Bug 2151865
| Summary: | dscreate tries to relabel directories for non-root instance | ||
|---|---|---|---|
| Product: | Red Hat Directory Server | Reporter: | Viktor Ashirov <vashirov> |
| Component: | 389-ds-base | Assignee: | Pierre Rogier <progier> |
| Status: | CLOSED ERRATA | QA Contact: | LDAP QA Team <idm-ds-qe-bugs> |
| Severity: | high | Docs Contact: | Zuzana Zoubkova <zzoubkov> |
| Priority: | high | ||
| Version: | 12.1 | CC: | bsmejkal, emartyny, idm-ds-dev-bugs, mreynolds, pasik, progier, tbordaz |
| Target Milestone: | DS12.1 | Keywords: | Triaged |
| Target Release: | dirsrv-12.1 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | sync-to-jira | ||
| Fixed In Version: | redhat-ds-12-9010020230314160305.1674d574 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2023-06-06 13:05:45 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Viktor Ashirov
2022-12-08 11:38:53 UTC
It is a template issue: Should disable selinux when creating the instance Should also select port that can be open by the user A correct template would be: [general] selinux = False [slapd] instance_name = localhost root_password = password port = 1389 secure_port = 1636 [backend-userroot] create_suffix_entry = True sample_entries = yes suffix = dc=example,dc=com Now it may also be interesting to see if we can change dscreate interactive/from-template default values when the user is not root Even with selinux = True in the template we should check for selinux_present(). Problem occurs in interactive mode too. You did fix this in https://github.com/389ds/389-ds-base/blob/a8ae34212fb0f3f8a79b1d1342d5641e65883d0b/src/lib389/lib389/instance/setup.py#L949, so we should backport it too. The fix [1] for that BZ came along [2] [1] https://github.com/389ds/389-ds-base/blob/a8ae34212fb0f3f8a79b1d1342d5641e65883d0b/src/lib389/lib389/instance/setup.py#L949 [2] https://github.com/389ds/389-ds-base/issues/4592 ============================================================================================================ test session starts =============================================================================================================
platform linux -- Python 3.9.14, pytest-7.3.1, pluggy-0.13.1 -- /usr/bin/python3
cachedir: .pytest_cache
metadata: {'Python': '3.9.14', 'Platform': 'Linux-5.14.0-162.23.1.el9_1.x86_64-x86_64-with-glibc2.34', 'Packages': {'pytest': '7.3.1', 'pluggy': '0.13.1'}, 'Plugins': {'metadata': '3.0.0', 'html': '3.2.0', 'libfaketime': '0.1.2', 'flaky': '3.7.0'}}
389-ds-base: 2.1.8-1.module+el9dsrv+18377+a10e6f72
nss: 3.79.0-17.el9_1
nspr: 4.34.0-17.el9_1
openldap: 2.6.2-3.el9
cyrus-sasl: 2.1.27-20.el9
FIPS: disabled
rootdir: /mnt/tests/rhds/tests/upstream/ds/dirsrvtests
configfile: pytest.ini
plugins: metadata-3.0.0, html-3.2.0, libfaketime-0.1.2, flaky-3.7.0
collected 7 items
dirsrvtests/tests/suites/setup_ds/dscreate_test.py::test_setup_ds_minimal_dry PASSED [ 14%]
dirsrvtests/tests/suites/setup_ds/dscreate_test.py::test_setup_ds_minimal PASSED [ 28%]
dirsrvtests/tests/suites/setup_ds/dscreate_test.py::test_setup_ds_custom_db_dir PASSED [ 42%]
dirsrvtests/tests/suites/setup_ds/dscreate_test.py::test_setup_ds_as_non_root PASSED [ 57%]
dirsrvtests/tests/suites/setup_ds/dscreate_test.py::test_setup_ds_as_non_root_with_non_canonic_paths PASSED [ 71%]
dirsrvtests/tests/suites/setup_ds/dscreate_test.py::test_setup_ds_as_non_root_with_default_options PASSED [ 85%]
dirsrvtests/tests/suites/setup_ds/dscreate_test.py::test_dscreate_non_root_defaults PASSED [100%]
================================================================================================= 7 passed, 2 warnings in 115.82s (0:01:55) ==================================================================================================
Marking as VERIFIED.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: redhat-ds:12 security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2023:3489 |