Bug 658591

Summary: certmonger cannot track 389-ds certificates
Product: Red Hat Enterprise Linux 6 Reporter: Nathan Kinder <nkinder>
Component: selinux-policyAssignee: Miroslav Grepl <mgrepl>
Status: CLOSED ERRATA QA Contact: Jenny Severance <jgalipea>
Severity: medium Docs Contact:
Priority: high    
Version: 6.1CC: borgan, dpal, dwalsh, florin, jgalipea, mgrepl, mmalik, nalin, nkinder, rcritten
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: selinux-policy-3.7.19-59.el6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 632736 Environment:
Last Closed: 2011-05-19 11:57:10 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 632736    
Bug Blocks: 576869, 639035, 642407, 658583, 658584    

Comment 1 Miroslav Grepl 2010-12-09 16:01:32 UTC 
Fixed in selinux-policy-3.7.19-59.el6
Comment 6 Jenny Severance 2011-03-08 21:04:16 UTC 
verified:
# /usr/bin/ipa-getcert start-tracking -d /etc/dirsrv/slapd-TESTRELM/ -n Server-Cert -p /etc/dirsrv/slapd-TESTRELM/pwdfile.txt
Request "20110308160650" modified.

# cat /var/log/audit/audit.log | audit2allow 

version:
certmonger-0.34-1.el6.x86_64
selinux-policy-3.7.19-73.el6.noarch
Comment 7 Jenny Severance 2011-03-08 21:08:01 UTC 
additional information:

Request ID '20110308160650':
	status: MONITORING
	stuck: no
	key pair storage: type=NSSDB,location='/etc/dirsrv/slapd-TESTRELM',nickname=Server-Cert,token='NSS Certificate DB',pinfile=/etc/dirsrv/slapd-TESTRELM/pwdfile.txt
	certificate: type=NSSDB,location='/etc/dirsrv/slapd-TESTRELM',nickname=Server-Cert,token='NSS Certificate DB'
	CA: IPA
	issuer: CN=Certificate Authority,O=TESTRELM
	subject: CN=jennyg1.testrelm,O=TESTRELM
	expires: 20110904160649
	eku: id-kp-serverAuth
	track: yes
	auto-renew: yes
Comment 8 errata-xmlrpc 2011-05-19 11:57:10 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-0526.html