Bug 1274488 - ipa-client-install should use previously entered username when performing setup validation
ipa-client-install should use previously entered username when performing set...
Status: POST
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: ipa (Show other bugs)
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: IPA Maintainers
Namita Soman
: 1399606 (view as bug list)
Depends On:
  Show dependency treegraph
Reported: 2015-10-22 15:46 EDT by Brian Mathis
Modified: 2018-02-20 03:55 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Use options.principal in getent call (862 bytes, patch)
2015-10-22 19:04 EDT, Brian Mathis
no flags Details | Diff

  None (edit)
Description Brian Mathis 2015-10-22 15:46:07 EDT
Description of problem:
When running ipa-client-install, the ipaclient-install.log shows:
    getent passwd admin
The 'admin' username is hard-coded, so this check will fail if the admin account has been renamed.

This check should use the username that was entered earlier in the install process at the prompt:
    User authorized to enroll computers:
as this user is guaranteed to exist.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Perform installation with 'ipa-client-install'
2. Review log in /var/log/ipaclient-install.log

Actual results:
Observe lines in log:
    DEBUG args=getent passwd admin
    DEBUG stdout=
    DEBUG stderr=

Expected results:
Username 'admin' should show the username that was input at the prompt earlier in the process.
Comment 2 Brian Mathis 2015-10-22 19:04 EDT
Created attachment 1085671 [details]
Use options.principal in getent call

I looked into the script file and it seems that the --principal option allows passing the username on the command-line (however the man page does not indicate that a value can be accepted for this option).

This patch changes the getent call to use the options.principal parameter instead of hard-coded 'admin'.

One issue is that there is no default for options.principal.  I considered adding one, but it seems there are some checks if this is None elsewhere within the script.  Reviewing that logic is beyond my current ability/familiarity with this.
Comment 3 Petr Vobornik 2015-10-26 10:28:59 EDT
Hello Brian, 

thanks for the bug, I'll clone it upstream. Note that it won't be backported to older RHELs. Please open a support case if you want to backport it.

FYI: there is also similar bug in ipa-replica-install: https://fedorahosted.org/freeipa/ticket/5060
Comment 4 Petr Vobornik 2015-10-26 10:29:58 EDT
Upstream ticket:
Comment 5 Petr Vobornik 2016-12-09 12:19:44 EST
*** Bug 1399606 has been marked as a duplicate of this bug. ***
Comment 6 Florence Blanc-Renaud 2018-02-20 03:55:12 EST
Fixed upstream

    eae8714 client.py: Replace hardcoded 'admin' with options.principal

    7bef8c7 client.py: Replace hardcoded 'admin' with options.principal

Note You need to log in before you can comment on or make changes to this bug.