Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 918260

Summary: Part of ipa-client-install --uninstall code is not executed when confirming the reboot
Product: Red Hat Enterprise Linux 7 Reporter: Namita Soman <nsoman>
Component: ipaAssignee: Rob Crittenden <rcritten>
Status: CLOSED CURRENTRELEASE QA Contact: IDM QE LIST <seceng-idm-qe-list>
Severity: unspecified Docs Contact:
Priority: medium    
Version: 7.0CC: ksiddiqu, mkosek, tbabej
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ipa-3.2.1-1.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-06-13 11:10:49 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Namita Soman 2013-03-05 19:09:30 UTC 
This bug is created as a clone of upstream ticket:
https://fedorahosted.org/freeipa/ticket/3462

When running ipa-client-install, parts of code logic is not executed when confirming the reboot (available only in unatteded mode).

{{{
    if not options.unattended:
        root_logger.info(
            "The original nsswitch.conf configuration has been restored.")
        root_logger.info(
            "You may need to restart services or reboot the machine.")
        if not options.on_master:
            if user_input("Do you want to reboot the machine?", False):
                try:
                    run(["/sbin/reboot"])
                except Exception, e:
                    root_logger.error(
                        "Reboot command failed to exceute: %s", str(e))
                    return CLIENT_UNINSTALL_ERROR

    rv = 0

    if fstore.has_files():
        root_logger.error('Some files have not been restored, see /var/lib/ipa-client/sysrestore/sysrestore.index')
    has_state = False
    for module in statestore.modules.keys():
            root_logger.error('Some installation state for %s has not been restored, see /var/lib/ipa/sysrestore/sysrestore.state' % module)
            has_state = True
            rv = 1

    if has_state:
        root_logger.warning('Some installation state has not been restored.\nThis may cause re-installation to fail.\nIt should be safe to remove /var/lib/ipa-client/sysrestore.state but it may\nmean your system hasn\'t be restored to its pre-installation state.')

    # Remove the IPA configuration file
    try:
        os.remove("/etc/ipa/default.conf")
    except Exception:
        pass

    root_logger.info("Client uninstall complete.")

    return rv
}}}

This causes /etc/ipa/default.conf not to be removed, which we now use as a flag of ipa-client being installed. Consenquently, re-enrolling client after ipa-client-install --uninstall is not possible unless you manually remove /etc/ipa/default.conf
Comment 1 Namita Soman 2013-03-05 19:15:16 UTC 
Please provide steps to verify
Comment 2 Tomas Babej 2013-03-06 10:43:46 UTC 
Steps to verify:

1.) install IPA client
2.) check that /etc/default.conf exists (this is sanity check only)
3.) uninstall IPA client in the attended mode and confirm the reboot
4.) verify that /etc/default.conf has been removed
Comment 3 Martin Kosek 2013-03-13 15:58:58 UTC 
Fixed upstream:
master: https://fedorahosted.org/freeipa/changeset/ade4aaef9aba7e05276dc2f436a43e0bb7d42da3
ipa-3-1: https://fedorahosted.org/freeipa/changeset/d12506c2ffaa362b2549bdf4a9538389ec15baec

As a part of the uninstall patch, a related upstream ticket 3463 was also fixed (warning is printed when default.conf cannot be removed):
https://fedorahosted.org/freeipa/ticket/3463
Comment 6 Kaleem 2014-01-10 11:40:20 UTC 
Verified. File /etc/ipa/defautl.conf does not exists on client machine after reboot.

IPA client version:
===================
[root@rhel70-client ~]# rpm -q ipa-client
ipa-client-3.3.3-10.el7.x86_64
[root@rhel70-client ~]#

(1)Installing ipa client

[root@rhel70-client ~]# ipa-client-install -U --domain=testrelm.com --realm=TESTRELM.COM -p admin -w xxxxxxxx --server=rhel70-master.testrelm.com
...
....
.....
Configured /etc/ssh/ssh_config
Configured /etc/ssh/sshd_config
Client configuration complete.
[root@rhel70-client ~]#

(2)/etc/ipa/default.conf exists after client install

[root@rhel70-client ~]# ls /etc/ipa/|grep default.conf
default.conf
[root@rhel70-client ~]# ipa-client-install --uninstall -U

(3)ipa-client un-installation in attended mode and confirming the reboot when asked.

[root@rhel70-client ~]# ipa-client-install --uninstall
Unenrolling client from IPA server
Removing Kerberos service principals from /etc/krb5.keytab
Disabling client Kerberos and LDAP configurations
Redundant SSSD configuration file /etc/sssd/sssd.conf was moved to /etc/sssd/sssd.conf.deleted
Restoring client configuration files
Client uninstall complete.
The original nsswitch.conf configuration has been restored.
You may need to restart services or reboot the machine.
Do you want to reboot the machine? [no]: yes
Write failed: Broken pipe
[ksiddiqu@ksiddiqu ~]$

(4)Logged to client machine and checked existence of /etc/ipa/defautl.conf

[ksiddiqu@ksiddiqu ~]$ ssh root.207.125
reverse mapping checking getaddrinfo for dhcp207-125.lab.eng.pnq.redhat.com [10.65.207.125] failed - POSSIBLE BREAK-IN ATTEMPT!
root.207.125's password: 
Last login: Fri Jan 10 16:45:13 2014 from vpn-233-60.phx2.redhat.com
[root@rhel70-client ~]# ls /etc/ipa/|grep default.conf
[root@rhel70-client ~]# 

/etc/ipa/defautl.conf does not exists on machine.
Comment 7 Ludek Smid 2014-06-13 11:10:49 UTC 
This request was resolved in Red Hat Enterprise Linux 7.0.

Contact your manager or support representative in case you have further questions about the request.