://access.redhat.com/errata/RHEA-2018:0963