Bug 1777764
| Summary: | [RFE ]ipactl status returns incorrect exit code issue when a service listed in ipactl is stopped | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Jayesh garg <jgarg> |
| Component: | ipa | Assignee: | Thomas Woerner <twoerner> |
| Status: | CLOSED ERRATA | QA Contact: | ipa-qe <ipa-qe> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | medium | ||
| Version: | 8.2 | CC: | frenaud, jgarg, ksiddiqu, pasik, pcech, rcritten, ssidhaye, tscherf, twoerner |
| Target Milestone: | rc | Keywords: | FutureFeature, Triaged |
| Target Release: | 8.0 | Flags: | pm-rhel:
mirror+
|
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | ipa-4.9.2-1 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-11-09 18:21:19 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
The issue has been fixed upstream (since release-4-9-2) and the exit codes updated, see the man page for ipactl:
----- 8< -----
All actions except status:
0 success
1 a generic error occurred
2 unknown or invalid argument(s)
4 user has insufficient privilege
6 IPA server is not configured
For the status action:
0 service is running
3 service is not running
4 service status is unknown (or unconfigured)
If not executed as root then the status action will return 4 for
insufficient privileges.
Some services are socket activated and may show as STOPPED by the status
action. These services include ipa-ods-exporter and ipa-otpd.
----- >8 -----
Fixed upstream:
master:
62521ed Change CA profile migration message from info to debug
daf2ca3 Use the new API introduced in PKI 10.8
928ab51 ipactl: support script status 3, program is not running
1870c93 Ensure IPA is running (ideally) before uninstalling the KRA
ed21787 Add exit status to the ipactl man page
8082a2d ipatests: Handle non-zero return code in test_ipactl_scenario_check
ipa-4-9:
b99bc2d Change CA profile migration message from info to debug
4d26ce5 Use the new API introduced in PKI 10.8
ddb5414 ipactl: support script status 3, program is not running
87ede26 Ensure IPA is running (ideally) before uninstalling the KRA
302f937 Add exit status to the ipactl man page
00226ad ipatests: Handle non-zero return code in test_ipactl_scenario_check
@Thomas:
I'm moving the BZ to POST but you will probably need to check in which build the fix was included and update the erratum / synchronize with QE.
>
> ipa-4-9:
>
> b99bc2d Change CA profile migration message from info to debug
> 4d26ce5 Use the new API introduced in PKI 10.8
> ddb5414 ipactl: support script status 3, program is not running
> 87ede26 Ensure IPA is running (ideally) before uninstalling the KRA
> 302f937 Add exit status to the ipactl man page
> 00226ad ipatests: Handle non-zero return code in
> test_ipactl_scenario_check
>
All of these have been added with release 4.9.2.
Build used for verification:
[root@ci-vm-10-0-137-160 ~]# rpm -q ipa-server ipa-server-dns
ipa-server-4.9.5-1.module+el8.5.0+11410+91a33fe4.x86_64
ipa-server-dns-4.9.5-1.module+el8.5.0+11410+91a33fe4.noarch
[root@ci-vm-10-0-137-160 ~]#
Test Steps:
[root@ci-vm-10-0-137-160 ~]# ipactl status
Directory Service: RUNNING
krb5kdc Service: RUNNING
kadmin Service: RUNNING
named Service: RUNNING
httpd Service: RUNNING
ipa-custodia Service: RUNNING
pki-tomcatd Service: RUNNING
ipa-otpd Service: RUNNING
ipa-dnskeysyncd Service: RUNNING
ipa: INFO: The ipactl command was successful
[root@ci-vm-10-0-137-160 ~]# systemctl status httpd; sleep 5; systemctl stop httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/httpd.service.d
└─ipa.conf
Active: active (running) since Fri 2021-07-02 09:45:28 EDT; 9min ago
Docs: man:httpd.service(8)
Main PID: 12157 (httpd)
Status: "Total requests: 5; Idle/Busy workers 100/0;Requests/sec: 0.0085; Bytes served/sec: 198 B/sec"
Tasks: 330 (limit: 11404)
Memory: 339.5M
CGroup: /system.slice/httpd.service
├─12157 /usr/sbin/httpd -DFOREGROUND
├─12162 /usr/sbin/httpd -DFOREGROUND
├─12163 (wsgi:kdcproxy) -DFOREGROUND
├─12164 (wsgi:kdcproxy) -DFOREGROUND
├─12165 (wsgi:ipa) -DFOREGROUND
├─12166 (wsgi:ipa) -DFOREGROUND
├─12167 (wsgi:ipa) -DFOREGROUND
├─12168 (wsgi:ipa) -DFOREGROUND
├─12169 /usr/sbin/httpd -DFOREGROUND
├─12170 /usr/sbin/httpd -DFOREGROUND
├─12171 /usr/sbin/httpd -DFOREGROUND
└─12536 /usr/sbin/httpd -DFOREGROUND
Jul 02 09:45:46 ci-vm-10-0-137-160.hosted.upshift.rdu2.redhat.com [12168]: GSSAPI client step 1
Jul 02 09:45:46 ci-vm-10-0-137-160.hosted.upshift.rdu2.redhat.com [12165]: GSSAPI client step 1
Jul 02 09:45:46 ci-vm-10-0-137-160.hosted.upshift.rdu2.redhat.com [12165]: GSSAPI client step 1
Jul 02 09:45:46 ci-vm-10-0-137-160.hosted.upshift.rdu2.redhat.com [12165]: GSSAPI client step 1
Jul 02 09:45:46 ci-vm-10-0-137-160.hosted.upshift.rdu2.redhat.com [12167]: GSSAPI client step 1
Jul 02 09:45:46 ci-vm-10-0-137-160.hosted.upshift.rdu2.redhat.com [12167]: GSSAPI client step 1
Jul 02 09:45:46 ci-vm-10-0-137-160.hosted.upshift.rdu2.redhat.com [12167]: GSSAPI client step 1
Jul 02 09:45:47 ci-vm-10-0-137-160.hosted.upshift.rdu2.redhat.com [12166]: GSSAPI client step 1
Jul 02 09:45:47 ci-vm-10-0-137-160.hosted.upshift.rdu2.redhat.com [12166]: GSSAPI client step 1
Jul 02 09:45:47 ci-vm-10-0-137-160.hosted.upshift.rdu2.redhat.com [12166]: GSSAPI client step 1
[root@ci-vm-10-0-137-160 ~]# ipactl status
Directory Service: RUNNING
krb5kdc Service: RUNNING
kadmin Service: RUNNING
named Service: RUNNING
httpd Service: STOPPED
ipa-custodia Service: RUNNING
pki-tomcatd Service: RUNNING
ipa-otpd Service: RUNNING
ipa-dnskeysyncd Service: RUNNING
1 service(s) are not running
[root@ci-vm-10-0-137-160 ~]# echo $?
3
[root@ci-vm-10-0-137-160 ~]# systemctl start httpd
[root@ci-vm-10-0-137-160 ~]# ipactl status
Directory Service: RUNNING
krb5kdc Service: RUNNING
kadmin Service: RUNNING
named Service: RUNNING
httpd Service: RUNNING
ipa-custodia Service: RUNNING
pki-tomcatd Service: RUNNING
ipa-otpd Service: RUNNING
ipa-dnskeysyncd Service: RUNNING
ipa: INFO: The ipactl command was successful
[root@ci-vm-10-0-137-160 ~]# echo $?
0
[root@ci-vm-10-0-137-160 ~]# ipactl blahblah
Unrecognized action [blahblah]
[root@ci-vm-10-0-137-160 ~]# echo $?
2
[root@ci-vm-10-0-137-160 ~]#
Based on above results marking Bugzilla verified
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (ipa bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2021:4230 |
Description of problem: ipactl status returns incorrect exit code issue when a service listed in ipactl is stopped Version-Release number of selected component (if applicable): ipa-server-4.8.2-2.module+el8.2.0+4736+360582ce.x86_64 How reproducible: Always Steps to Reproduce: 1.Setup IPA server 2.check the service status by ipactl status command 3.check the exit code 4.stop a service listed in ipactl, e.g using systemctl stop httpd 5.again check the status of service using ipactl status command 6.now check the exit code Actual results: Exit code:0 Expected results: Exit code:1 Additional info: [root@server ~]# ipactl status Directory Service: RUNNING krb5kdc Service: RUNNING kadmin Service: RUNNING named Service: RUNNING httpd Service: RUNNING ipa-custodia Service: RUNNING pki-tomcatd Service: RUNNING ipa-otpd Service: RUNNING ipa-dnskeysyncd Service: RUNNING ipa: INFO: The ipactl command was successful [root@server ~]# echo $? 0 [root@server ~]# [root@server ~]# systemctl stop httpd [root@server ~]# systemctl status httpd ● httpd.service - The Apache HTTP Server Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled) Drop-In: /etc/systemd/system/httpd.service.d └─ipa.conf Active: inactive (dead) Docs: man:httpd.service(8) Nov 27 17:13:22 server.demo.test systemd[1]: httpd.service: Succeeded. Nov 27 17:13:22 server.demo.test systemd[1]: Stopped The Apache HTTP Server. Nov 27 17:13:22 server.demo.test systemd[1]: Starting The Apache HTTP Server... Nov 27 17:13:23 server.demo.test ipa-httpd-kdcproxy[20224]: ipa: INFO: KDC proxy enabled Nov 27 17:13:23 server.demo.test ipa-httpd-kdcproxy[20224]: ipa-httpd-kdcproxy: INFO KDC proxy enabled Nov 27 17:13:23 server.demo.test httpd[20226]: Server configured, listening on: port 443, port 80 Nov 27 17:13:23 server.demo.test systemd[1]: Started The Apache HTTP Server. Nov 27 18:21:18 server.demo.test systemd[1]: Stopping The Apache HTTP Server... Nov 27 18:21:20 server.demo.test systemd[1]: httpd.service: Succeeded. Nov 27 18:21:20 server.demo.test systemd[1]: Stopped The Apache HTTP Server. [root@server ~]# [root@server ~]# ipactl status Directory Service: RUNNING krb5kdc Service: RUNNING kadmin Service: RUNNING named Service: RUNNING httpd Service: STOPPED ipa-custodia Service: RUNNING pki-tomcatd Service: RUNNING ipa-otpd Service: RUNNING ipa-dnskeysyncd Service: RUNNING ipa: INFO: The ipactl command was successful [root@server ~]# echo $? 0