Bug 975431
Summary: | IPA PKI cannot publish CRL after upgrade | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Dmitri Pal <dpal> |
Component: | ipa | Assignee: | Tomas Babej <tbabej> |
Status: | CLOSED ERRATA | QA Contact: | Namita Soman <nsoman> |
Severity: | unspecified | Docs Contact: | |
Priority: | medium | ||
Version: | 6.4 | CC: | abokovoy, mkosek, pasteur, spoore |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | ipa-3.0.0-31.el6 | Doc Type: | Bug Fix |
Doc Text: |
Cause: The directory where Identity Management PKI publishes CRL exports (/var/lib/ipa/pki-ca/publish/) got incorrect ownership and permissions after ipa-server package reinstallation or upgrade.
Consequence: PKI was not able to update CRL in this directory until the ownership and permissions of the directory were manually amended.
Fix: IdM installer and upgrade script were fixed to handle the ownership and permission of the directory correctly.
Result: IdM PKI can publish CRL exports after ipa-server package reinstall or upgrade.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2013-11-21 20:53:53 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Dmitri Pal
2013-06-18 13:07:10 UTC
Re-assign to Tomas Babej. Fixed upstream: master: 7a105604e265222cf6f96b0ac060d4f1b2504b6c Change group ownership of CRL publish directory ipa-3-2: 1a5daf0dcfeeec26a3869bf7d278b93f9716163d Change group ownership of CRL publish directory Verified. Version :: ipa-server-3.0.0-34.el6.x86_64 Automated Test Results :: :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: Checking ipa_upgrade_bz975431 - IPA PKI cannot publish CRL after upgrade :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: drwxrwxr-x. 2 root pkiuser 4096 Sep 5 14:11 /var/lib/ipa/pki-ca/publish :: [ PASS ] :: Running 'ls -ld /var/lib/ipa/pki-ca/publish' (Expected 0, got 0) :: [ PASS ] :: BZ 975431 not found Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2013-1651.html |