Bug 1274470 - ipsilon-server-install uninstall aborted unable to find domain if installed with ipa=no
ipsilon-server-install uninstall aborted unable to find domain if installed w...
Status: CLOSED WONTFIX
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: ipsilon (Show other bugs)
7.2
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: Rob Crittenden
Namita Soman
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-10-22 15:10 EDT by Scott Poore
Modified: 2016-11-23 06:17 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-11-23 06:17:25 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Scott Poore 2015-10-22 15:10:48 EDT
Description of problem:

I installed an ipsilon IdP server with --ipa=no.  Now, I'm trying to uninstall and I'm seeing an error:

[root@rhel7-2 ~]# ipsilon-server-install --uninstall
Uninstallation initiated
Are you certain you want to erase instance idp [yes/NO]: yes
Removing environment helpers
Removing login managers
Removing Info providers
'domains'
Traceback (most recent call last):
  File "/usr/sbin/ipsilon-server-install", line 438, in <module>
    uninstall(fplugins, opts)
  File "/usr/sbin/ipsilon-server-install", line 274, in uninstall
    if plugin.unconfigure(args, plugin_changes) == False:
  File "/usr/lib/python2.7/site-packages/ipsilon/info/infosssd.py", line 253, in unconfigure
    for domain in changes['domains']:
KeyError: 'domains'
Uninstallation aborted.
See log file /var/log/ipsilon-install.log for details
[root@rhel7-2 ~]# 


Version-Release number of selected component (if applicable):
ipsilon-1.0.0-12.el7.noarch

How reproducible:
always

Steps to Reproduce:
1.  ipsilon-server-install --ipa=no --form=yes
2.  ipsilon-server-install --uninstall

Actual results:
fails as above

Expected results:
uninstalls IDP instance

Additional info:

ipsilon-install.log:
[2015-10-22 14:07:52,510] Installation arguments:
[2015-10-22 14:07:52,510] admin_dburi: None
[2015-10-22 14:07:52,510] admin_user: admin
[2015-10-22 14:07:52,510] cleanup_interval: 30
[2015-10-22 14:07:52,510] config_profile: None
[2015-10-22 14:07:52,510] database_url: sqlite:///%(datadir)s/%(dbname)s.sqlite
[2015-10-22 14:07:52,510] form: no
[2015-10-22 14:07:52,510] form_service: remote
[2015-10-22 14:07:52,510] gssapi: no
[2015-10-22 14:07:52,510] gssapi_httpd_keytab: /etc/httpd/conf/http.keytab
[2015-10-22 14:07:52,510] hostname: rhel7-2.example.com
[2015-10-22 14:07:52,510] info_nss: no
[2015-10-22 14:07:52,510] info_sssd: no
[2015-10-22 14:07:52,510] info_sssd_domain: None
[2015-10-22 14:07:52,510] instance: idp
[2015-10-22 14:07:52,510] ipa: auto
[2015-10-22 14:07:52,510] lm_order: None
[2015-10-22 14:07:52,510] saml2: yes
[2015-10-22 14:07:52,511] saml2_metadata_validity: 1825
[2015-10-22 14:07:52,511] saml2_session_dburl: None
[2015-10-22 14:07:52,511] samlsessions_dburi: None
[2015-10-22 14:07:52,511] secure: yes
[2015-10-22 14:07:52,511] server_debugging: False
[2015-10-22 14:07:52,511] system_user: ipsilon
[2015-10-22 14:07:52,511] testauth: no
[2015-10-22 14:07:52,511] transaction_dburi: None
[2015-10-22 14:07:52,511] uninstall: True
[2015-10-22 14:07:52,511] users_dburi: None
[2015-10-22 14:07:52,511] yes: False
[2015-10-22 14:07:52,511] Uninstallation initiated
[2015-10-22 14:07:53,997] Removing environment helpers
[2015-10-22 14:07:53,997] Removing login managers
[2015-10-22 14:07:53,997] Removing Info providers
[2015-10-22 14:07:54,003] 'domains'
Traceback (most recent call last):
  File "/usr/sbin/ipsilon-server-install", line 438, in <module>
    uninstall(fplugins, opts)
  File "/usr/sbin/ipsilon-server-install", line 274, in uninstall
    if plugin.unconfigure(args, plugin_changes) == False:
  File "/usr/lib/python2.7/site-packages/ipsilon/info/infosssd.py", line 253, in unconfigure
    for domain in changes['domains']:
KeyError: 'domains'
[2015-10-22 14:07:54,003] Uninstallation aborted.
[2015-10-22 14:07:54,003] See log file /var/log/ipsilon-install.log for details
Comment 1 Scott Poore 2015-10-22 15:12:45 EDT
FYI, it looks like as a workaround, I can re-run install to add options and then re-run uninstall:


[root@rhel7-2 ~]#   ipsilon-server-install --ipa=yes --form=yes --info-sssd=yes
Installation initiated
Installing default config files
Configuring environment helpers
Searching for keytab in: /etc/httpd/conf/http.keytab... Found!
Configuring login managers
Configuring Info provider
Configured SSSD domain example.com
Redirecting to /bin/systemctl restart  sssd.service
Configuring Authentication Providers
Generating a 2048 bit RSA private key
..+++
.....................................................................................................................................................+++
writing new private key to '/var/lib/ipsilon/idp/saml2/idp.key'
-----
Installation complete.
Please restart HTTPD to enable the IdP instance.
[root@rhel7-2 ~]# ipsilon-server-install --uninstall
Uninstallation initiated
Are you certain you want to erase instance idp [yes/NO]: yes
Removing environment helpers
Removing login managers
Removing Info providers
Redirecting to /bin/systemctl restart  sssd.service
Removing Authentication Providers
Removing httpd configuration
Erasing instance configuration
Erasing instance data
Uninstalled instance idp
Uninstallation complete.
Comment 3 Nathan Kinder 2015-11-02 12:02:14 EST
Upstream ticket:
https://fedorahosted.org/ipsilon/ticket/199
Comment 5 Martin Kosek 2016-11-23 06:17:25 EST
Red Hat Enterprise Linux 7.2 introduced the Ipsilon identity provider service for federated single sign-on (SSO). Subsequently, Red Hat has released Red Hat Single Sign-On as a web SSO solution based on the Keycloak community project. Red Hat Single Sign-On provides greater capabilities than Ipsilon and is designated as the standard web SSO solution across the Red Hat product portfolio.

Therefore, as mentioned in the RHEL-7.3 Release Notes:
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.3_Release_Notes/chap-Red_Hat_Enterprise_Linux-7.3_Release_Notes-Deprecated_Functionality.html
Ipsilon is now obsolete in RHEL and all existing Ipsilon users are recommended to migrate to Red Hat SSO product:
https://access.redhat.com/products/red-hat-single-sign-on
Please approach the Customer Service for advice.

Given above, this Bugzilla is now closed as WONTFIX.

Note You need to log in before you can comment on or make changes to this bug.