Red Hat Bugzilla – Bug 1274470
ipsilon-server-install uninstall aborted unable to find domain if installed with ipa=no
Last modified: 2016-11-23 06:17:25 EST
Description of problem: I installed an ipsilon IdP server with --ipa=no. Now, I'm trying to uninstall and I'm seeing an error: [root@rhel7-2 ~]# ipsilon-server-install --uninstall Uninstallation initiated Are you certain you want to erase instance idp [yes/NO]: yes Removing environment helpers Removing login managers Removing Info providers 'domains' Traceback (most recent call last): File "/usr/sbin/ipsilon-server-install", line 438, in <module> uninstall(fplugins, opts) File "/usr/sbin/ipsilon-server-install", line 274, in uninstall if plugin.unconfigure(args, plugin_changes) == False: File "/usr/lib/python2.7/site-packages/ipsilon/info/infosssd.py", line 253, in unconfigure for domain in changes['domains']: KeyError: 'domains' Uninstallation aborted. See log file /var/log/ipsilon-install.log for details [root@rhel7-2 ~]# Version-Release number of selected component (if applicable): ipsilon-1.0.0-12.el7.noarch How reproducible: always Steps to Reproduce: 1. ipsilon-server-install --ipa=no --form=yes 2. ipsilon-server-install --uninstall Actual results: fails as above Expected results: uninstalls IDP instance Additional info: ipsilon-install.log: [2015-10-22 14:07:52,510] Installation arguments: [2015-10-22 14:07:52,510] admin_dburi: None [2015-10-22 14:07:52,510] admin_user: admin [2015-10-22 14:07:52,510] cleanup_interval: 30 [2015-10-22 14:07:52,510] config_profile: None [2015-10-22 14:07:52,510] database_url: sqlite:///%(datadir)s/%(dbname)s.sqlite [2015-10-22 14:07:52,510] form: no [2015-10-22 14:07:52,510] form_service: remote [2015-10-22 14:07:52,510] gssapi: no [2015-10-22 14:07:52,510] gssapi_httpd_keytab: /etc/httpd/conf/http.keytab [2015-10-22 14:07:52,510] hostname: rhel7-2.example.com [2015-10-22 14:07:52,510] info_nss: no [2015-10-22 14:07:52,510] info_sssd: no [2015-10-22 14:07:52,510] info_sssd_domain: None [2015-10-22 14:07:52,510] instance: idp [2015-10-22 14:07:52,510] ipa: auto [2015-10-22 14:07:52,510] lm_order: None [2015-10-22 14:07:52,510] saml2: yes [2015-10-22 14:07:52,511] saml2_metadata_validity: 1825 [2015-10-22 14:07:52,511] saml2_session_dburl: None [2015-10-22 14:07:52,511] samlsessions_dburi: None [2015-10-22 14:07:52,511] secure: yes [2015-10-22 14:07:52,511] server_debugging: False [2015-10-22 14:07:52,511] system_user: ipsilon [2015-10-22 14:07:52,511] testauth: no [2015-10-22 14:07:52,511] transaction_dburi: None [2015-10-22 14:07:52,511] uninstall: True [2015-10-22 14:07:52,511] users_dburi: None [2015-10-22 14:07:52,511] yes: False [2015-10-22 14:07:52,511] Uninstallation initiated [2015-10-22 14:07:53,997] Removing environment helpers [2015-10-22 14:07:53,997] Removing login managers [2015-10-22 14:07:53,997] Removing Info providers [2015-10-22 14:07:54,003] 'domains' Traceback (most recent call last): File "/usr/sbin/ipsilon-server-install", line 438, in <module> uninstall(fplugins, opts) File "/usr/sbin/ipsilon-server-install", line 274, in uninstall if plugin.unconfigure(args, plugin_changes) == False: File "/usr/lib/python2.7/site-packages/ipsilon/info/infosssd.py", line 253, in unconfigure for domain in changes['domains']: KeyError: 'domains' [2015-10-22 14:07:54,003] Uninstallation aborted. [2015-10-22 14:07:54,003] See log file /var/log/ipsilon-install.log for details
FYI, it looks like as a workaround, I can re-run install to add options and then re-run uninstall: [root@rhel7-2 ~]# ipsilon-server-install --ipa=yes --form=yes --info-sssd=yes Installation initiated Installing default config files Configuring environment helpers Searching for keytab in: /etc/httpd/conf/http.keytab... Found! Configuring login managers Configuring Info provider Configured SSSD domain example.com Redirecting to /bin/systemctl restart sssd.service Configuring Authentication Providers Generating a 2048 bit RSA private key ..+++ .....................................................................................................................................................+++ writing new private key to '/var/lib/ipsilon/idp/saml2/idp.key' ----- Installation complete. Please restart HTTPD to enable the IdP instance. [root@rhel7-2 ~]# ipsilon-server-install --uninstall Uninstallation initiated Are you certain you want to erase instance idp [yes/NO]: yes Removing environment helpers Removing login managers Removing Info providers Redirecting to /bin/systemctl restart sssd.service Removing Authentication Providers Removing httpd configuration Erasing instance configuration Erasing instance data Uninstalled instance idp Uninstallation complete.
Upstream ticket: https://fedorahosted.org/ipsilon/ticket/199
Red Hat Enterprise Linux 7.2 introduced the Ipsilon identity provider service for federated single sign-on (SSO). Subsequently, Red Hat has released Red Hat Single Sign-On as a web SSO solution based on the Keycloak community project. Red Hat Single Sign-On provides greater capabilities than Ipsilon and is designated as the standard web SSO solution across the Red Hat product portfolio. Therefore, as mentioned in the RHEL-7.3 Release Notes: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.3_Release_Notes/chap-Red_Hat_Enterprise_Linux-7.3_Release_Notes-Deprecated_Functionality.html Ipsilon is now obsolete in RHEL and all existing Ipsilon users are recommended to migrate to Red Hat SSO product: https://access.redhat.com/products/red-hat-single-sign-on Please approach the Customer Service for advice. Given above, this Bugzilla is now closed as WONTFIX.