Bug 1659499
| Summary: | automember-rebuild crashes [rhel-7.6.z] | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | RAD team bot copy to z-stream <autobot-eus-copy> |
| Component: | ipa | Assignee: | IPA Maintainers <ipa-maint> |
| Status: | CLOSED ERRATA | QA Contact: | ipa-qe <ipa-qe> |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | 7.2 | CC: | frenaud, jreznik, lmanasko, myusuf, pvoborni, rcritten, tscherf |
| Target Milestone: | rc | Keywords: | ZStream |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | All | ||
| Whiteboard: | |||
| Fixed In Version: | ipa-4.6.4-10.el7_6.2 | Doc Type: | Bug Fix |
| Doc Text: |
Previously, the automember commands assumed existence of a hostgroup with the same name as the automember rule. As a consequence, when an automember rule was using a deleted hostgroup, the "ipa automember-rebuild --type=hostgroup" command failed to execute and exited with an "Automember rebuild task aborted" error message. With this update, Identity Management in Red Hat Enterprise Linux provides a new command "ipa automember-find-orphans --type=hostgroup" that allows to find the automember rules that have a missing host. The command provides a "--remove" option that deletes such automember rules. As a result, if you run "ipa member-find-orphans --type=hostgroup --remove" before calling ipa automember-reuild, automember-rebuild succeeds.
|
Story Points: | --- |
| Clone Of: | 1390757 | Environment: | |
| Last Closed: | 2019-01-29 17:24:34 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1390757 | ||
| Bug Blocks: | |||
|
Description
RAD team bot copy to z-stream
2018-12-14 14:33:36 UTC
Using steps from https://bugzilla.redhat.com/show_bug.cgi?id=1390757#c6 version: ipa-server-dns-4.6.4-10.el7_6.2.noarch ipa-server-4.6.4-10.el7_6.2.x86_64 Actual result: [root@master ~]# ipa hostgroup-add test ---------------------- Added hostgroup "test" ---------------------- Host-group: test [root@master ~]# [root@master ~]# ipa automember-add --type hostgroup test ---------------------------- Added automember rule "test" ---------------------------- Automember Rule: test [root@master ~]# [root@master ~]# [root@master ~]# ipa automember-add-condition --key=fqdn --inclusive-regex=^replica[1-9]+\.testrelm\.test test Grouping Type: hostgroup ---------------------------- Added condition(s) to "test" ---------------------------- Automember Rule: test Inclusive Regex: fqdn=^replica[1-9]+.testrelm.test ---------------------------- Number of conditions added 1 ---------------------------- [root@master ~]# [root@master ~]# ipa dnsrecord-add --a-ip-address=10.16.200.69 Record name: replica1 Zone name: testrelm.test Record name: replica1 A record: 10.16.200.69 [root@master ~]# [root@master ~]# ipa host-add replica1.testrelm.test ----------------------------------- Added host "replica1.testrelm.test" ----------------------------------- Host name: replica1.testrelm.test Principal name: host/replica1.testrelm.test Principal alias: host/replica1.testrelm.test Password: False Member of host-groups: test Indirect Member of netgroup: test Keytab: False Managed by: replica1.testrelm.test [root@master ~]# [root@master ~]# [root@master ~]# ipa hostgroup-show test Host-group: test Member hosts: replica1.testrelm.test [root@master ~]# [root@master ~]# [root@master ~]# [root@master ~]# ipa automember-rebuild --type hostgroup -------------------------------------------------------- Automember rebuild task finished. Processed (2) entries. -------------------------------------------------------- [root@master ~]# [root@master ~]# ipa hostgroup-del test ------------------------ Deleted hostgroup "test" ------------------------ [root@master ~]# [root@master ~]# [root@master ~]# ipa automember-rebuild --type hostgroup ipa: ERROR: Automember rebuild task aborted. Error (-1): Task DN = 'cn=ea3714b0-0e30-4056-b63d-3702f11988f2,cn=automember rebuild membership,cn=tasks,cn=config' [root@master ~]# [root@master ~]# ipa automember-find Grouping Type: hostgroup --------------- 1 rules matched --------------- Automember Rule: test Inclusive Regex: fqdn=^replica[1-9]+.testrelm.test ---------------------------- Number of entries returned 1 ---------------------------- [root@master ~]# [root@master ~]# [root@master ~]# ipa automember-del test Grouping Type: hostgroup ------------------------------ Deleted automember rule "test" ------------------------------ [root@master ~]# [root@master ~]# [root@master ~]# ipa automember-rebuild --type hostgroup -------------------------------------------------------- Automember rebuild task finished. Processed (2) entries. -------------------------------------------------------- [root@master ~]# /var/log/dirsrv/slapd-TESTRELM-TEST/errors : . [17/Jan/2019:01:58:24.214180437 -0500] - ERR - schema-compat-plugin - warning: no entries set up under ou=sudoers,dc=testrelm,dc=test [17/Jan/2019:01:58:24.227410115 -0500] - ERR - schema-compat-plugin - warning: no entries set up under cn=ng, cn=compat,dc=testrelm,dc=test [17/Jan/2019:01:58:24.245438129 -0500] - ERR - schema-compat-plugin - warning: no entries set up under cn=computers, cn=compat,dc=testrelm,dc=test [17/Jan/2019:01:58:24.260674409 -0500] - ERR - schema-compat-plugin - Finished plugin initialization. [17/Jan/2019:04:14:28.596410632 -0500] - ERR - auto-membership-plugin - automember_add_member_value - Unable to add "fqdn=replica1.testrelm.test,cn=computers,cn=accounts,dc=testrelm,dc=test" as a "member" value to group "cn=test,cn=hostgroups,cn=accounts,dc=testrelm,dc=test" (No such object) automember rebuild crashed. When deleted the hostgroup rule manually, it started working. Thus based on above observations, marking it as Failed_QA. The fix delivers a new command, ipa automember-find-orphans --type={hostgroup,group} [--remove]
When "ipa automember-rebuild --type hostgroup" fails, you should run the new command to find/remove the orphans. The verification steps should be modified to use this new command.
Steps: 1. ipa hostgroup-add test 2. ipa automember-add --type hostgroup test 3. ipa automember-add-condition --key=fqdn --inclusive-regex=^replica[1-9]+\.testrelm\.test test 4. ipa dnsrecord-add --a-ip-address=10.16.200.69 5. ipa host-add replica1.testrelm.test 6. ipa automember-rebuild --type hostgroup 7. ipa hostgroup-del test 8. ipa automember-rebuild --type hostgroup 9. ipa automember-find-orphans --type=hostgroup --remove 10. ipa automember-rebuild --type hostgroup Rebuild got succeed after running "$ipa automember-find-orphans --type=hostgroup --remove" when it crashed. Thus based on above observations, marking the bug as verified. [root@master ~]# ipa hostgroup-del test ------------------------ Deleted hostgroup "test" ------------------------ [root@master ~]# [root@master ~]# [root@master ~]# ipa automember-rebuild --type hostgroup ipa: ERROR: Automember rebuild task aborted. Error (-1): Task DN = 'cn=56307d3f-399a-4435-a8f8-f166a428a14d,cn=automember rebuild membership,cn=tasks,cn=config' [root@master ~]# ipa automember-find-orphans --type=hostgroup --remove --------------- 1 rules matched --------------- Automember Rule: test Inclusive Regex: fqdn=^replica[1-9]+.testrelm.test ---------------------------- Number of entries returned 1 ---------------------------- [root@master ~]# [root@master ~]# [root@master ~]# ipa automember-rebuild --type hostgroup -------------------------------------------------------- Automember rebuild task finished. Processed (2) entries. -------------------------------------------------------- [root@master ~]# Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:0190 |