Bug 1259848 - server closes connection and refuses commands after deleting user that is still logged in
server closes connection and refuses commands after deleting user that is sti...
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: ipa (Show other bugs)
7.2
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: IPA Maintainers
Namita Soman
: Regression
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-09-03 11:46 EDT by Petr Vobornik
Modified: 2015-11-19 07:06 EST (History)
5 users (show)

See Also:
Fixed In Version: ipa-4.2.0-9.el7
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-11-19 07:06:18 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
internal_server_error (2.21 KB, text/plain)
2015-09-14 06:03 EDT, Abhijeet Kasurde
no flags Details

  None (edit)
Description Petr Vobornik 2015-09-03 11:46:52 EDT
This bug is created as a clone of upstream ticket:
https://fedorahosted.org/freeipa/ticket/5268

VERSION: 4.2.90.201508241517GITb202afb, API_VERSION: 2.152

{{{
[root@freeipabox ~]# ipa user-add --first=Foo --last=Bar --homedir=/home/foobar --password foobar
Password: 
Enter Password again to verify: 
-------------------
Added user "foobar"
-------------------
  User login: foobar
  First name: Foo
  Last name: Bar
  Full name: Foo Bar
  Display name: Foo Bar
  Initials: FB
  Home directory: /home/foobar
  GECOS: Foo Bar
  Login shell: /bin/sh
  Kerberos principal: foobar@ABC.EXAMPLE.COM
  Email address: foobar@abc.example.com
  UID: 1025000046
  GID: 1025000046
  Password: True
  Member of groups: ipausers
  Kerberos keys available: True


-sh-4.3$ whoami
foobar
-sh-4.3$ ipa vault-find
----------------
0 vaults matched
----------------
----------------------------
Number of entries returned 0
----------------------------


[root@freeipabox ~]# ipa user-del foobar
---------------------
Deleted user "foobar"
---------------------
[root@freeipabox ~]# ipa user-show foobar
ipa: ERROR: foobar: user not found
[root@freeipabox ~]# id foobar
uid=1025000046(foobar) gid=1025000046(foobar) groups=1025000046(foobar)


-sh-4.3$ ipa vault-find
ipa: ERROR: Insufficient access: SASL(-14): authorization failure: Invalid credentials
-sh-4.3$ cd
-sh-4.3$ pwd
/home/foobar
-sh-4.3$ ls
-sh-4.3$ ipa user-find
ipa: ERROR: Can't connect to server: Already connected


[root@freeipabox ~]# ipa user-find
ipa: ERROR: cannot connect to 'https://freeipabox.abc.example.com/ipa/session/json': Internal Server Error


-sh-4.3$ exit
logout
Connection to 192.168.1.1 closed.


[root@freeipabox ~]# ipa user-find
ipa: ERROR: cannot connect to 'https://freeipabox.abc.example.com/ipa/session/json': Internal Server Error
[root@freeipabox ~]# ipa vault-find
ipa: ERROR: cannot connect to 'https://freeipabox.abc.example.com/ipa/session/json': Internal Server Error
# after some time
[root@freeipabox ~]# ipa vault-find
ipa: ERROR: Can't connect to server: Already connected
[root@freeipabox ~]# ipa user-find
ipa: ERROR: Can't connect to server: Already connected
[root@freeipabox ~]# ipa config-show
ipa: ERROR: Can't connect to server: Already connected

# make it working again
[root@freeipabox ~]# systemctl restart ipa
[root@freeipabox ~]# ipa config-show
  Maximum username length: 32
  Home directory base: /home
  Default shell: /bin/sh
  Default users group: ipausers
- SNIP -
[root@freeipabox ~]# ipa vault-find
----------------
0 vaults matched
----------------
----------------------------
Number of entries returned 0
----------------------------
}}}
Comment 5 Abhijeet Kasurde 2015-09-14 06:03:08 EDT
Created attachment 1073169 [details]
internal_server_error
Comment 6 Abhijeet Kasurde 2015-09-14 06:04:28 EDT
Verified fix using IPA server - ipa-server-4.2.0-9.el7.x86_64

Marking bug as verified.
Comment 7 errata-xmlrpc 2015-11-19 07:06:18 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-2362.html

Note You need to log in before you can comment on or make changes to this bug.