Bug 962986
| Summary: | ipa-server-install crashes if DM Password contains a % character | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Joel <jdy> |
| Component: | pki-ca | Assignee: | Orphan Owner <extras-orphan> |
| Status: | CLOSED DUPLICATE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 18 | CC: | abokovoy, dennis, extras-orphan, kwright, mharmsen, mkosek, nkinder, rcritten, ssorce |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2013-10-10 18:52:01 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
This was recently fixed upstream in Dogtag (though it's not yet available in a build). I'm closing this as a duplicate of the bug where this is being handled since there is more info there. *** This bug has been marked as a duplicate of bug 953488 *** |
Description of problem: When running ipa-server-install and setting the DM password to contain a % character, the install crashes on step: Done configuring directory server (dirsrv). Configuring certificate server (pki-tomcatd): Estimated time 3 minutes 30 seconds [1/20]: creating certificate server user [2/20]: configuring certificate server instance ipa : CRITICAL failed to configure ca instance Command '/usr/sbin/pkispawn -s CA -f /tmp/tmpDCzrue' returned non-zero exit status 1 Configuration of CA failed Looking in /var/log/ipaserver-install.log, one can see that it is crashing on the % character in the password: 2013-05-14T15:51:34Z DEBUG stderr=Traceback (most recent call last): File "/usr/sbin/pkispawn", line 419, in <module> main(sys.argv) File "/usr/sbin/pkispawn", line 319, in main parser.compose_pki_master_dictionary() File "/usr/lib/python2.7/site-packages/pki/deployment/pkiparser.py", line 454, in compose_pki_master_dictionary self.flatten_master_dict() File "/usr/lib/python2.7/site-packages/pki/deployment/pkiparser.py", line 350, in flatten_master_dict subsystem_dict = dict(self.pki_config.items(config.pki_subsystem)) File "/usr/lib64/python2.7/ConfigParser.py", line 655, in items for option in options] File "/usr/lib64/python2.7/ConfigParser.py", line 691, in _interpolate self._interpolate_some(option, L, rawval, section, vars, 1) File "/usr/lib64/python2.7/ConfigParser.py", line 732, in _interpolate_some "'%%' must be followed by '%%' or '(', found: %r" % (rest,)) ConfigParser.InterpolationSyntaxError: '%' must be followed by '%' or '(', found: '%restofpassword' Version-Release number of selected component (if applicable): freeipa-server-selinux-3.1.3-5.fc18.x86_64 freeipa-python-3.1.3-5.fc18.x86_64 freeipa-server-3.1.3-5.fc18.x86_64 freeipa-server-trust-ad-3.1.3-5.fc18.x86_64 freeipa-admintools-3.1.3-5.fc18.x86_64 freeipa-client-3.1.3-5.fc18.x86_64 How reproducible: Set DM Password to contain a % character. User entered strings should be better escaped.