#5455 both ipa-ca-install and ipa-kra-install accept replica file with domain level 1
Closed: Fixed None Opened 5 years ago by ofayans.

ipa-ca-install and ipa-kra-install should throw an error when called with replica file as one of the arguments under domain level 1
In reality both commands get successfully executed.
Steps to reproduce:
1. Setup master with domain level 0
2. Prepare and install a replica without '--setup-ca'
3. Raise domain level to 1
4. run ipa-ca-install on replica with replica file provided as the last positional argument
5. run ipa-kra-install on master
6. run ipa-kra-install on replica with replica file provided as the last positional argument


I can reproduce ipa-ca-install.

I cannot reproduce ipa-kra-install (it always refuse to install with replica file).

I still observe ipa-kra-install accepting replica file.
Steps to reproduce:
1. Install master with domain level0
2. Install kra on master
3. Prepare a replica file and install a replica from it
4. Raise domain level on master to 1
5. run

ipa-kra-install -U -p <dirman_password> <path_to_replica_file>

Expected result:
The command fails

Actual result:
Command passes

I am using the packages built yesterday from the latest upstream branch.

Reason might be that patch for this ticket is still on review.

I haven't been able to reproduce it, so my patch does not fix it, I'm trying to reproduce it again now.

I can reproduce it now, I have to investigate why with this particular setup it works

master:

  • fa2fbc6 ipa-ca-install: error when replica file is passed with domain level > 0
  • dcaf572 KRA install: show installation message only if install really started
  • ab8cba6 ipa-kra-install: error when replica file is passed with domain level > 0

Metadata Update from @ofayans:
- Issue assigned to mbasti
- Issue set to the milestone: FreeIPA 4.3

4 years ago

Login to comment on this ticket.

Metadata