Description of problem: When run "ipactl status" as non-root user, I get the following output: [yi@works4me ~]$ ipactl status Directory Service: STOPPED Error retrieving list of services {'info': 'SASL EXTERNAL bind requires an SSL connection', 'desc': 'Inappropriate authentication'} Is IPA installed ? Failed to get list of services to probe status When I run same command as root (via sudo), I get the following: [yi@works4me ~]$ sudo ipactl status Directory Service: RUNNING KDC Service: RUNNING KPASSWD Service: RUNNING HTTP Service: RUNNING CA Service: RUNNING Personal opinion: (because I don't see a general guideline anywhere) 1. the status output for Directory server is wrong 2. error trace information shouldn't be there 3. should not ask "Is IPA installed" if there is permission problem Version-Release number of selected component (if applicable):freeipa-server-2.0-0.2011020119gitec59e61.fc14.i686 How reproducible: always Steps to Reproduce: 1. just run "ipactl status" as regular unix user
Didn't we already have this issue reported?
https://fedorahosted.org/freeipa/ticket/936
Note that /sbin/service dirsrv status returns similar results: /etc/sysconfig/dirsrv: line 50: ulimit: open files: cannot modify limit: Operation not permitted dirsrv GREYOAK-COM is stopped dirsrv PKI-IPA is stopped /etc/sysconfig/dirsrv: line 50: ulimit: open files: cannot modify limit: Operation not permitted dirsrv GREYOAK-COM is stopped dirsrv PKI-IPA is stopped We can't really do much better than the underlying services. This is not a trace, it is just an ugly log message.
master: aab27a76e2d847533aab7632c657aa88fdd86f7a
Verified version: ipa-server-2.0.0-13.20110228T1743zgit99d6e08.el6.x86_64 -sh-4.1$ ipactl status You must be root to run ipactl. -sh-4.1$ echo $? 1