Red Hat Bugzilla – Bug 1274488
ipa-client-install should use previously entered username when performing setup validation
Last modified: 2018-02-20 03:55:12 EST
Description of problem:
When running ipa-client-install, the ipaclient-install.log shows:
getent passwd admin
The 'admin' username is hard-coded, so this check will fail if the admin account has been renamed.
This check should use the username that was entered earlier in the install process at the prompt:
User authorized to enroll computers:
as this user is guaranteed to exist.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Perform installation with 'ipa-client-install'
2. Review log in /var/log/ipaclient-install.log
Observe lines in log:
DEBUG args=getent passwd admin
Username 'admin' should show the username that was input at the prompt earlier in the process.
Created attachment 1085671 [details]
Use options.principal in getent call
I looked into the script file and it seems that the --principal option allows passing the username on the command-line (however the man page does not indicate that a value can be accepted for this option).
This patch changes the getent call to use the options.principal parameter instead of hard-coded 'admin'.
One issue is that there is no default for options.principal. I considered adding one, but it seems there are some checks if this is None elsewhere within the script. Reviewing that logic is beyond my current ability/familiarity with this.
thanks for the bug, I'll clone it upstream. Note that it won't be backported to older RHELs. Please open a support case if you want to backport it.
FYI: there is also similar bug in ipa-replica-install: https://fedorahosted.org/freeipa/ticket/5060
*** Bug 1399606 has been marked as a duplicate of this bug. ***
eae8714 client.py: Replace hardcoded 'admin' with options.principal
7bef8c7 client.py: Replace hardcoded 'admin' with options.principal