Bug 1644769
Summary: | pkispawn fails due to name collision with /var/log/pki/<instance> | |||
---|---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Dinesh Prasanth <dmoluguw> | |
Component: | pki-core | Assignee: | Dinesh Prasanth <dmoluguw> | |
Status: | CLOSED ERRATA | QA Contact: | Asha Akkiangady <aakkiang> | |
Severity: | high | Docs Contact: | Marc Muehlfeld <mmuehlfe> | |
Priority: | high | |||
Version: | 7.7 | CC: | cpelland, mharmsen, msauton, sumenon | |
Target Milestone: | rc | Keywords: | TestCaseProvided, ZStream | |
Target Release: | --- | |||
Hardware: | All | |||
OS: | Linux | |||
Whiteboard: | ||||
Fixed In Version: | pki-core-10.5.16-2.el7 | Doc Type: | Enhancement | |
Doc Text: |
.Certificate System now preserves the logs of previous installations when reinstalling the service
Previously, the `pkispawn` utility reported a name collision error when installing a Certificate System subsystem on a server with an existing Certificate System log directory structure. With this enhancement, Certificate System reuses the existing log directory structure to preserve logs of previous installations.
|
Story Points: | --- | |
Clone Of: | ||||
: | 1645429 (view as bug list) | Environment: | ||
Last Closed: | 2019-08-06 13:07:19 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 1372056, 1645429 |
Comment 2
Dinesh Prasanth
2018-11-01 22:38:12 UTC
This bug can be verified while testing: https://bugzilla.redhat.com/show_bug.cgi?id=1372056 Verification steps provided for QE: 1. Install a subsystem using pkispawn 2. `tree /var/log/pki/` # note the tree structure 3. Run `pkidestroy -s <subsystem> -i <instance>` 4. `tree /var/log/pki/` # the tree should match #2 5. Install the subsystem again No error should be thrown. Also, you can do `tail -f /var/log/pki/<instance>/<subsystem>/<corresponding debug file>` while executing the above steps to see that new logs are appended to existing log files. 1. namespace collision error is not displayed when pkispawn is run. 2. Reinstall using pkispawn appends the existing log file. Verified on RHEL7.7 [root@pki1 pki]# cat /etc/redhat-release Red Hat Enterprise Linux Server release 7.7 Beta (Maipo) pki-ca-10.5.16-2.el7.noarch pki-kra-10.5.16-2.el7.noarch pki-base-10.5.16-2.el7.noarch 389-ds-base-1.3.9.1-8.el7.x86_64 #pkispawn -s CA -f /root/config2/ca.cfg [root@pki1 ~]# pkidaemon status Status for topology-01-CA: topology-01-CA is running .. [CA Status Definitions] Unsecure URL = http://pki1.example.com:8080/ca/ee/ca Secure Agent URL = https://pki1.example.com:8443/ca/agent/ca Secure EE URL = https://pki1.example.com:8443/ca/ee/ca Secure Admin URL = https://pki1.example.com:8443/ca/services PKI Console Command = pkiconsole https://pki1.example.com:8443/ca Tomcat Port = 8005 (for shutdown) [root@pki1 ~]# tree /var/log/pki/ /var/log/pki/ 8 directories, 39 files [root@pki1 ~]# pkidestroy -s CA -i topology-01-CA Log file: /var/log/pki/pki-ca-destroy.20190612044525.log Loading deployment configuration from /var/lib/pki/topology-01-CA/ca/registry/ca/deployment.cfg. WARNING: The 'pki_pin' in [DEFAULT] has been deprecated. Use 'pki_server_database_password' instead. Uninstalling CA from /var/lib/pki/topology-01-CA. pkidestroy : WARNING ....... Directory '/etc/pki/topology-01-CA/alias' is either missing or is NOT a directory! Uninstallation complete. [root@pki1 ~]# tree /var/log/pki/ 8 directories, 44 files [root@pki1 ~]# pkispawn -s CA -f /root/config2/ca.cfg Log file: /var/log/pki/pki-ca-spawn.20190612044614.log Loading deployment configuration from /root/config2/ca.cfg. Installing CA into /var/lib/pki/topology-01-CA. Storing deployment configuration into /etc/sysconfig/pki/tomcat/topology-01-CA/ca/deployment.cfg. Notice: Trust flag u is set automatically if the private key is present. ========================================================================== INSTALLATION SUMMARY ========================================================================== Administrator's username: caadmin Administrator's PKCS #12 file: /opt/topology-01-CA/ca_admin_cert.p12 To check the status of the subsystem: systemctl status pki-tomcatd To restart the subsystem: systemctl restart pki-tomcatd The URL for the subsystem is: https://pki1.example.com:8443/ca PKI instances will be enabled upon system boot Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:2228 |