Hide Forgot
Description of problem: User is able to remove ipa-server from within container using ipa-server-install --uninstall command. User should be presented with a warning message instead. Version-Release number of selected component (if applicable): ipa-server-docker: 4.4.0-21 image ipa-server version: ipa-server-4.4.0-12.el7.x86_64 atomic host: Version: 7.3 Steps to Reproduce: 1. Setup ipa-server using ipa-server-docker image on an atomic host. 2. Access the ipa-server shell and run ipa-server uninstallation command: Actual results: After step2, ipa server is uninstalled within the container -bash-4.2# docker exec -it ipa-server-container rpm -q ipa-server ipa-server-4.4.0-12.el7.x86_64 -bash-4.2# docker exec -it ipa-server-container ipa-server-install --uninstall -U Updating DNS system records ----------------------------------------------- Deleted IPA server "rhel73atomic.example.com" ----------------------------------------------- Shutting down all IPA services Unconfiguring ntpd Configuring certmonger to stop tracking system certificates for KRA Configuring certmonger to stop tracking system certificates for CA Unconfiguring CA ipa.ipaserver.install.cainstance.CAInstance: CRITICAL failed to uninstall CA instance Command '/usr/sbin/pkidestroy -i pki-tomcat -s CA' returned non-zero exit status 1 Unconfiguring named Unconfiguring ipa-dnskeysyncd Unconfiguring web server Unconfiguring krb5kdc Unconfiguring kadmin Unconfiguring directory server Unconfiguring ipa-custodia Unconfiguring ipa_memcached Unconfiguring ipa-otpd Removing IPA client configuration Removing Kerberos service principals from /etc/krb5.keytab Disabling client Kerberos and LDAP configurations Redundant SSSD configuration file /etc/sssd/sssd.conf was moved to /etc/sssd/sssd.conf.deleted Restoring client configuration files Unconfiguring the NIS domain. nscd daemon is not installed, skip configuration nslcd daemon is not installed, skip configuration Systemwide CA database updated. Client uninstall complete. -bash-4.2# docker exec -it ipa-server-container ipactl status IPA is not configured (see man pages of ipa-server-install for help) -bash-4.2# Expected results: Since uninstallation of ipa-server from within container using command ipa-server-install --uninstall, may not be a clean way for ipa-server-docker, user should be presented with a warning message.
This BZ has been evaluated multiple times over the last several years and we assessed that it is a valuable request to keep in the backlog and address it at some point in future. Time showed that we did not have such capacity, nor have it now nor will have in the foreseeable future. In such a situation keeping it in the backlog is misleading and setting the wrong expectation that we will be able to address it. Unfortunately we will not. To reflect this we are closing this BZ. If you disagree with the decision please reopen or open a new support case and create a new BZ. However this does not guarantee that the request will not be closed during the triage as we are currently applying much more rigor to what we actually can accomplish in the foreseeable future. Contributions and collaboration in the upstream community and CentOS Stream is always welcome! Thank you for understanding Red Hat Enterprise Linux Identity Management Team