Red Hat Bugzilla – Bug 1479663
pki-server-upgrade fails when upgrading from RHEL 7.1
Last modified: 2018-04-10 13:01:04 EDT
Description of problem: When upgrading from RHEL 7.1, pki-server-upgrade fails. Log output: <<EOF [root@auto-hv-01-guest03 localhost]# cat /var/log/pki/pki-server-upgrade-10.4.1.log Upgrading PKI server configuration at Thu Aug 3 03:46:16 EDT 2017. Upgrading from version 10.1.2 to 10.1.99: 1. Add TLS Range Support Upgrading from version 10.1.99 to 10.2.0: 1. Move web application context file 2. Replace Jettison with Jackson 3. Added RESTEasy client 4. Replace RESTEasy application class 5. Remove config path from web.xml Upgrading from version 10.2.0 to 10.2.1: No upgrade scriptlets. Tracker has been set to version 10.2.1. Upgrading from version 10.2.1 to 10.2.2: 1. Add TLS Range Support Upgrading from version 10.2.2 to 10.2.3: 1. Move Web application deployment locations 2. Enabled Web application auto deploy 3. Remove dependency on Jackson 2 Upgrading from version 10.2.3 to 10.2.4: 1. Fix instance work folder ownership 2. Fix bindPWPrompt for internalDB Upgrading from version 10.2.4 to 10.2.5: 1. Add missing OCSP Get Servlet Mapping to upgraded Dogtag 9 instances 2. Fix nuxwdog listener class Upgrading from version 10.2.5 to 10.2.6: 1. Add new KRA audit events Upgrading from version 10.2.6 to 10.3.0: 1. Remove inaccessable URLs from server.xml 2. Add Phone Home URLs to TPS section of server.xml. Upgrading from version 10.3.0 to 10.3.1: 1. Enable Tomcat ALLOW_ENCODED_SLASH parameter 2. Add authz realm constraint and default to registry Upgrading from version 10.3.1 to 10.3.2: No upgrade scriptlets. Tracker has been set to version 10.3.2. Upgrading from version 10.3.2 to 10.3.3: No upgrade scriptlets. Tracker has been set to version 10.3.3. Upgrading from version 10.3.3 to 10.4.0: 1. Fix JAVA_HOME path 2. Fix server library 3. Fix deployment descriptor ERROR: [Errno 2] No such file or directory: '/usr/share/pki/server/conf/Catalina/localhost/pki#admin.xml' Failed upgrading pki-tomcat instance. Upgrade failed in pki-tomcat: [Errno 2] No such file or directory: '/usr/share/pki/server/conf/Catalina/localhost/pki#admin.xml' EOF Version-Release number of selected component (if applicable): pki-server-10.4.1-11.el7.noarch How reproducible: always Steps to Reproduce: 1. Deploy pki (e.g. as part of IPA) on RHEL 7.1 2. Upgrade to 7.4 Actual results: Upgrade, including pki-server-upgrade, completes without error. Expected results: Additional info: seems to be related to an upgrade script looking for a file that does not exist. Possibly it existed in a version in between 7.1 and 7.4, but no longer does. The upgrade scriptlet affected is: /usr/share/pki/server/upgrade/10.3.3/03-FixDeploymentDescriptor It is sufficient in the `fix_webapp` function to return early if the source file does not exist, e.g. add the fragment: if not os.path.exists(source_xml): return
Upstream ticket: https://pagure.io/dogtagpki/issue/2789
Upstream gerrit review: https://review.gerrithub.io/#/c/373880/
Upstream commit: https://github.com/dogtagpki/pki/commit/d0a861923a27672d8633c87e21fb8596080e84af
[root@bkr-hv03-guest01 ~]# rpm -qi pki-ca Name : pki-ca Version : 10.5.1 Release : 4.el7 Architecture: noarch Install Date: Thu 07 Dec 2017 01:38:56 PM EST Group : System Environment/Daemons Size : 2360514 License : GPLv2 Signature : RSA/SHA256, Tue 28 Nov 2017 10:33:09 PM EST, Key ID 199e2f91fd431d51 Source RPM : pki-core-10.5.1-4.el7.src.rpm Build Date : Tue 28 Nov 2017 09:17:20 PM EST Build Host : ppc-035.build.eng.bos.redhat.com Relocations : (not relocatable) Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla> Vendor : Red Hat, Inc. URL : http://pki.fedoraproject.org/ Summary : Certificate System - Certificate Authority Verification steps: 1. ipa-server-install on a rhel 7.1 server. 2. successfully upgraded to rhel 7.5 builds
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:0925