Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
First Last Prev Next    This bug is not in your last search results.
Bug 1434875 - mod_auth_mellon package issue in OSP 10/11
mod_auth_mellon package issue in OSP 10/11
Status: CLOSED CURRENTRELEASE
Product: Red Hat OpenStack
Classification: Red Hat
Component: documentation (Show other bugs)
12.0 (Pike)
Unspecified Unspecified
unspecified Severity unspecified
: ---
: 13.0 (Queens)
Assigned To: Martin Lopes
RHOS Documentation Team
: Triaged
: 1497718 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2017-03-22 10:14 EDT by Rodrigo Duarte
Modified: 2018-08-02 23:39 EDT (History)
8 users (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2018-08-02 23:39:25 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Rodrigo Duarte 2017-03-22 10:14:43 EDT 
An issue that always happen when configuring federation (Federated Identity feature) is that mod_auth_mellon needs to be reinstalled in the controllers for it to work properly. Below we can check some of the configuration files from the module are missing:

[root@controller-2 ~]# rpm -ql mod_auth_mellon
/etc/httpd/conf.d/auth_mellon.conf
/etc/httpd/conf.modules.d/10-auth_mellon.conf
/run/mod_auth_mellon
/usr/lib/tmpfiles.d/mod_auth_mellon.conf
/usr/lib64/httpd/modules/mod_auth_mellon.so
/usr/libexec/mod_auth_mellon
/usr/libexec/mod_auth_mellon/mellon_create_metadata.sh
/usr/share/doc/mod_auth_mellon-0.11.0
/usr/share/doc/mod_auth_mellon-0.11.0/ECP.rst
/usr/share/doc/mod_auth_mellon-0.11.0/NEWS
/usr/share/doc/mod_auth_mellon-0.11.0/README
/usr/share/licenses/mod_auth_mellon-0.11.0
/usr/share/licenses/mod_auth_mellon-0.11.0/COPYING

[root@controller-2 ~]# ls /etc/httpd/conf.d/ | grep mellon
[root@controller-2 ~]# ls /etc/httpd/conf.modules.d/ | grep mellon
Comment 1 Rodrigo Duarte 2017-03-22 10:15:39 EDT 
Set the component to "openstack-tripleo", please reassign it for the correct package if it is the case.
Comment 2 Alex Schultz 2017-03-24 14:42:11 EDT 
This is probably happening because puppet (via the apache module) will remove any modules not accounted for in our apache configuration. We would need to explicitly ensure that ::apache::mod::auth_mellon is included when configuring federation with mod_auth_mellon
Comment 6 John Dennis 2017-10-30 16:34:04 EDT 
*** Bug 1497718 has been marked as a duplicate of this bug. ***
Comment 7 John Dennis 2017-10-30 16:36:25 EDT 
Note: bug #1497718 which was closed as a duplicate of this one contains some additional information concerning how to get mod_auth_mellon under Puppet control, you may wish to review that material.
Comment 9 Martin Lopes 2018-01-10 00:56:20 EST 
Made some light edits to content. Confirmed that John's new section is in the published version of the OSP12 guide: https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/12/html-single/federate_with_identity_service/#prerequisites
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.