Bug 1729185
Summary: | rebuild of ipa-server-container 7.6 | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Ferdinand bot (Userspace containerization team) <cyborg-bugzilla> |
Component: | ipa-server-container | Assignee: | Tibor Dudlák <tdudlak> |
Status: | CLOSED ERRATA | QA Contact: | Nikhil Dehadrai <ndehadra> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 7.6 | CC: | slaznick |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | ipa-server-container-4.6.4-29 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2019-07-29 16:39:43 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1733299 | ||
Bug Blocks: |
Description
Ferdinand bot (Userspace containerization team)
2019-07-11 13:55:20 UTC
Tested the bug with following observations: Atomic host Version: 7.6.6 (2019-07-24 08:47:27) IPA-IMAGE: ipa-server-container-4.6.4-28 SSSD-IMAGE: sssd-container-7.6-29 # atomic run ipadocker rpm -q ipa-server ipa-server-4.6.4-10.el7_6.6.x86_64 # atomic run sssd rpm -q ipa-client ipa-client-4.6.4-10.el7_6.6.x86_64 Verified the bug with following scenarios: A) CVE Scan: IPA-IMAGE ------------ [root@nikhil-atomic-host-7 ~]# atomic scan --scanner openscap --scan_type cve rhel7/ipa-server docker run -t --rm -v /etc/localtime:/etc/localtime -v /run/atomic/2019-07-25-14-55-14-754765:/scanin -v /var/lib/atomic/openscap/2019-07-25-14-55-14-754765:/scanout:rw,Z -v /etc/oscapd:/etc/oscapd:ro registry.access.redhat.com/rhel7/openscap oscapd-evaluate scan --no-standard-compliance --targets chroots-in-dir:///scanin --output /scanout -j1 rhel7/ipa-server (7a59f8d4e569e6c) rhel7/ipa-server passed the scan Files associated with this scan are in /var/lib/atomic/openscap/2019-07-25-14-55-14-754765. SSSD-IMAGE ------------- [root@nikhil-atomic-host-7 ~]# atomic scan --scanner openscap --scan_type cve rhel7/sssd docker run -t --rm -v /etc/localtime:/etc/localtime -v /run/atomic/2019-07-25-14-56-19-990281:/scanin -v /var/lib/atomic/openscap/2019-07-25-14-56-19-990281:/scanout:rw,Z -v /etc/oscapd:/etc/oscapd:ro registry.access.redhat.com/rhel7/openscap oscapd-evaluate scan --no-standard-compliance --targets chroots-in-dir:///scanin --output /scanout -j1 rhel7/sssd (18820ca6d4d40a2) rhel7/sssd passed the scan Files associated with this scan are in /var/lib/atomic/openscap/2019-07-25-14-56-19-990281. B) Regressions Tests: ------------------------ 1. Verified that IPA-server is installed through ipa-container image. 2. Verified that IPA-replica is installed through ipa-container image. 3. Verified that klist command works both on ipa-server/ipa-replica configured through ipa-container image. 4. Verified that 2-way trust can be setup with windows AD with IPA-server configured through ipa-container image. 5. Verified that IPA-client(type1) configured with sssd-container image can be setup against this IPA-server. 6. Verified that IPA-client(type2) configured with sssd-container image can be setup against this IPA-server. 7. Verified that RHEL(rpm) IPA-client can be setup against this IPA-server. 8. Verified that RHEL(rpm) IPA-Replica can be setup against this IPA-server configured using ipa-container image. 9. Verified that sudo rules work for IPA-server installed through ipa-container image. 10. Verified that latest version of ipa-server is available with ipa-container image. 11. Verified that IPA-server is accessible when it is installed through ipa-docker image. 12. Verified that command ipa-adtrust-install is successful. 13. Verified that ipa-kra-install is successful. 14. Verified that ipa-vault-add, ipa vault-archive and ipa-retrieve run successfully. 15. Verified that SUBCA setup run successfully. 16. Verified that IPA-server/IPA-replica can be uninstalled. Thus on the basis of above observations, changing status to VERIFIED Correction: IPA-IMAGE: ipa-server-container-4.6.4-29 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:1927 *** Bug 1734119 has been marked as a duplicate of this bug. *** |