Bug 1274470 - ipsilon-server-install uninstall aborted unable to find domain if installed with ipa=no
Summary: ipsilon-server-install uninstall aborted unable to find domain if installed w...
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: ipsilon
Version: 7.2
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Rob Crittenden
QA Contact: Namita Soman
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-10-22 19:10 UTC by Scott Poore
Modified: 2016-11-23 11:17 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-11-23 11:17:25 UTC


Attachments (Terms of Use)

Description Scott Poore 2015-10-22 19:10:48 UTC
Description of problem:

I installed an ipsilon IdP server with --ipa=no.  Now, I'm trying to uninstall and I'm seeing an error:

[root@rhel7-2 ~]# ipsilon-server-install --uninstall
Uninstallation initiated
Are you certain you want to erase instance idp [yes/NO]: yes
Removing environment helpers
Removing login managers
Removing Info providers
'domains'
Traceback (most recent call last):
  File "/usr/sbin/ipsilon-server-install", line 438, in <module>
    uninstall(fplugins, opts)
  File "/usr/sbin/ipsilon-server-install", line 274, in uninstall
    if plugin.unconfigure(args, plugin_changes) == False:
  File "/usr/lib/python2.7/site-packages/ipsilon/info/infosssd.py", line 253, in unconfigure
    for domain in changes['domains']:
KeyError: 'domains'
Uninstallation aborted.
See log file /var/log/ipsilon-install.log for details
[root@rhel7-2 ~]# 


Version-Release number of selected component (if applicable):
ipsilon-1.0.0-12.el7.noarch

How reproducible:
always

Steps to Reproduce:
1.  ipsilon-server-install --ipa=no --form=yes
2.  ipsilon-server-install --uninstall

Actual results:
fails as above

Expected results:
uninstalls IDP instance

Additional info:

ipsilon-install.log:
[2015-10-22 14:07:52,510] Installation arguments:
[2015-10-22 14:07:52,510] admin_dburi: None
[2015-10-22 14:07:52,510] admin_user: admin
[2015-10-22 14:07:52,510] cleanup_interval: 30
[2015-10-22 14:07:52,510] config_profile: None
[2015-10-22 14:07:52,510] database_url: sqlite:///%(datadir)s/%(dbname)s.sqlite
[2015-10-22 14:07:52,510] form: no
[2015-10-22 14:07:52,510] form_service: remote
[2015-10-22 14:07:52,510] gssapi: no
[2015-10-22 14:07:52,510] gssapi_httpd_keytab: /etc/httpd/conf/http.keytab
[2015-10-22 14:07:52,510] hostname: rhel7-2.example.com
[2015-10-22 14:07:52,510] info_nss: no
[2015-10-22 14:07:52,510] info_sssd: no
[2015-10-22 14:07:52,510] info_sssd_domain: None
[2015-10-22 14:07:52,510] instance: idp
[2015-10-22 14:07:52,510] ipa: auto
[2015-10-22 14:07:52,510] lm_order: None
[2015-10-22 14:07:52,510] saml2: yes
[2015-10-22 14:07:52,511] saml2_metadata_validity: 1825
[2015-10-22 14:07:52,511] saml2_session_dburl: None
[2015-10-22 14:07:52,511] samlsessions_dburi: None
[2015-10-22 14:07:52,511] secure: yes
[2015-10-22 14:07:52,511] server_debugging: False
[2015-10-22 14:07:52,511] system_user: ipsilon
[2015-10-22 14:07:52,511] testauth: no
[2015-10-22 14:07:52,511] transaction_dburi: None
[2015-10-22 14:07:52,511] uninstall: True
[2015-10-22 14:07:52,511] users_dburi: None
[2015-10-22 14:07:52,511] yes: False
[2015-10-22 14:07:52,511] Uninstallation initiated
[2015-10-22 14:07:53,997] Removing environment helpers
[2015-10-22 14:07:53,997] Removing login managers
[2015-10-22 14:07:53,997] Removing Info providers
[2015-10-22 14:07:54,003] 'domains'
Traceback (most recent call last):
  File "/usr/sbin/ipsilon-server-install", line 438, in <module>
    uninstall(fplugins, opts)
  File "/usr/sbin/ipsilon-server-install", line 274, in uninstall
    if plugin.unconfigure(args, plugin_changes) == False:
  File "/usr/lib/python2.7/site-packages/ipsilon/info/infosssd.py", line 253, in unconfigure
    for domain in changes['domains']:
KeyError: 'domains'
[2015-10-22 14:07:54,003] Uninstallation aborted.
[2015-10-22 14:07:54,003] See log file /var/log/ipsilon-install.log for details

Comment 1 Scott Poore 2015-10-22 19:12:45 UTC
FYI, it looks like as a workaround, I can re-run install to add options and then re-run uninstall:


[root@rhel7-2 ~]#   ipsilon-server-install --ipa=yes --form=yes --info-sssd=yes
Installation initiated
Installing default config files
Configuring environment helpers
Searching for keytab in: /etc/httpd/conf/http.keytab... Found!
Configuring login managers
Configuring Info provider
Configured SSSD domain example.com
Redirecting to /bin/systemctl restart  sssd.service
Configuring Authentication Providers
Generating a 2048 bit RSA private key
..+++
.....................................................................................................................................................+++
writing new private key to '/var/lib/ipsilon/idp/saml2/idp.key'
-----
Installation complete.
Please restart HTTPD to enable the IdP instance.
[root@rhel7-2 ~]# ipsilon-server-install --uninstall
Uninstallation initiated
Are you certain you want to erase instance idp [yes/NO]: yes
Removing environment helpers
Removing login managers
Removing Info providers
Redirecting to /bin/systemctl restart  sssd.service
Removing Authentication Providers
Removing httpd configuration
Erasing instance configuration
Erasing instance data
Uninstalled instance idp
Uninstallation complete.

Comment 3 Nathan Kinder 2015-11-02 17:02:14 UTC
Upstream ticket:
https://fedorahosted.org/ipsilon/ticket/199

Comment 5 Martin Kosek 2016-11-23 11:17:25 UTC
Red Hat Enterprise Linux 7.2 introduced the Ipsilon identity provider service for federated single sign-on (SSO). Subsequently, Red Hat has released Red Hat Single Sign-On as a web SSO solution based on the Keycloak community project. Red Hat Single Sign-On provides greater capabilities than Ipsilon and is designated as the standard web SSO solution across the Red Hat product portfolio.

Therefore, as mentioned in the RHEL-7.3 Release Notes:
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.3_Release_Notes/chap-Red_Hat_Enterprise_Linux-7.3_Release_Notes-Deprecated_Functionality.html
Ipsilon is now obsolete in RHEL and all existing Ipsilon users are recommended to migrate to Red Hat SSO product:
https://access.redhat.com/products/red-hat-single-sign-on
Please approach the Customer Service for advice.

Given above, this Bugzilla is now closed as WONTFIX.


Note You need to log in before you can comment on or make changes to this bug.