820013 – [RFE] Provide means of displaying warning and informational messages on clients

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 820013 - [RFE] Provide means of displaying warning and informational messages on clients

Summary: [RFE] Provide means of displaying warning and informational messages on clients

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	ipa
Sub Component:
Version:	7.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	unspecified
Target Milestone:	rc
Target Release:	---
Assignee:	Martin Kosek
QA Contact:	IDM QE LIST
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	828864 (view as bug list)
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2012-05-08 21:49 UTC by Rob Crittenden
Modified:	2014-06-18 00:02 UTC (History)
CC List:	5 users (show)
Fixed In Version:	ipa-3.2.1-1.el7
Doc Type:	Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed:	2014-06-13 09:23:24 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Rob Crittenden 2012-05-08 21:49:01 UTC

This bug is created as a clone of upstream ticket:
https://fedorahosted.org/freeipa/ticket/2732

Currently the only way to display a warning on client is to raise !NonFatalError. This is not particularly good, as it mutes normal command output and only one warning can be displayed at a time.

Provide a mechanism for displaying arbitrary number of warnings and other messages on clients along with the normal command output. One possible solution is outlined [https://fedorahosted.org/freeipa/ticket/2346#comment:8 here].

This might be useful for a number of things, e.g. #2131 (see [http://www.redhat.com/archives/freeipa-devel/2012-March/msg00477.html freeipa-devel]), #2346, #2293 (see [http://www.redhat.com/archives/freeipa-devel/2012-April/msg00361.html freeipa-devel]).

Make sure this works with older clients (see #1721).

Comment 2 Martin Kosek 2013-02-27 11:29:41 UTC

CLI part fixed upstream:

master:
42300eb55b1d122f9e946f37e2adc218af913a3d Rename the "messages" Output of the i18n_messages command to "texts"
24bca144a8049cea8683afd699d2e0e158b5f164 Add client capabilities, enable messages
8af5369cba1ff0e6d8baae90f3d93b40e91e85d6 Add ipalib.messages
7336a176b43989b9d459a2536af88f89e849213f Add the version option to all Commands

ipa-3-1:
9ebcfb2f0975d28bfcf89a5ba1cba1e5fff3f702 Rename the "messages" Output of the i18n_messages command to "texts"
81c53c3d3225e4268453edea5bc28f5a473732c6 Add client capabilities, enable messages
941b88e19ea1e4b96544d684d0d642ff1ab74b01 Add ipalib.messages
43ca450ccbdf5eada7729dd0e6c5664e00001798 Add the version option to all Commands


Web UI part will be handled other ticket:
https://fedorahosted.org/freeipa/ticket/3451
However, we may want to postpone the Web UI part of there is user-visible message in RHEL-7.0 release.

Comment 3 Martin Kosek 2013-02-27 14:08:59 UTC

*** Bug 828864 has been marked as a duplicate of this bug. ***

Comment 4 Martin Kosek 2013-06-26 11:29:15 UTC

Web UI part was moved to later release and won't appear in RHEL-7.0.


Removing sub-ticket https://fedorahosted.org/freeipa/ticket/3451 from this Bugzilla and moving it to POST.

Comment 7 Martin Kosek 2014-01-14 07:51:36 UTC

Reproduction scenario:

Note that this initial implementation only adds the support and the framework for the informational messages. The only real implemented message is VersionWarning which warns if an API version is not passed along with with the RPC request.

As CLI tools always send the version by default, it can be only triggered when running RPC command manually, for example via curl:

# kinit admin
# curl -H referer:https://`hostname`/ipa -H "Content-Type:application/json" -H "Accept:applicaton/json" --negotiate -u : --cacert /etc/ipa/ca.crt -d  '{"method":"user_show","params":[["admin"], {}],"id":0}' -X POST https://`hostname`/ipa/json
{
    "error": null, 
    "id": 0, 
    "principal": "admin", 
    "result": {
        "messages": [
            {
                "code": 13001, 
                "message": "API Version number was not sent, forward compatibility not guaranteed. Assuming server's API version, 2.65", 
                "name": "VersionMissing", 
                "type": "warning"
            }
        ], 
        "result": {
            "dn": "uid=admin,cn=users,cn=accounts,dc=example,dc=com", 
            "gidnumber": [
                "1644600000"
...


When the version is added:

# curl -H referer:https://`hostname`/ipa -H "Content-Type:application/json" -H "Accept:aplicaton/json" --negotiate -u : --cacert /etc/ipa/ca.crt -d  '{"method":"user_show","params":[["admin"], {"version":"2.65"}],"id":0}' -X POST https://`hostname`/ipa/json
{
    "error": null, 
    "id": 0, 
    "principal": "admin", 
    "result": {
        "result": {
            "dn": "uid=admin,cn=users,cn=accounts,dc=example,dc=com", 
            "gidnumber": [
                "1644600000"
            ],

Comment 8 Namita Soman 2014-01-21 18:50:18 UTC

Verified using ipa-server-3.3.3-12.el7.x86_64

Automated test result:
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: forms-cli-14: bz820013 - Provide means of displaying warning and informational messages on clients
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [ 13:48:45 ] ::  Executing: curl -v -H referer:https://nocp9.testrelm.com/ipa -H Content-Type:application/json -H Accept:applicaton/json --negotiate -u : --cacert /etc/ipa/ca.crt -d '{method:user_show,params:[[admin], {}],id:0}' -X POST https://nocp9.testrelm.com/ipa/json &> /opt/rhqa_ipa/forms-bz820013-out1.txt 
:: [   PASS   ] :: File '/opt/rhqa_ipa/forms-bz820013-out1.txt' should contain 'API Version number was not sent, forward compatibility not guaranteed. Assuming server's API version, 2.65' 
:: [ 13:48:45 ] ::  Executing: curl -v -H referer:https://nocp9.testrelm.com/ipa -H Content-Type:application/json -H Accept:applicaton/json --negotiate -u : --cacert /etc/ipa/ca.crt -d '{method:user_show,params:[[admin], {version:2.65}],id:0}' -X POST https://nocp9.testrelm.com/ipa/json &> /opt/rhqa_ipa/forms-bz820013-out2.txt 
:: [   PASS   ] :: File '/opt/rhqa_ipa/forms-bz820013-out2.txt' should not contain 'API Version number was not sent, forward compatibility not guaranteed. Assuming server's API version, 2.65'

Comment 9 Jenny Severance 2014-03-04 16:45:40 UTC

Appears to be a regression with ipa-server-3.3.3-19.el7.x86_64 - getting "internal server error"


::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: forms-cli-14: bz820013 - Provide means of displaying warning and informational messages on clients
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [ 11:43:14 ] ::  Executing: curl -v -H referer:https://ipaqavmb.testrelm.test/ipa -H Content-Type:application/json -H Accept:applicaton/json --negotiate -u : --cacert /etc/ipa/ca.crt -d '{method:user_show,params:[[admin], {}],id:0}' -X POST https://ipaqavmb.testrelm.test/ipa/json &> /opt/rhqa_ipa/forms-bz820013-out1.txt 
:: [   FAIL   ] :: File '/opt/rhqa_ipa/forms-bz820013-out1.txt' should contain 'API Version number was not sent, forward compatibility not guaranteed. Assuming server's API version, 2.65' 
:: [ 11:43:15 ] ::  Executing: curl -v -H referer:https://ipaqavmb.testrelm.test/ipa -H Content-Type:application/json -H Accept:applicaton/json --negotiate -u : --cacert /etc/ipa/ca.crt -d '{method:user_show,params:[[admin], {version:2.65}],id:0}' -X POST https://ipaqavmb.testrelm.test/ipa/json &> /opt/rhqa_ipa/forms-bz820013-out2.txt 
:: [   PASS   ] :: File '/opt/rhqa_ipa/forms-bz820013-out2.txt' should not contain 'API Version number was not sent, forward compatibility not guaranteed. Assuming server's API version, 2.65' 


Actual output ...

# cat /opt/rhqa_ipa/forms-bz820013-out2.txt
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0* About to connect() to ipaqavmb.testrelm.test port 443 (#0)
*   Trying 10.16.98.179...
* Connected to ipaqavmb.testrelm.test (10.16.98.179) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*   CAfile: /etc/ipa/ca.crt
  CApath: none
* SSL connection using TLS_RSA_WITH_AES_128_CBC_SHA
* Server certificate:
* 	subject: CN=ipaqavmb.testrelm.test,O=TESTRELM.TEST
* 	start date: Feb 28 16:50:26 2014 GMT
* 	expire date: Feb 29 16:50:26 2016 GMT
* 	common name: ipaqavmb.testrelm.test
* 	issuer: CN=Certificate Authority,O=TESTRELM.TEST
> POST /ipa/json HTTP/1.1
> User-Agent: curl/7.29.0
> Host: ipaqavmb.testrelm.test
> referer:https://ipaqavmb.testrelm.test/ipa
> Content-Type:application/json
> Accept:applicaton/json
> Content-Length: 70
> 
} [data not shown]
* upload completely sent off: 70 out of 70 bytes
< HTTP/1.1 401 Unauthorized
< Date: Tue, 04 Mar 2014 16:43:15 GMT
< Server: Apache/2.4.6 (Red Hat) mod_auth_kerb/5.4 mod_nss/2.4.6 NSS/3.15.4 Basic ECC mod_wsgi/3.4 Python/2.7.5
< WWW-Authenticate: Negotiate
< Last-Modified: Wed, 26 Feb 2014 07:35:54 GMT
< Accept-Ranges: bytes
< Content-Length: 1376
< Content-Type: text/html; charset=UTF-8
< 
* Ignoring the response-body
{ [data not shown]
100  1446  100  1376  100    70   4678    238 --:--:-- --:--:-- --:--:--  4696
* Connection #0 to host ipaqavmb.testrelm.test left intact
* Issue another request to this URL: 'https://ipaqavmb.testrelm.test/ipa/json'
* Found bundle for host ipaqavmb.testrelm.test: 0x169c4c0
* Re-using existing connection! (#0) with host ipaqavmb.testrelm.test
* Connected to ipaqavmb.testrelm.test (10.16.98.179) port 443 (#0)
* Server auth using GSS-Negotiate with user ''
> POST /ipa/json HTTP/1.1
> Authorization: Negotiate YIICYgYJKoZIhvcSAQICAQBuggJRMIICTaADAgEFoQMCAQ6iBwMFACAAAACjggFjYYIBXzCCAVugAwIBBaEPGw1URVNUUkVMTS5URVNUoikwJ6ADAgEBoSAwHhsESFRUUBsWaXBhcWF2bWIudGVzdHJlbG0udGVzdKOCARYwggESoAMCARKhAwIBAqKCAQQEggEAbCp8sZQzxbkVtmMysxZarVyRnQRiGotnZ+1sE5QON7WYCfyb4fmikGBIQ6J4e0pJpivweF3KGfKjlqhKXs/pUpRIeReLOyVUSYa7kGrQtKC/ViGKODMqHf3SaluRUPkQq14/kTbpzhCaT6zSb6khTQ0+zOhSyL1m1Ncg3PXvcTccZUya4IsyiF0sUcHlPLQEeUaaYBv7F566pV92SAc0cuQ/kqsCu3oQccsVYQLpQr7lais7u0YCkg47xvLLef9kDeMZ3Jd8RKxO2lRseiKEfKEm6/wTY4D5UpZzHqL3lRnf44tI2ZC6GhEjsNniNuaf8jCjr+iwT16IouJCcHF6hKSB0DCBzaADAgESooHFBIHCvN6mBPUmsHnGC3YB3qF2n7zjGhPlPSbqANqDSuQhiqdpvD69AHUi8/5V3OyoMkiOZK/oiro/uzBCM9Y1g/WEimr5zZW577AYctSC/efEUzbKz+YO7gtWSdsgtTyHV63ZUVDL2c/ak/B0WZjG4ykNBQs9fr/I7P4HM0i/V1EZS6meC5SiGF6WxlUCGBWzbmyXEaIri63GGcOqXx7HyuVDQfMsrKBT6KqGOweSQ7HqkZy2saGP/vV1mG4f3zoXmHCk6H0=
> User-Agent: curl/7.29.0
> Host: ipaqavmb.testrelm.test
> referer:https://ipaqavmb.testrelm.test/ipa
> Content-Type:application/json
> Accept:applicaton/json
> Content-Length: 70
> 
} [data not shown]
* upload completely sent off: 70 out of 70 bytes
< HTTP/1.1 500 Internal Server Error
< Date: Tue, 04 Mar 2014 16:43:15 GMT
< Server: Apache/2.4.6 (Red Hat) mod_auth_kerb/5.4 mod_nss/2.4.6 NSS/3.15.4 Basic ECC mod_wsgi/3.4 Python/2.7.5
< Content-Length: 527
< Connection: close
< Content-Type: text/html; charset=iso-8859-1
< 
{ [data not shown]
100   597  100   527  100    70   1552    206 --:--:-- --:--:-- --:--:--  1552
* Closing connection 0
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
misconfiguration and was unable to complete
your request.</p>
<p>Please contact the server administrator at 
 root@localhost to inform them of the time this error occurred,
 and the actions you performed just before this error.</p>
<p>More information about this error may be available
in the server error log.</p>
</body></html>

Comment 11 Jenny Severance 2014-03-04 18:04:05 UTC

moving back to verified, this was also failing because of cleaning out /tmp/* and removing the systemd-private ... cache in /tmp

Comment 13 Ludek Smid 2014-06-13 09:23:24 UTC

This request was resolved in Red Hat Enterprise Linux 7.0.

Contact your manager or support representative in case you have further questions about the request.

Note You need to log in before you can comment on or make changes to this bug.