1834754 – [ansible-freeipa] Certificates are removed while updating other attributes in the service module.

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1834754 - [ansible-freeipa] Certificates are removed while updating other attributes in the service module.

Summary: [ansible-freeipa] Certificates are removed while updating other attributes in...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 8
Classification:	Red Hat
Component:	ansible-freeipa
Sub Component:
Version:	8.3
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	unspecified
Target Milestone:	rc
Target Release:	8.0
Assignee:	Rafael Jeffman
QA Contact:	ipa-qe
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2020-05-12 10:56 UTC by Varun Mylaraiah
Modified:	2020-11-04 02:47 UTC (History)
CC List:	2 users (show)
Fixed In Version:	ansible-freeipa-0.1.11-1
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2020-11-04 02:46:35 UTC
Type:	Bug
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHEA-2020:4663	0	None	None	None	2020-11-04 02:46:46 UTC

Description Varun Mylaraiah 2020-05-12 10:56:15 UTC

Description of problem:
Certificates are removed while updating other attributes(pac_type, auth_ind, etc..)in the ansible-freeipa service module.


Version-Release number of selected component (if applicable):
ansible-freeipa-0.1.10-1.el8.noarch

Steps to Reproduce:
[root@master ~]# ipa service-find myfirstservce1/master.ipadomain.test
-----------------
1 service matched
-----------------
  Principal name: myfirstservce1/master.ipadomain.test
  Principal alias: myfirstservce1/master.ipadomain.test
  Certificate: MIIC/zCCAeegAwIBAgIUMNHIbn+hhrOVew/2WbkteisV29QwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0yMDAyMDQxNDQxMDhaFw0zMDAyMDExNDQxMDhaMA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+XVVGFYpHVkcDfVnNInE1Y/pFciegdzqTjMwUWlRL4Zt3u96GhaMLRbtk+OfEkzLUAhWBOwEraELJzMLJOMvjYF3C+TiGO7dStFLikZmccuSsSIXjnzIPwBXa8KvgRVRyGLoVvGbLJvmjfMXp0nIToTx/i74KF9S++WEes9H5ErJ99CDhLKFgq0amnvsgparYXhypHaRLnikn0vQINt55YoEd1s4KrvEcD2VdZkIMPbLRu2zFvMprF3cjQQG4LT9ggfEXNIPZ1nQWAnAsu7OJEkNF+E4Mkmpcxj9aGUVt5bsq1D+Tzj3GsidSX0nSNcZ2JltXRnL/5v63g5cZyE+nAgMBAAGjUzBRMB0GA1UdDgQWBBRV0j7JYukuH/r/t9+QeNlRLXDlEDAfBgNVHSMEGDAWgBRV0j7JYukuH/r/t9+QeNlRLXDlEDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCgVy1+1kNwHs5y1Zp0WjMWGCJC6/zw7FDG4OW5r2GJiCXZYdJ0UonY9ZtoVLJPrp2/DAv1m5DtnDhBYqicuPgLzEkOS1KdTi20Otm/J4yxLLrZC5W4x0XOeSVPXOJuQWfwQ5pPvKkn6WxYUYkGwIt1OH2nSMngkbami3CbSmKZOCpgQIiSlQeDJ8oGjWFMLDymYSHoVOIXHwNoooyEiaio3693l6noobyGv49zyCVLVR1DC7i6RJ186ql0av+D4vPoiF5mX7+sKC2E8xEj9uKQ5GTWRh59VnRBVC/SiMJ/H78tJnBAvoBwXxSEvj8Z3Kjm/BQqZfv4IBsA5yqV7MVq
  Subject: CN=test
  Serial Number: 278709872803934558082230619207578591056323009492
  Serial Number (hex): 0x30D1C86E7FA186B3957B0FF659B92D7A2B15DBD4
  Issuer: CN=test
  Not Before: Tue Feb 04 14:41:08 2020 UTC
  Not After: Fri Feb 01 14:41:08 2030 UTC
  Fingerprint (SHA1): 08:15:a0:29:24:8f:a3:51:f5:43:cd:a8:a5:72:9e:bd:16:af:78:48
  Fingerprint (SHA256): 99:48:2d:42:af:3c:85:a6:9c:b7:f1:b3:c8:6c:44:5c:9a:28:d3:7b:28:fc:38:58:0b:e5:3c:41:46:6d:9f:98
  PAC type: MS-PAC, PAD
  Authentication Indicators: otp
  Keytab: False
----------------------------
Number of entries returned 1
----------------------------

[root@ansible ~]# cat 01.yaml
---
- name: Playbook to manage IPA service.
  hosts: ipaserver
  become: true
  gather_facts: false

  tasks:
  - name: Get Domain from server name
    set_fact:
      ipaserver_domain: "{{ groups.ipaserver[0].split('.')[1:] | join ('.') }}"
  - name: Get Realm from server name
    set_fact:
      ipaserver_realm: "{{ groups.ipaserver[0].split('.')[1:] | join ('.') | upper }}"      
  # Ensure service is present
  - ipaservice:
      ipaadmin_password: <xxxxxxxxxxxxx>
      name: "{{'myfirstservce1/master.' + ipaserver_domain + '@' + ipaserver_realm }}"
      auth_ind: radius

[root@ansible ~]# ansible-playbook -vv -i inventory/server.hosts 01.yaml 
ansible-playbook 2.9.7
  config file = /root/ansible.cfg
  configured module search path = ['/root/ansible-freeipa/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.6/site-packages/ansible
  executable location = /usr/bin/ansible-playbook
  python version = 3.6.8 (default, Apr  3 2020, 16:09:51) [GCC 8.3.1 20191121 (Red Hat 8.3.1-5)]
Using /root/ansible.cfg as config file

PLAYBOOK: 01.yaml *************************************************************************
1 plays in 01.yaml

PLAY [Playbook to manage IPA service.] ****************************************************
META: ran handlers

TASK [Get Domain from server name] ********************************************************
task path: /root/01.yaml:8
ok: [master.ipadomain.test] => {"ansible_facts": {"ipaserver_domain": "ipadomain.test"}, "changed": false}

TASK [Get Realm from server name] *********************************************************
task path: /root/01.yaml:11
ok: [master.ipadomain.test] => {"ansible_facts": {"ipaserver_realm": "IPADOMAIN.TEST"}, "changed": false}

TASK [ipaservice] *************************************************************************
task path: /root/01.yaml:15
changed: [master.ipadomain.test] => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"}, "changed": true}
META: ran handlers
META: ran handlers

PLAY RECAP ********************************************************************************
master.ipadomain.test      : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0


[root@master ~]# ipa service-find myfirstservce1/master.ipadomain.test
-----------------
1 service matched
-----------------
  Principal name: myfirstservce1/master.ipadomain.test
  Principal alias: myfirstservce1/master.ipadomain.test
  PAC type: MS-PAC, PAD
  Authentication Indicators: radius
  Keytab: False
----------------------------
Number of entries returned 1
----------------------------
 

Actual results:
Certificates are removed

Expected results:
Changes should update without removing certificates.

Comment 1 Rafael Jeffman 2020-06-01 23:36:25 UTC

Could not reproduce this issue.

Running the following script, service was correctly handled.

---
- name: Test service certificates
  hosts: ipaserver
  become: true

  tasks:
  - set_fact:
      test_host: testcert.ipatest.local
  - name: Ensure service member certificate is present.
    ipaservice:
      name: "HTTP/{{ test_host }}"
      certificate:
        - MIIC/zCCAeegAwIBAgIUMNHIbn+hhrOVew/2WbkteisV29QwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0yMDAyMDQxNDQxMDhaFw0zMDAyMDExNDQxMDhaMA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+XVVGFYpHVkcDfVnNInE1Y/pFciegdzqTjMwUWlRL4Zt3u96GhaMLRbtk+OfEkzLUAhWBOwEraELJzMLJOMvjYF3C+TiGO7dStFLikZmccuSsSIXjnzIPwBXa8KvgRVRyGLoVvGbLJvmjfMXp0nIToTx/i74KF9S++WEes9H5ErJ99CDhLKFgq0amnvsgparYXhypHaRLnikn0vQINt55YoEd1s4KrvEcD2VdZkIMPbLRu2zFvMprF3cjQQG4LT9ggfEXNIPZ1nQWAnAsu7OJEkNF+E4Mkmpcxj9aGUVt5bsq1D+Tzj3GsidSX0nSNcZ2JltXRnL/5v63g5cZyE+nAgMBAAGjUzBRMB0GA1UdDgQWBBRV0j7JYukuH/r/t9+QeNlRLXDlEDAfBgNVHSMEGDAWgBRV0j7JYukuH/r/t9+QeNlRLXDlEDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCgVy1+1kNwHs5y1Zp0WjMWGCJC6/zw7FDG4OW5r2GJiCXZYdJ0UonY9ZtoVLJPrp2/DAv1m5DtnDhBYqicuPgLzEkOS1KdTi20Otm/J4yxLLrZC5W4x0XOeSVPXOJuQWfwQ5pPvKkn6WxYUYkGwIt1OH2nSMngkbami3CbSmKZOCpgQIiSlQeDJ8oGjWFMLDymYSHoVOIXHwNoooyEiaio3693l6noobyGv49zyCVLVR1DC7i6RJ186ql0av+D4vPoiF5mX7+sKC2E8xEj9uKQ5GTWRh59VnRBVC/SiMJ/H78tJnBAvoBwXxSEvj8Z3Kjm/BQqZfv4IBsA5yqV7MVq
      action: member
      state: present

  - name: Ensure service member certificate is present.
    ipaservice:
      name: "HTTP/{{ test_host }}"
      auth_ind: radius
      state: present

Comment 2 Varun Mylaraiah 2020-06-02 14:25:51 UTC

I can reproduce with ansible-freeipa-0.1.10-1

Comment 3 Rafael Jeffman 2020-06-02 18:32:51 UTC

The bug is reproducible with ansible-freeipa-0.1.10-1, but is not reproduced with current upstream master.

Comment 4 Thomas Woerner 2020-06-03 09:45:18 UTC

This has been fixed with https://github.com/freeipa/ansible-freeipa/pull/271

Comment 8 Varun Mylaraiah 2020-07-28 02:39:52 UTC

Verified:

ansible-freeipa-0.1.12-5.el8.noarch

Automation test result 

ansible-freeipa-tests/ansible_freeipa_tests/service_module.py::TestServiceWithCertificate::()::test_service_verify_cert_still_present_after_update
------------------------------ Captured log call -------------------------------
channel.py                1212 DEBUG    [chan 39] Max packet in: 32768 bytes
channel.py                1212 DEBUG    [chan 39] Max packet out: 32768 bytes
transport.py              1819 DEBUG    Secsh channel 39 opened.
transport.py               318 INFO     RUN ['kinit', 'admin']
transport.py               519 DEBUG    RUN ['kinit', 'admin']
channel.py                1212 DEBUG    [chan 39] Sesch channel 39 request ok
transport.py               563 DEBUG    -bash: line 1: cd: /root/multihost_tests: No such file or directory
transport.py               563 DEBUG    -bash: line 2: /root/multihost_tests/env.sh: No such file or directory
transport.py               563 DEBUG    Password for admin: 
channel.py                1212 DEBUG    [chan 39] EOF received (39)
channel.py                1212 DEBUG    [chan 39] EOF sent (39)
transport.py               217 DEBUG    Exit code: 0
channel.py                1212 DEBUG    [chan 40] Max packet in: 32768 bytes
channel.py                1212 DEBUG    [chan 40] Max packet out: 32768 bytes
transport.py              1819 DEBUG    Secsh channel 40 opened.
transport.py               318 INFO     RUN ['ipa', 'service-find', '11newservice']
transport.py               519 DEBUG    RUN ['ipa', 'service-find', '11newservice']
channel.py                1212 DEBUG    [chan 40] Sesch channel 40 request ok
transport.py               563 DEBUG    -bash: line 1: cd: /root/multihost_tests: No such file or directory
transport.py               563 DEBUG    -bash: line 2: /root/multihost_tests/env.sh: No such file or directory
transport.py               563 DEBUG    -----------------
transport.py               563 DEBUG    1 service matched
transport.py               563 DEBUG    -----------------
transport.py               563 DEBUG      Principal name: 11newservice/master.ipadomain.test
transport.py               563 DEBUG      Principal alias: 11newservice/master.ipadomain.test
transport.py               563 DEBUG      Certificate: MIIC/zCCAeegAwIBAgIUMNHIbn+hhrOVew/2WbkteisV29QwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0yMDAyMDQxNDQxMDhaFw0zMDAyMDExNDQxMDhaMA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+XVVGFYpHVkcDfVnNInE1Y/pFciegdzqTjMwUWlRL4Zt3u96GhaMLRbtk+OfEkzLUAhWBOwEraELJzMLJOMvjYF3C+TiGO7dStFLikZmccuSsSIXjnzIPwBXa8KvgRVRyGLoVvGbLJvmjfMXp0nIToTx/i74KF9S++WEes9H5ErJ99CDhLKFgq0amnvsgparYXhypHaRLnikn0vQINt55YoEd1s4KrvEcD2VdZkIMPbLRu2zFvMprF3cjQQG4LT9ggfEXNIPZ1nQWAnAsu7OJEkNF+E4Mkmpcxj9aGUVt5bsq1D+Tzj3GsidSX0nSNcZ2JltXRnL/5v63g5cZyE+nAgMBAAGjUzBRMB0GA1UdDgQWBBRV0j7JYukuH/r/t9+QeNlRLXDlEDAfBgNVHSMEGDAWgBRV0j7JYukuH/r/t9+QeNlRLXDlEDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCgVy1+1kNwHs5y1Zp0WjMWGCJC6/zw7FDG4OW5r2GJiCXZYdJ0UonY9ZtoVLJPrp2/DAv1m5DtnDhBYqicuPgLzEkOS1KdTi20Otm/J4yxLLrZC5W4x0XOeSVPXOJuQWfwQ5pPvKkn6WxYUYkGwIt1OH2nSMngkbami3CbSmKZOCpgQIiSlQeDJ8oGjWFMLDymYSHoVOIXHwNoooyEiaio3693l6noobyGv49zyCVLVR1DC7i6RJ186ql0av+D4vPoiF5mX7+sKC2E8xEj9uKQ5GTWRh59VnRBVC/SiMJ/H78tJnBAvoBwXxSEvj8Z3Kjm/BQqZfv4IBsA5yqV7MVq
transport.py               563 DEBUG      Subject: CN=test
transport.py               563 DEBUG      Serial Number: 278709872803934558082230619207578591056323009492
transport.py               563 DEBUG      Serial Number (hex): 0x30D1C86E7FA186B3957B0FF659B92D7A2B15DBD4
transport.py               563 DEBUG      Issuer: CN=test
transport.py               563 DEBUG      Not Before: Tue Feb 04 14:41:08 2020 UTC
transport.py               563 DEBUG      Not After: Fri Feb 01 14:41:08 2030 UTC
transport.py               563 DEBUG      Fingerprint (SHA1): 08:15:a0:29:24:8f:a3:51:f5:43:cd:a8:a5:72:9e:bd:16:af:78:48
transport.py               563 DEBUG      Fingerprint (SHA256): 99:48:2d:42:af:3c:85:a6:9c:b7:f1:b3:c8:6c:44:5c:9a:28:d3:7b:28:fc:38:58:0b:e5:3c:41:46:6d:9f:98
transport.py               563 DEBUG      Keytab: False
transport.py               563 DEBUG    ----------------------------
transport.py               563 DEBUG    Number of entries returned 1
transport.py               563 DEBUG    ----------------------------
channel.py                1212 DEBUG    [chan 40] EOF received (40)
channel.py                1212 DEBUG    [chan 40] EOF sent (40)
transport.py               217 DEBUG    Exit code: 0
channel.py                1212 DEBUG    [chan 41] Max packet in: 32768 bytes
channel.py                1212 DEBUG    [chan 41] Max packet out: 32768 bytes
transport.py              1819 DEBUG    Secsh channel 41 opened.
transport.py               318 INFO     RUN ['kdestroy', '-A']
transport.py               519 DEBUG    RUN ['kdestroy', '-A']
channel.py                1212 DEBUG    [chan 41] Sesch channel 41 request ok
transport.py               563 DEBUG    -bash: line 1: cd: /root/multihost_tests: No such file or directory
transport.py               563 DEBUG    -bash: line 2: /root/multihost_tests/env.sh: No such file or directory
channel.py                1212 DEBUG    [chan 41] EOF received (41)
channel.py                1212 DEBUG    [chan 41] EOF sent (41)
transport.py               217 DEBUG    Exit code: 0
transport.py               293 INFO     WRITE inventory/service.hosts
sftp.py                    158 DEBUG    [chan 0] open(b'inventory/service.hosts', 'wb')
sftp.py                    158 DEBUG    [chan 0] open(b'inventory/service.hosts', 'wb') -> 00000000
sftp.py                    158 DEBUG    [chan 0] close(00000000)
transport.py               329 INFO     PUT service_module.yml
sftp.py                    158 DEBUG    [chan 0] open(b'service_module.yml', 'wb')
sftp.py                    158 DEBUG    [chan 0] open(b'service_module.yml', 'wb') -> 00000000
sftp.py                    158 DEBUG    [chan 0] close(00000000)
sftp.py                    158 DEBUG    [chan 0] stat(b'service_module.yml')
channel.py                1212 DEBUG    [chan 9] Max packet in: 32768 bytes
channel.py                1212 DEBUG    [chan 9] Max packet out: 32768 bytes
transport.py              1819 DEBUG    Secsh channel 9 opened.
transport.py               318 INFO     RUN ['ansible-playbook', '--ssh-extra-args="-o StrictHostKeyChecking=no"', '-vv', '-i', 'inventory/service.hosts', 'service_module.yml']
transport.py               519 DEBUG    RUN ['ansible-playbook', '--ssh-extra-args="-o StrictHostKeyChecking=no"', '-vv', '-i', 'inventory/service.hosts', 'service_module.yml']
channel.py                1212 DEBUG    [chan 9] Sesch channel 9 request ok
transport.py               563 DEBUG    -bash: line 1: cd: /root/multihost_tests: No such file or directory
transport.py               563 DEBUG    -bash: line 2: /root/multihost_tests/env.sh: No such file or directory
transport.py               563 DEBUG    ansible-playbook 2.9.11
transport.py               563 DEBUG      config file = /root/ansible.cfg
transport.py               563 DEBUG      configured module search path = ['/root/ansible-freeipa/plugins/modules', '/usr/share/ansible/plugins/modules']
transport.py               563 DEBUG      ansible python module location = /usr/lib/python3.6/site-packages/ansible
transport.py               563 DEBUG      executable location = /usr/bin/ansible-playbook
transport.py               563 DEBUG      python version = 3.6.8 (default, Jun 26 2020, 12:10:09) [GCC 8.3.1 20191121 (Red Hat 8.3.1-5)]
transport.py               563 DEBUG    Using /root/ansible.cfg as config file
transport.py               563 DEBUG    
transport.py               563 DEBUG    PLAYBOOK: service_module.yml ***************************************************
transport.py               563 DEBUG    1 plays in service_module.yml
transport.py               563 DEBUG    
transport.py               563 DEBUG    PLAY [Playbook to verify existing certificates are not absent while adding other attributes.] ***
transport.py               563 DEBUG    
transport.py               563 DEBUG    TASK [Gathering Facts] *********************************************************
transport.py               563 DEBUG    task path: /root/service_module.yml:2
transport.py               563 DEBUG    ok: [master.ipadomain.test]
transport.py               563 DEBUG    META: ran handlers
transport.py               563 DEBUG    
transport.py               563 DEBUG    TASK [Get Domain from server name] *********************************************
transport.py               563 DEBUG    task path: /root/service_module.yml:6
transport.py               563 DEBUG    ok: [master.ipadomain.test] => {"ansible_facts": {"ipaserver_domain": "ipadomain.test"}, "changed": false}
transport.py               563 DEBUG    
transport.py               563 DEBUG    TASK [Get Realm from server name] **********************************************
transport.py               563 DEBUG    task path: /root/service_module.yml:9
transport.py               563 DEBUG    ok: [master.ipadomain.test] => {"ansible_facts": {"ipaserver_realm": "IPADOMAIN.TEST"}, "changed": false}
transport.py               563 DEBUG    
transport.py               563 DEBUG    TASK [ipaservice] **************************************************************
transport.py               563 DEBUG    task path: /root/service_module.yml:13
transport.py               563 DEBUG    changed: [master.ipadomain.test] => {"changed": true}
transport.py               563 DEBUG    META: ran handlers
transport.py               563 DEBUG    META: ran handlers
transport.py               563 DEBUG    
transport.py               563 DEBUG    PLAY RECAP *********************************************************************
transport.py               563 DEBUG    master.ipadomain.test      : ok=4    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
transport.py               563 DEBUG    
channel.py                1212 DEBUG    [chan 9] EOF received (9)
channel.py                1212 DEBUG    [chan 9] EOF sent (9)
transport.py               217 DEBUG    Exit code: 0
channel.py                1212 DEBUG    [chan 42] Max packet in: 32768 bytes
channel.py                1212 DEBUG    [chan 42] Max packet out: 32768 bytes
transport.py              1819 DEBUG    Secsh channel 42 opened.
transport.py               318 INFO     RUN ['kinit', 'admin']
transport.py               519 DEBUG    RUN ['kinit', 'admin']
channel.py                1212 DEBUG    [chan 42] Sesch channel 42 request ok
transport.py               563 DEBUG    -bash: line 1: cd: /root/multihost_tests: No such file or directory
transport.py               563 DEBUG    -bash: line 2: /root/multihost_tests/env.sh: No such file or directory
transport.py               563 DEBUG    Password for admin: 
channel.py                1212 DEBUG    [chan 42] EOF received (42)
channel.py                1212 DEBUG    [chan 42] EOF sent (42)
transport.py               217 DEBUG    Exit code: 0
channel.py                1212 DEBUG    [chan 43] Max packet in: 32768 bytes
channel.py                1212 DEBUG    [chan 43] Max packet out: 32768 bytes
transport.py              1819 DEBUG    Secsh channel 43 opened.
transport.py               318 INFO     RUN ['ipa', 'service-find', '11newservice']
transport.py               519 DEBUG    RUN ['ipa', 'service-find', '11newservice']
channel.py                1212 DEBUG    [chan 43] Sesch channel 43 request ok
transport.py               563 DEBUG    -bash: line 1: cd: /root/multihost_tests: No such file or directory
transport.py               563 DEBUG    -bash: line 2: /root/multihost_tests/env.sh: No such file or directory
transport.py               563 DEBUG    -----------------
transport.py               563 DEBUG    1 service matched
transport.py               563 DEBUG    -----------------
transport.py               563 DEBUG      Principal name: 11newservice/master.ipadomain.test
transport.py               563 DEBUG      Principal alias: 11newservice/master.ipadomain.test
transport.py               563 DEBUG      Certificate: MIIC/zCCAeegAwIBAgIUMNHIbn+hhrOVew/2WbkteisV29QwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0yMDAyMDQxNDQxMDhaFw0zMDAyMDExNDQxMDhaMA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+XVVGFYpHVkcDfVnNInE1Y/pFciegdzqTjMwUWlRL4Zt3u96GhaMLRbtk+OfEkzLUAhWBOwEraELJzMLJOMvjYF3C+TiGO7dStFLikZmccuSsSIXjnzIPwBXa8KvgRVRyGLoVvGbLJvmjfMXp0nIToTx/i74KF9S++WEes9H5ErJ99CDhLKFgq0amnvsgparYXhypHaRLnikn0vQINt55YoEd1s4KrvEcD2VdZkIMPbLRu2zFvMprF3cjQQG4LT9ggfEXNIPZ1nQWAnAsu7OJEkNF+E4Mkmpcxj9aGUVt5bsq1D+Tzj3GsidSX0nSNcZ2JltXRnL/5v63g5cZyE+nAgMBAAGjUzBRMB0GA1UdDgQWBBRV0j7JYukuH/r/t9+QeNlRLXDlEDAfBgNVHSMEGDAWgBRV0j7JYukuH/r/t9+QeNlRLXDlEDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCgVy1+1kNwHs5y1Zp0WjMWGCJC6/zw7FDG4OW5r2GJiCXZYdJ0UonY9ZtoVLJPrp2/DAv1m5DtnDhBYqicuPgLzEkOS1KdTi20Otm/J4yxLLrZC5W4x0XOeSVPXOJuQWfwQ5pPvKkn6WxYUYkGwIt1OH2nSMngkbami3CbSmKZOCpgQIiSlQeDJ8oGjWFMLDymYSHoVOIXHwNoooyEiaio3693l6noobyGv49zyCVLVR1DC7i6RJ186ql0av+D4vPoiF5mX7+sKC2E8xEj9uKQ5GTWRh59VnRBVC/SiMJ/H78tJnBAvoBwXxSEvj8Z3Kjm/BQqZfv4IBsA5yqV7MVq
transport.py               563 DEBUG      Subject: CN=test
transport.py               563 DEBUG      Serial Number: 278709872803934558082230619207578591056323009492
transport.py               563 DEBUG      Serial Number (hex): 0x30D1C86E7FA186B3957B0FF659B92D7A2B15DBD4
transport.py               563 DEBUG      Issuer: CN=test
transport.py               563 DEBUG      Not Before: Tue Feb 04 14:41:08 2020 UTC
transport.py               563 DEBUG      Not After: Fri Feb 01 14:41:08 2030 UTC
transport.py               563 DEBUG      Fingerprint (SHA1): 08:15:a0:29:24:8f:a3:51:f5:43:cd:a8:a5:72:9e:bd:16:af:78:48
transport.py               563 DEBUG      Fingerprint (SHA256): 99:48:2d:42:af:3c:85:a6:9c:b7:f1:b3:c8:6c:44:5c:9a:28:d3:7b:28:fc:38:58:0b:e5:3c:41:46:6d:9f:98
transport.py               563 DEBUG      Authentication Indicators: radius
transport.py               563 DEBUG      Keytab: False
transport.py               563 DEBUG    ----------------------------
transport.py               563 DEBUG    Number of entries returned 1
transport.py               563 DEBUG    ----------------------------
channel.py                1212 DEBUG    [chan 43] EOF received (43)
channel.py                1212 DEBUG    [chan 43] EOF sent (43)
transport.py               217 DEBUG    Exit code: 0
channel.py                1212 DEBUG    [chan 44] Max packet in: 32768 bytes
channel.py                1212 DEBUG    [chan 44] Max packet out: 32768 bytes
transport.py              1819 DEBUG    Secsh channel 44 opened.
transport.py               318 INFO     RUN ['kdestroy', '-A']
transport.py               519 DEBUG    RUN ['kdestroy', '-A']
channel.py                1212 DEBUG    [chan 44] Sesch channel 44 request ok
transport.py               563 DEBUG    -bash: line 1: cd: /root/multihost_tests: No such file or directory
transport.py               563 DEBUG    -bash: line 2: /root/multihost_tests/env.sh: No such file or directory
channel.py                1212 DEBUG    [chan 44] EOF received (44)
channel.py                1212 DEBUG    [chan 44] EOF sent (44)
transport.py               217 DEBUG    Exit code: 0

Comment 11 errata-xmlrpc 2020-11-04 02:46:35 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (ansible-freeipa bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2020:4663

Note You need to log in before you can comment on or make changes to this bug.