Bug 1550110

Summary: libldap tlsmc continues even after it fails to extract CA certificates
Product: [Fedora] Fedora Reporter: Matus Honek <mhonek>
Component: openldapAssignee: Matus Honek <mhonek>
Status: CLOSED NEXTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: high    
Version: 28CC: mhonek, pkis, rmeggins
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: openldap-2.4.45-12.fc28 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1547922 Environment:
Last Closed: 2018-03-28 15:03:41 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Matus Honek 2018-02-28 14:13:44 UTC
+++ This bug was initially created as a clone of Bug #1547922 +++

Description of problem:
libldap tlsmc should fail completely and not create the README file when it fails to extract CA certificate. This in order to have the files automatically removed on next run the way it usually happens with improper extraction.

Version-Release number of selected component (if applicable):

openldap-2.4.45-10.f28
How reproducible:
always

Steps to Reproduce:
1. Have not enough permissions to create ./cacerts/* files (e.g. due to selinux)
2. Try to use libldap with NSS DB with CA certs

Actual results:
CA certs are partially extracted and README file exists.

Expected results:
CA certs are partially extracted and README file does *not* exist.