Bug 1178190 - pre and post commands do not display in getcert list
Summary: pre and post commands do not display in getcert list
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: certmonger
Version: 6.6
Hardware: Unspecified
OS: Unspecified
unspecified
high
Target Milestone: rc
: ---
Assignee: Jan Cholasta
QA Contact: Kaleem
URL:
Whiteboard:
Keywords:
Depends On:
Blocks: 1181022
TreeView+ depends on / blocked
 
Reported: 2015-01-02 19:00 UTC by Rob Crittenden
Modified: 2015-07-22 07:17 UTC (History)
4 users (show)

(edit)
Previously, the "getcert list" command did not display the "pre-save command" and "post-save command" values. As a consequence, running "getcert list" could return incomplete results. With this update, the problem has been fixed, and running "getcert list" displays the "pre-save command" and "post-save command" values as expected. (BZ#1178190)
Clone Of:
: 1181022 (view as bug list)
(edit)
Last Closed: 2015-07-22 07:17:38 UTC


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2015:1379 normal SHIPPED_LIVE certmonger bug fix and enhancement update 2015-07-20 17:58:28 UTC

Description Rob Crittenden 2015-01-02 19:00:49 UTC
Description of problem:

getcert list no longer displays the pre and post-save commands. The labels are there but not the contents. I confirmed that the values are there in /var/lib/certmonger/requests.


With version certmonger-0.61-3.el6:

Request ID '20150102143632':
        status: MONITORING
        stuck: no
        key pair storage: type=NSSDB,location='/etc/httpd/alias',nickname='Server-Cert',token='NSS Certificate DB',pinfile='/etc/httpd/alias/pwdfile.txt'
        certificate: type=NSSDB,location='/etc/httpd/alias',nickname='Server-Cert',token='NSS Certificate DB'
        CA: IPA
        issuer: CN=Certificate Authority,O=EXAMPLE.COM
        subject: CN=pacer.example.com,O=EXAMPLE.COM
        expires: 2017-01-02 14:36:32 UTC
        eku: id-kp-serverAuth,id-kp-clientAuth
        pre-save command: 
        post-save command: /usr/lib64/ipa/certmonger/restart_httpd
        track: yes
        auto-renew: yes

And certmonger-0.75.13-1.el6:

Request ID '20150102143632':
        status: MONITORING
        stuck: no
        key pair storage: type=NSSDB,location='/etc/httpd/alias',nickname='Server-Cert',token='NSS Certificate DB',pinfile='/etc/httpd/alias/pwdfile.txt'
        certificate: type=NSSDB,location='/etc/httpd/alias',nickname='Server-Cert',token='NSS Certificate DB'
        CA: IPA
        issuer: CN=Certificate Authority,O=EXAMPLE.COM
        subject: CN=pacer.example.com,O=EXAMPLE.COM
        expires: 2017-01-02 14:36:32 UTC
        key usage: digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment
        eku: id-kp-serverAuth,id-kp-clientAuth
        pre-save command: 
        post-save command: 
        track: yes
        auto-renew: yes

Version-Release number of selected component (if applicable):

certmonger-0.75.13-1.el6

Comment 6 Kaleem 2015-04-07 09:40:13 UTC
Verified.

Certmonger version:
-------------------
[root@dhcp207-188 ~]# rpm -q certmonger
certmonger-0.77.1-1.el6.x86_64
[root@dhcp207-188 ~]# 

Snip from automation log:
-------------------------

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: certmonger_bz1178190 - pre and post commands do not display in getcert list
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [  BEGIN   ] :: Creating tmp directory :: actually running 'TmpDir=`mktemp -d`'
:: [   PASS   ] :: Creating tmp directory (Expected 0, got 0)
:: [  BEGIN   ] :: running getcert to check pre/post commands in output :: actually running 'getcert list | grep command: > /tmp/tmp.jE9I8Pg81L/bz1178190.txt 2>&1'
:: [   PASS   ] :: running getcert to check pre/post commands in output (Expected 0, got 0)
:: [   PASS   ] :: File '/tmp/tmp.jE9I8Pg81L/bz1178190.txt' should contain 'pre-save command: /usr/lib64/ipa/certmonger/stop_pkicad' 
:: [   PASS   ] :: File '/tmp/tmp.jE9I8Pg81L/bz1178190.txt' should contain 'post-save command: /usr/lib64/ipa/certmonger/renew_ca_cert "auditSigningCert cert-pki-ca"' 
:: [  BEGIN   ] :: running getcert to check pre/post commands in output :: actually running 'grep _command /var/lib/certmonger/requests/* > /tmp/tmp.jE9I8Pg81L/bz1178190.txt 2>&1'
:: [   PASS   ] :: running getcert to check pre/post commands in output (Expected 0, got 0)
:: [   PASS   ] :: File '/tmp/tmp.jE9I8Pg81L/bz1178190.txt' should contain 'pre_certsave_command=/usr/lib64/ipa/certmonger/stop_pkicad' 
:: [   PASS   ] :: File '/tmp/tmp.jE9I8Pg81L/bz1178190.txt' should contain 'post_certsave_command=/usr/lib64/ipa/certmonger/renew_ca_cert "auditSigningCert cert-pki-ca"'

Comment 7 errata-xmlrpc 2015-07-22 07:17:38 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-1379.html


Note You need to log in before you can comment on or make changes to this bug.