Bug 253720 - "trust" box shouldn't be an option if it is required
"trust" box shouldn't be an option if it is required
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: conga (Show other bugs)
5.1
All Linux
low Severity low
: ---
: ---
Assigned To: Ryan McCabe
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-08-21 10:10 EDT by Corey Marthaler
Modified: 2009-04-16 18:59 EDT (History)
2 users (show)

See Also:
Fixed In Version: RHBA-2008-0407
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-05-21 11:46:54 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Corey Marthaler 2007-08-21 10:10:02 EDT
Description of problem:
Everytime I add an existing cluster to the luci homebase, if I don't select the
box to "trust" that machine, I see errors about not trusting it and the add
attempt fails. If it's required that you "trust" a machine, then when is it an
option? Seems pointless, what is it that I'm missing?

    * You must either trust "taft-04.lab.msp.redhat.com" or remove it.
    * You must either trust "taft-03.lab.msp.redhat.com" or remove it.
    * You must either trust "taft-02.lab.msp.redhat.com" or remove it.
    * Unable to connect to the ricci agent on taft-02.lab.msp.redhat.com: Unable
to establish an SSL connection to taft-02.lab.msp.redhat.com:11111: ricci's
certificate is not trusted
    * Unable to connect to the ricci agent on taft-04.lab.msp.redhat.com: Unable
to establish an SSL connection to taft-04.lab.msp.redhat.com:11111: ricci's
certificate is not trusted
    * Unable to connect to the ricci agent on taft-03.lab.msp.redhat.com: Unable
to establish an SSL connection to taft-03.lab.msp.redhat.com:11111: ricci's
certificate is not trusted


Version-Release number of selected component (if applicable):
luci-0.10.0-5.el5
ricci-0.10.0-5.el5
modcluster-0.10.0-5.el5

How reproducible:
everytime
Comment 1 Ryan McCabe 2007-08-21 13:23:09 EDT
The reason the trust check box is there is to give users a chance to verify that
the ricci certificate fingerprints mesh with what is expected so that two-way
trust can be established between the ricci and luci server. Most of the time,
users won't care.

What I'd like to do with this is have a 'check all' widget that users can click
to check all the trust boxes, and if the user hasn't asked to see the
certificate fingerprints before proceeding, don't show the  trust boxes at all.

Does that seem sensible to you?
Comment 2 Corey Marthaler 2007-08-21 14:13:25 EDT
I definately agree that most of the time (if not all of the time), the user will
not care about the certificates. 

It does sound sensible that there be no trust boxes at all unless the user
checks to view the certificate fingerprints.
Comment 3 RHEL Product and Program Management 2007-10-15 23:45:56 EDT
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.
Comment 5 Brian Brock 2008-05-14 21:06:08 EDT
new behavior and features/bugfix work as described, changing state to verified.
Comment 7 errata-xmlrpc 2008-05-21 11:46:54 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2008-0407.html

Note You need to log in before you can comment on or make changes to this bug.