Description of problem: RHDS upgrade change Ownership of certificate files upon upgrade. After upgrading RHDS, Ownership of /etc/dirsrv/admin-serv/*.db files were changed. It caused failure to access the encryption tab in SSL console. Version-Release number of selected component (if applicable): # rpm -qa |egrep "redhat-ds|389-ds" 389-ds-console-doc-1.2.12-1.el6dsrv.noarch 389-ds-base-1.2.11.15-60.el6.x86_64 redhat-ds-admin-9.1.1-1.el6dsrv.x86_64 redhat-ds-console-doc-9.1.1-4.el6dsrv.noarch 389-ds-console-1.2.12-1.el6dsrv.noarch 389-ds-base-libs-1.2.11.15-60.el6.x86_64 redhat-ds-base-9.1.1-2.el6dsrv.x86_64 redhat-ds-console-9.1.1-4.el6dsrv.noarch redhat-ds-9.1.1-1.el6dsrv.x86_64 How reproducible: 100% Steps to Reproduce: 1. Setup RHDS with below package version. # yum install 389-ds-base-libs-1.2.11.15-50.el6_6.x86_64 389-ds-base-1.2.11.15-50.el6_6.x86_64 389-ds-console-1.2.7-1.el6.noarch redhat-ds-base-9.1.0-1.el6dsrv.x86_64 redhat-ds-admin-9.1.0-1.el6.x86_64 redhat-ds-console-9.1.0-1.el6.noarch 389-ds-console-doc-1.2.7-1.el6.noarch redhat-ds-console-doc-9.1.0-1.el6.noarch redhat-ds-9.1.0-1.el6.x86_64 2. Setup RHDS using setup-ds-admin.pl (Setup SSL on console & ns-slapd, Its not required) 3. Upgrade packages & run setup-ds-admin.pl -u # yum upgrade 389-ds-base-libs-1.2.11.15-60.el6.x86_64 389-ds-base-1.2.11.15-60.el6.x86_64 redhat-ds-base-9.1.1-2.el6dsrv.x86_64 redhat-ds-admin-9.1.1-1.el6dsrv.x86_64 389-ds-console-1.2.12-1.el6dsrv.noarch redhat-ds-console-9.1.1-4.el6dsrv.noarch 389-ds-console-doc-1.2.12-1.el6dsrv.noarch redhat-ds-console-doc-9.1.1-4.el6dsrv.noarch redhat-ds-9.1.1-1.el6dsrv.x86_64 # setup-ds-admin.pl -u Actual results: # ll /etc/dirsrv/admin-serv/*.db -rw-r--r--. 1 root root 65536 Sep 6 19:18 cert8.db -rw-r--r--. 1 root root 16384 Sep 6 19:18 key3.db -rw-r--r--. 1 root root 16384 Sep 6 19:18 secmod.db Expected results: # ll /etc/dirsrv/admin-serv/*.db -rw-------. 1 nobody root 65536 Sep 6 19:15 cert8.db -rw-------. 1 nobody root 16384 Sep 6 19:15 key3.db -rw-------. 1 nobody root 16384 Sep 6 19:15 secmod.db Additional info: Permission of /etc/dirsrv/slapd-instancename is fine.
git patch file (adminserver -- master) 0001-Ticket-48409-RHDS-upgrade-change-Ownership-of-certif.patch
Reviewed by Mark (Thank you!!)
Pushed to master: 98446b8..9f8398c master -> master commit 9f8398ce98f45f80944de3850e23aeda1a8fc32e
Metadata Update from @nhosoi: - Issue assigned to nhosoi - Issue set to the milestone: 389-admin,console 1.1.42
389-ds-base is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in 389-ds-base's github repository.
This issue has been cloned to Github and is available here: - https://github.com/389ds/389-ds-base/issues/1740
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Metadata Update from @spichugi: - Issue close_status updated to: wontfix (was: Fixed)
Log in to comment on this ticket.