Bug 1277543 - Can't delete ssh public key via WEBUI for serial-console, neither replace it with another key.
Can't delete ssh public key via WEBUI for serial-console, neither replace it ...
Status: CLOSED WORKSFORME
Product: ovirt-engine
Classification: oVirt
Component: Backend.Core (Show other bugs)
3.6.0.2
x86_64 Linux
unspecified Severity high (vote)
: ---
: ---
Assigned To: jniederm
Nikolai Sednev
virt
:
Depends On:
Blocks: 1239283
  Show dependency treegraph
 
Reported: 2015-11-03 09:29 EST by Nikolai Sednev
Modified: 2015-11-09 03:46 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-11-05 07:58:47 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
rule-engine: planning_ack?
rule-engine: devel_ack?
rule-engine: testing_ack?


Attachments (Terms of Use)
engine's log (1.18 MB, application/x-gzip)
2015-11-03 09:29 EST, Nikolai Sednev
no flags Details

  None (edit)
Description Nikolai Sednev 2015-11-03 09:29:05 EST
Created attachment 1089019 [details]
engine's log

Description of problem:
Operation Canceled
Error while executing action: ACTION_TYPE_FAILED_PROFILE_ALREADY_EXISTS

Version-Release number of selected component (if applicable):
Engine on RHEL6.7:
ovirt-vmconsole-proxy-1.0.0-1.el6ev.noarch
ovirt-vmconsole-1.0.0-1.el6ev.noarch
rhevm-3.6.0.2-0.1.el6.noarch
rhevm-guest-agent-common-1.0.11-2.el6ev.noarch

Host with these components:
ovirt-vmconsole-1.0.0-0.0.6.master.el7ev.noarch
ovirt-release36-001-0.5.beta.noarch
mom-0.5.1-2.el7.noarch
ovirt-hosted-engine-setup-1.3.1-0.0.master.20151020145724.git565c3f9.el7.centos.noarch
ovirt-setup-lib-1.0.0-1.20150922141000.git147e275.el7.centos.noarch
ovirt-host-deploy-1.5.0-0.0.master.20151015221110.gitc2abfed.el7.noarch
ovirt-release36-snapshot-001-0.5.beta.noarch
vdsm-4.17.10-13.gite438b03.el7.noarch
qemu-kvm-rhev-2.3.0-31.el7.x86_64
ovirt-hosted-engine-ha-1.3.1-1.20151016090950.git5ea5093.el7.noarch
sanlock-3.2.4-1.el7.x86_64
ovirt-engine-sdk-python-3.6.0.4-0.1.20151014.git117764a.el7.centos.noarch
ovirt-vmconsole-host-1.0.0-0.0.6.master.el7ev.noarch


How reproducible:
100%

Steps to Reproduce:
1.Deploy HE on host and get the engine running.
2.Create the VM with RHEL7.2 on it and check that serial-getty@hvc0.service is running, if not, start it "systemctl start serial-getty@hvc0.service".
3.Generate the ssh public key to get connected via serial console to VM on your laptop, by casting "ssh-keygen" 
# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
/root/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
4.Copy your public key stored in "/root/.ssh/id_rsa.pub" to your engine.
5.Set permissions for VM for Everyone and make sure that "Everyone" will have the UserVmManager role assigned, so it could let the serial-console connectivity to be established for the VM.
6.Edit VM and mark the "Enable VirtIO serial console" at the "Console" tab.
7.Start the VM.
8.Connect to the VM via serial console from your laptop, using "ssh -v -t -i $HOME/.ssh/id_rsa -p 2222 ovirt-vmconsole@put_your_engine's_FQDN/IP_here connect" command.
9.Now try wiping out the key you've placed or replace it with another key.

Actual results:
Error while executing action: ACTION_TYPE_FAILED_PROFILE_ALREADY_EXISTS
"2015-11-03 15:58:34,239 WARN  [org.ovirt.engine.core.bll.AddUserProfileCommand] (ajp-/127.0.0.1:8702-7) [48ef3960] CanDoAction of action 'AddUserP
rofile' failed for user admin@internal. Reasons: VAR__ACTION__ADD,VAR__TYPE__USER_PROFILE,ACTION_TYPE_FAILED_PROFILE_ALREADY_EXISTS
"

Expected results:
Keys should be deleted or changed.

Additional info:
engine log is attached.
Comment 1 Michal Skrivanek 2015-11-05 07:58:47 EST
finally found out
caused by manually compromised/modified setup with 3.6.1 bits (bll.jar) causing mismatch between frontend and backend

(changes done apparently during testing of HE import problem)

Note You need to log in before you can comment on or make changes to this bug.