Bug 962986 - ipa-server-install crashes if DM Password contains a % character
ipa-server-install crashes if DM Password contains a % character
Status: CLOSED DUPLICATE of bug 953488
Product: Fedora
Classification: Fedora
Component: pki-ca (Show other bugs)
18
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Orphan Owner
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-05-14 17:45 EDT by Joel
Modified: 2013-10-10 14:52 EDT (History)
9 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-10-10 14:52:01 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Joel 2013-05-14 17:45:32 EDT
Description of problem:

When running ipa-server-install and setting the DM password to contain a % character, the install crashes on step:

Done configuring directory server (dirsrv).
Configuring certificate server (pki-tomcatd): Estimated time 3 minutes 30 seconds
  [1/20]: creating certificate server user
  [2/20]: configuring certificate server instance
ipa         : CRITICAL failed to configure ca instance Command '/usr/sbin/pkispawn -s CA -f /tmp/tmpDCzrue' returned non-zero exit status 1
Configuration of CA failed

Looking in /var/log/ipaserver-install.log, one can see that it is crashing on the % character in the password:

2013-05-14T15:51:34Z DEBUG stderr=Traceback (most recent call last):
  File "/usr/sbin/pkispawn", line 419, in <module>
    main(sys.argv)
  File "/usr/sbin/pkispawn", line 319, in main
    parser.compose_pki_master_dictionary()
  File "/usr/lib/python2.7/site-packages/pki/deployment/pkiparser.py", line 454, in compose_pki_master_dictionary
    self.flatten_master_dict()
  File "/usr/lib/python2.7/site-packages/pki/deployment/pkiparser.py", line 350, in flatten_master_dict
    subsystem_dict = dict(self.pki_config.items(config.pki_subsystem))
  File "/usr/lib64/python2.7/ConfigParser.py", line 655, in items
    for option in options]
  File "/usr/lib64/python2.7/ConfigParser.py", line 691, in _interpolate
    self._interpolate_some(option, L, rawval, section, vars, 1)
  File "/usr/lib64/python2.7/ConfigParser.py", line 732, in _interpolate_some
    "'%%' must be followed by '%%' or '(', found: %r" % (rest,))
ConfigParser.InterpolationSyntaxError: '%' must be followed by '%' or '(', found: '%restofpassword'



Version-Release number of selected component (if applicable):
freeipa-server-selinux-3.1.3-5.fc18.x86_64
freeipa-python-3.1.3-5.fc18.x86_64
freeipa-server-3.1.3-5.fc18.x86_64
freeipa-server-trust-ad-3.1.3-5.fc18.x86_64
freeipa-admintools-3.1.3-5.fc18.x86_64
freeipa-client-3.1.3-5.fc18.x86_64


How reproducible:
Set DM Password to contain a % character.   

User entered strings should be better escaped.
Comment 1 Nathan Kinder 2013-10-10 14:52:01 EDT
This was recently fixed upstream in Dogtag (though it's not yet available in a build).  I'm closing this as a duplicate of the bug where this is being handled since there is more info there.

*** This bug has been marked as a duplicate of bug 953488 ***

Note You need to log in before you can comment on or make changes to this bug.