1178190 – pre and post commands do not display in getcert list

Bug 1178190 - pre and post commands do not display in getcert list

Summary: pre and post commands do not display in getcert list

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	certmonger
Sub Component:
Version:	6.6
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	high
Target Milestone:	rc
Target Release:	---
Assignee:	Jan Cholasta
QA Contact:	Kaleem
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1181022
TreeView+	depends on / blocked

Reported:	2015-01-02 19:00 UTC by Rob Crittenden
Modified:	2015-07-22 07:17 UTC (History)
CC List:	4 users (show)
Fixed In Version:	certmonger-0.77.1-1.el6
Doc Type:	Bug Fix
Doc Text:	Previously, the "getcert list" command did not display the "pre-save command" and "post-save command" values. As a consequence, running "getcert list" could return incomplete results. With this update, the problem has been fixed, and running "getcert list" displays the "pre-save command" and "post-save command" values as expected. (BZ#1178190)
Clone Of:
Clones:	1181022 (view as bug list)
Environment:
Last Closed:	2015-07-22 07:17:38 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2015:1379	0	normal	SHIPPED_LIVE	certmonger bug fix and enhancement update	2015-07-20 17:58:28 UTC

Description Rob Crittenden 2015-01-02 19:00:49 UTC

Description of problem:

getcert list no longer displays the pre and post-save commands. The labels are there but not the contents. I confirmed that the values are there in /var/lib/certmonger/requests.


With version certmonger-0.61-3.el6:

Request ID '20150102143632':
        status: MONITORING
        stuck: no
        key pair storage: type=NSSDB,location='/etc/httpd/alias',nickname='Server-Cert',token='NSS Certificate DB',pinfile='/etc/httpd/alias/pwdfile.txt'
        certificate: type=NSSDB,location='/etc/httpd/alias',nickname='Server-Cert',token='NSS Certificate DB'
        CA: IPA
        issuer: CN=Certificate Authority,O=EXAMPLE.COM
        subject: CN=pacer.example.com,O=EXAMPLE.COM
        expires: 2017-01-02 14:36:32 UTC
        eku: id-kp-serverAuth,id-kp-clientAuth
        pre-save command: 
        post-save command: /usr/lib64/ipa/certmonger/restart_httpd
        track: yes
        auto-renew: yes

And certmonger-0.75.13-1.el6:

Request ID '20150102143632':
        status: MONITORING
        stuck: no
        key pair storage: type=NSSDB,location='/etc/httpd/alias',nickname='Server-Cert',token='NSS Certificate DB',pinfile='/etc/httpd/alias/pwdfile.txt'
        certificate: type=NSSDB,location='/etc/httpd/alias',nickname='Server-Cert',token='NSS Certificate DB'
        CA: IPA
        issuer: CN=Certificate Authority,O=EXAMPLE.COM
        subject: CN=pacer.example.com,O=EXAMPLE.COM
        expires: 2017-01-02 14:36:32 UTC
        key usage: digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment
        eku: id-kp-serverAuth,id-kp-clientAuth
        pre-save command: 
        post-save command: 
        track: yes
        auto-renew: yes

Version-Release number of selected component (if applicable):

certmonger-0.75.13-1.el6

Comment 6 Kaleem 2015-04-07 09:40:13 UTC

Verified.

Certmonger version:
-------------------
[root@dhcp207-188 ~]# rpm -q certmonger
certmonger-0.77.1-1.el6.x86_64
[root@dhcp207-188 ~]# 

Snip from automation log:
-------------------------

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: certmonger_bz1178190 - pre and post commands do not display in getcert list
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [  BEGIN   ] :: Creating tmp directory :: actually running 'TmpDir=`mktemp -d`'
:: [   PASS   ] :: Creating tmp directory (Expected 0, got 0)
:: [  BEGIN   ] :: running getcert to check pre/post commands in output :: actually running 'getcert list | grep command: > /tmp/tmp.jE9I8Pg81L/bz1178190.txt 2>&1'
:: [   PASS   ] :: running getcert to check pre/post commands in output (Expected 0, got 0)
:: [   PASS   ] :: File '/tmp/tmp.jE9I8Pg81L/bz1178190.txt' should contain 'pre-save command: /usr/lib64/ipa/certmonger/stop_pkicad' 
:: [   PASS   ] :: File '/tmp/tmp.jE9I8Pg81L/bz1178190.txt' should contain 'post-save command: /usr/lib64/ipa/certmonger/renew_ca_cert "auditSigningCert cert-pki-ca"' 
:: [  BEGIN   ] :: running getcert to check pre/post commands in output :: actually running 'grep _command /var/lib/certmonger/requests/* > /tmp/tmp.jE9I8Pg81L/bz1178190.txt 2>&1'
:: [   PASS   ] :: running getcert to check pre/post commands in output (Expected 0, got 0)
:: [   PASS   ] :: File '/tmp/tmp.jE9I8Pg81L/bz1178190.txt' should contain 'pre_certsave_command=/usr/lib64/ipa/certmonger/stop_pkicad' 
:: [   PASS   ] :: File '/tmp/tmp.jE9I8Pg81L/bz1178190.txt' should contain 'post_certsave_command=/usr/lib64/ipa/certmonger/renew_ca_cert "auditSigningCert cert-pki-ca"'

Comment 7 errata-xmlrpc 2015-07-22 07:17:38 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-1379.html

Note You need to log in before you can comment on or make changes to this bug.