1145333 – ipa-ldap-updater fails with org.fedorahosted.certmonger.request.bad_arg: Unrecognized property name.

Bug 1145333 - ipa-ldap-updater fails with org.fedorahosted.certmonger.request.bad_arg: Unrecognized property name.

Summary: ipa-ldap-updater fails with org.fedorahosted.certmonger.request.bad_arg: Unre...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	freeipa
Sub Component:
Version:	21
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Rob Crittenden
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2014-09-22 20:48 UTC by Lukas Bezdicka
Modified:	2014-11-25 03:07 UTC (History)
CC List:	6 users (show)
Fixed In Version:	freeipa-4.1.1-2.fc21
Clone Of:
Environment:
Last Closed:	2014-11-25 03:07:02 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Lukas Bezdicka 2014-09-22 20:48:22 UTC

Description of problem:
ipa-ldap-updater -u -d

ipa: DEBUG: stderr=
ipa.ipaserver.install.plugins.ca_renewal_master.update_ca_renewal_master: DEBUG: found certmonger request for ipaCert
ipa: DEBUG: Starting external process
ipa: DEBUG: args='/bin/systemctl' 'is-active' 'certmonger.service'
ipa: DEBUG: Process finished, return code=0
ipa: DEBUG: stdout=active

ipa: DEBUG: stderr=
ipa: ERROR: Upgrade failed with org.fedorahosted.certmonger.request.bad_arg: Unrecognized property name.
ipa: DEBUG: Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/ipaserver/install/upgradeinstance.py", line 145, in __upgrade
    self.modified = (ld.update(self.files, ordered=True) or
  File "/usr/lib/python2.7/site-packages/ipaserver/install/ldapupdate.py", line 874, in update
    updates = api.Backend.updateclient.update(POST_UPDATE, self.dm_password, self.ldapi, self.live_run)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/plugins/updateclient.py", line 123, in update
    (restart, apply_now, res) = self.run(update.name, **kw)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/plugins/updateclient.py", line 143, in run
    return self.Updater[method](**kw)
  File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 1399, in __call__
    return self.execute(**options)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/plugins/ca_renewal_master.py", line 63, in execute
    ca_name = certmonger.get_request_value(request_id, 'ca_name')
  File "/usr/lib/python2.7/site-packages/ipapython/certmonger.py", line 169, in get_request_value
    return request.prop_if.Get(DBUS_CM_REQUEST_IF, directive)
  File "/usr/lib/python2.7/site-packages/dbus/proxies.py", line 145, in __call__
    **keywords)
  File "/usr/lib/python2.7/site-packages/dbus/connection.py", line 651, in call_blocking
    message, timeout)
DBusException: org.fedorahosted.certmonger.request.bad_arg: Unrecognized property name.

ipa: DEBUG:   duration: 4 seconds
ipa: DEBUG:   [8/10]: stopping directory server

Version-Release number of selected component (if applicable):
freeipa-server-4.0.3-1.fc21.x86_64


Actual results:


Expected results:


Additional info:
[root@usata ~]# gdbus  introspect -r -y -o / --only-properties -d org.fedorahosted.certmonger | grep dogtag-ipa-renew-agent
                readonly s nickname = 'dogtag-ipa-renew-agent';
                readwrite s external-helper = '/usr/libexec/certmonger/dogtag-ipa-renew-agent-submit';

Comment 1 Rob Crittenden 2014-09-22 21:05:39 UTC

Interesting. This should be fixed by https://bugzilla.redhat.com/show_bug.cgi?id=1141331 specifically in 4.0.3-1.

Comment 2 Lukas Bezdicka 2014-09-23 09:38:09 UTC

Changing:
  File "/usr/lib/python2.7/site-packages/ipaserver/install/plugins/ca_renewal_master.py", line 63, in execute

-    ca_name = certmonger.get_request_value(request_id, 'ca_name')
+    ca_name = certmonger.get_request_value(request_id, 'nickname')

works as noted in output of dbus search.

Comment 3 Rob Crittenden 2014-09-23 13:15:02 UTC

I believe this is ticket https://fedorahosted.org/freeipa/ticket/4547

A more complete patch can be found at http://www.redhat.com/archives/freeipa-devel/2014-September/msg00368.html

Comment 4 Martin Kosek 2014-09-23 14:41:24 UTC

Rob is correct, we have just fixed in upstream git.

Comment 5 Martin Kosek 2014-09-23 14:42:05 UTC

Upstream fixes:

master:
f680a63158d172042c91537a1cb7f6f53766e2ad Fix certmonger code causing the ca_renewal_master update plugin to fail

ipa-4-1:
1a327cf42929919219c2f0bfa9b48eb2d0b039f4 Fix certmonger code causing the ca_renewal_master update plugin to fail

ipa-4-0:
26188d7610170ff2fb89b12cd63a0c698a2381cb Fix certmonger code causing the ca_renewal_master update plugin to fail

Comment 6 Fedora Update System 2014-10-23 08:32:30 UTC

freeipa-4.1.0-2.fc21 has been submitted as an update for Fedora 21.
https://admin.fedoraproject.org/updates/freeipa-4.1.0-2.fc21

Comment 7 Fedora Update System 2014-10-23 16:22:12 UTC

Package freeipa-4.1.0-2.fc21:
* should fix your issue,
* was pushed to the Fedora 21 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing freeipa-4.1.0-2.fc21'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2014-13547/freeipa-4.1.0-2.fc21
then log in and leave karma (feedback).

Comment 8 Fedora Update System 2014-11-21 13:55:50 UTC

freeipa-4.1.1-2.fc21 has been submitted as an update for Fedora 21.
https://admin.fedoraproject.org/updates/freeipa-4.1.1-2.fc21

Comment 9 Fedora Update System 2014-11-25 03:07:02 UTC

freeipa-4.1.1-2.fc21 has been pushed to the Fedora 21 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.