Bug 504030
Summary: | pkisilent not setting security domain properties when creating a clone | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | [Retired] Dogtag Certificate System | Reporter: | Rob Crittenden <rcritten> | ||||||||
Component: | Installation Wizard | Assignee: | Ade Lee <alee> | ||||||||
Status: | CLOSED CURRENTRELEASE | QA Contact: | Chandrasekar Kannan <ckannan> | ||||||||
Severity: | medium | Docs Contact: | |||||||||
Priority: | medium | ||||||||||
Version: | 1.1 | CC: | aakkiang, alee, benl, jgalipea, jmagne, mharmsen | ||||||||
Target Milestone: | --- | ||||||||||
Target Release: | --- | ||||||||||
Hardware: | All | ||||||||||
OS: | Linux | ||||||||||
Whiteboard: | |||||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||||
Doc Text: | Story Points: | --- | |||||||||
Clone Of: | Environment: | ||||||||||
Last Closed: | 2012-06-04 20:31:15 UTC | Type: | --- | ||||||||
Regression: | --- | Mount Type: | --- | ||||||||
Documentation: | --- | CRM: | |||||||||
Verified Versions: | Category: | --- | |||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||
Embargoed: | |||||||||||
Bug Depends On: | |||||||||||
Bug Blocks: | 431020, 431022, 445047 | ||||||||||
Attachments: |
|
Description
Rob Crittenden
2009-06-03 21:03:20 UTC
Created attachment 346458 [details]
pkisilent invocation and output
We determined that this was caused by one of my machines being behind a NAT and the hostname and IP address not lining up. This case should either be handled gracefully (e.g. allowed, why does CS care what the IP address is) or a proper error message disclosed. On looking at the log, the problem is actually that the port was not passed in as expected from the command line. We expect the port to be passed in as -sd_admin_port. It isn't passed in and so the port is <null>. Maybe it makes sense to add better error handling for command line parameter parsing. Created attachment 375817 [details]
patch to 8.1 branch to fix 510774, 531162, 504030, 493418
Created attachment 375819 [details]
patch to tip to fix 510774, 531162, 504030, 493418
Attachments id=375817 id=375819 jmagne+ With caveat of checking for an empty string in the function: checkRequireArgs. Checked into tip: [builder@dhcp231-70 silent]$ svn ci -m "fixes for BZ 510774,531162,504030, 493418" Sending silent/scripts/pkisilent Sending silent/src/argparser/ArgParser.java Sending silent/src/ca/ConfigureCA.java Sending silent/src/common/ComCrypto.java Sending silent/src/drm/ConfigureDRM.java Sending silent/src/ocsp/ConfigureOCSP.java Sending silent/src/subca/ConfigureSubCA.java Sending silent/src/tks/ConfigureTKS.java Sending silent/src/tps/ConfigureTPS.java Transmitting file data ......... Committed revision 877. Checked into 8.1 [builder@oliver silent]$ svn ci -m "fixes for BZ 510774,531162, 504030, 493418" Sending silent/scripts/pkisilent Sending silent/src/argparser/ArgParser.java Sending silent/src/ca/ConfigureCA.java Sending silent/src/drm/ConfigureDRM.java Sending silent/src/ocsp/ConfigureOCSP.java Sending silent/src/subca/ConfigureSubCA.java Sending silent/src/tks/ConfigureTKS.java Sending silent/src/tps/ConfigureTPS.java Transmitting file data ........ Committed revision 878. Note to QE/ Docs: The problem here was that Rob forgot to include the required parameter: -sd_admin_port. The fix introduced here is as follows: 1. After pkisilent has parsed its command line arguments, it will check to see if any required arguments are missing. If so, it will specify which one (the first one it encounters) is missing and exit. 2. You can always view the parameters that are required by doing pkisilent -help The parameters that are optional (in general) have the string (optional ...) in the description. In fact, this is the tag I look for to see if the parameter is optional or not. All parameters without this tag are required. Docs should make a note of this. So, QE should confirm that this does not break their current scripts - and that the optional parameters are in fact correct. The current QE scripts works fine with the pkisilent fixes. The 'pkisilent -help' specify the required and optional parameters. Marking the bug verified. |