RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1266987 - Runtime dependency on python-nss is missing
Summary: Runtime dependency on python-nss is missing
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: pki-core
Version: 7.2
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: rc
: 7.3
Assignee: Matthew Harmsen
QA Contact: Asha Akkiangady
URL:
Whiteboard:
Depends On:
Blocks: 1267020
TreeView+ depends on / blocked
 
Reported: 2015-09-28 18:21 UTC by Roshni
Modified: 2020-10-04 21:03 UTC (History)
2 users (show)

Fixed In Version: pki-core-10.3.1-1.el7
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 1267020 (view as bug list)
Environment:
Last Closed: 2016-11-04 05:19:51 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github dogtagpki pki issues 2278 0 None None None 2020-10-04 21:03:51 UTC
Red Hat Product Errata RHBA-2016:2396 0 normal SHIPPED_LIVE pki-core bug fix and enhancement update 2016-11-03 13:55:03 UTC

Description Roshni 2015-09-28 18:21:33 UTC 
Description of problem:
Runtime dependency on python-nss is missing

Version-Release number of selected component (if applicable):
pki-ca-10.2.5-6.el7.noarch

How reproducible:
always

Steps to Reproduce:
1. pkispawn CA
2.[root@cisco-b22m3-01 ~]# pki-server subsystem-cert-find ca
Traceback (most recent call last):
  File "/usr/sbin/pki-server", line 28, in <module>
    import pki.server.cli.subsystem
  File "/usr/lib/python2.7/site-packages/pki/server/cli/subsystem.py", line 26, in <module>
    import nss.nss as nss
ImportError: No module named nss.nss
3.

Actual results:
yum install python-nss

[root@cisco-b22m3-01 ~]# pki-server
Usage: pki-server [OPTIONS]

  -v, --verbose                Run in verbose mode.
      --debug                  Show debug messages.
      --help                   Show help message.

Commands:
 ca                            CA management commands        
 instance                      Instance management commands  
 subsystem                     Subsystem management commands 
 migrate                       Migrate system                
 nuxwdog                       Nuxwdog related commands

Expected results:
pki-server command should be executable after CA packages are installed and pkispawn of CA

Additional info:
Comment 4 Matthew Harmsen 2016-01-07 01:22:01 UTC 
Per discussions in the RHEL 7.3 Triage meeting of 01/06/2016: priority high
Comment 5 Matthew Harmsen 2016-01-07 01:23:56 UTC 
Upstream ticket:
https://fedorahosted.org/pki/ticket/1720
Comment 6 Matthew Harmsen 2016-02-04 22:56:28 UTC 
Checked into DOGTAG_10_2_RHEL_BRANCH:
* 1c459dea5dafa15b467ea93ea160e4e960a4aa69

Checked into the following branches:

* master
  29801060fa86b6f196ef694c6672d909ea5336e4 

* DOGTAG_10_2_BRANCH
  58df7a061cd395cff29016e8d1efc3dafad91b4c 

* DOGTAG_10_2_6_BRANCH
  063944827690c47f1f1422e178b5b8729738ac3d
Comment 7 Mike McCune 2016-03-28 23:05:20 UTC 
This bug was accidentally moved from POST to MODIFIED via an error in automation, please see mmccune with any questions
Comment 9 Roshni 2016-08-09 15:01:52 UTC 
[root@auto-hv-02-guest02 ~]# rpm -qi pki-ca
Name        : pki-ca
Version     : 10.3.3
Release     : 5.el7
Architecture: noarch
Install Date: Tue 09 Aug 2016 09:19:45 AM EDT
Group       : System Environment/Daemons
Size        : 2430595
License     : GPLv2
Signature   : (none)
Source RPM  : pki-core-10.3.3-5.el7.src.rpm
Build Date  : Tue 09 Aug 2016 07:47:56 AM EDT
Build Host  : ppc-021.build.eng.bos.redhat.com
Relocations : (not relocatable)
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
Vendor      : Red Hat, Inc.
URL         : http://pki.fedoraproject.org/
Summary     : Certificate System - Certificate Authority

Verification steps

1. yum -y install pki-ca
2. pkispawn -s CA -f ca.cfg
3. [root@auto-hv-02-guest02 ~]# pki-server subsystem-cert-find ca -i topology-CA
-----------------
5 entries matched
-----------------
  Cert ID: signing
  Nickname: caSigningCert cert-topology-CA CA
  Token: Internal Key Storage Token

  Cert ID: ocsp_signing
  Nickname: ocspSigningCert cert-topology-CA CA
  Token: Internal Key Storage Token

  Cert ID: sslserver
  Nickname: Server-Cert cert-topology-CA
  Token: Internal Key Storage Token

  Cert ID: subsystem
  Nickname: subsystemCert cert-topology-CA
  Token: Internal Key Storage Token

  Cert ID: audit_signing
  Nickname: auditSigningCert cert-topology-CA CA
  Token: Internal Key Storage Token


[root@auto-hv-02-guest02 ~]# rpm -qi python-nss
Name        : python-nss
Version     : 0.16.0
Release     : 3.el7
Architecture: x86_64
Install Date: Tue 09 Aug 2016 09:07:58 AM EDT
Group       : Development/Languages
Size        : 924799
License     : MPLv2.0 or GPLv2+ or LGPLv2+
Signature   : RSA/SHA256, Wed 19 Aug 2015 05:15:19 AM EDT, Key ID 199e2f91fd431d51
Source RPM  : python-nss-0.16.0-3.el7.src.rpm
Build Date  : Mon 22 Jun 2015 10:25:23 AM EDT
Build Host  : x86-019.build.eng.bos.redhat.com
Relocations : (not relocatable)
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
Vendor      : Red Hat, Inc.
URL         : ftp://ftp.mozilla.org/pub/mozilla.org/security/python-nss
Summary     : Python bindings for Network Security Services (NSS)
Comment 11 errata-xmlrpc 2016-11-04 05:19:51 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-2396.html
Note You need to log in before you can comment on or make changes to this bug.