| Summary: | ipactl status: non-root use gets bogus information and some error trace information | ||
|---|---|---|---|
| Product: | [Retired] freeIPA | Reporter: | Yi Zhang <yzhang> |
| Component: | ipa-server | Assignee: | Rob Crittenden <rcritten> |
| Status: | CLOSED ERRATA | QA Contact: | Chandrasekar Kannan <ckannan> |
| Severity: | low | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 2.0 | CC: | benl, dpal, jgalipea |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | freeipa-2.1.0-1.fc15 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2012-03-27 07:22:15 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
Didn't we already have this issue reported? Note that /sbin/service dirsrv status returns similar results: /etc/sysconfig/dirsrv: line 50: ulimit: open files: cannot modify limit: Operation not permitted dirsrv GREYOAK-COM is stopped dirsrv PKI-IPA is stopped /etc/sysconfig/dirsrv: line 50: ulimit: open files: cannot modify limit: Operation not permitted dirsrv GREYOAK-COM is stopped dirsrv PKI-IPA is stopped We can't really do much better than the underlying services. This is not a trace, it is just an ugly log message. master: aab27a76e2d847533aab7632c657aa88fdd86f7a Verified version: ipa-server-2.0.0-13.20110228T1743zgit99d6e08.el6.x86_64 -sh-4.1$ ipactl status You must be root to run ipactl. -sh-4.1$ echo $? 1 |
Description of problem: When run "ipactl status" as non-root user, I get the following output: [yi@works4me ~]$ ipactl status Directory Service: STOPPED Error retrieving list of services {'info': 'SASL EXTERNAL bind requires an SSL connection', 'desc': 'Inappropriate authentication'} Is IPA installed ? Failed to get list of services to probe status When I run same command as root (via sudo), I get the following: [yi@works4me ~]$ sudo ipactl status Directory Service: RUNNING KDC Service: RUNNING KPASSWD Service: RUNNING HTTP Service: RUNNING CA Service: RUNNING Personal opinion: (because I don't see a general guideline anywhere) 1. the status output for Directory server is wrong 2. error trace information shouldn't be there 3. should not ask "Is IPA installed" if there is permission problem Version-Release number of selected component (if applicable):freeipa-server-2.0-0.2011020119gitec59e61.fc14.i686 How reproducible: always Steps to Reproduce: 1. just run "ipactl status" as regular unix user