Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1296106
Created attachment 1112088 internal_server_error.png Description of problem: When user tries to modify Kerberos Principal Expiration value with date which is previous to year 1900 causes internal server error. This is due to bug in Python 2.7 - https://bugs.python.org/issue1777412 # ipa user-mod --principal-expiration=11001212000000Z f ipa: ERROR: non-public: ValueError: year=1100 is before 1900; the datetime strftime() methods require year >= 1900 Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/ipalib/backend.py", line 129, in execute result = self.Command[_name](*args, **options) File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 443, in __call__ ret = self.run(*args, **options) File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 761, in run return self.forward(*args, **options) File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 782, in forward return self.Backend.rpcclient.forward(self.name, *args, **kw) File "/usr/lib/python2.7/site-packages/ipalib/rpc.py", line 888, in forward return self._call_command(command, params) File "/usr/lib/python2.7/site-packages/ipalib/rpc.py", line 865, in _call_command return command(*params) File "/usr/lib/python2.7/site-packages/ipalib/rpc.py", line 1016, in _call return self.__request(name, args) File "/usr/lib/python2.7/site-packages/ipalib/rpc.py", line 975, in __request payload = json_encode_binary(payload, version) File "/usr/lib/python2.7/site-packages/ipalib/rpc.py", line 284, in json_encode_binary new_dict[k] = json_encode_binary(v, version) File "/usr/lib/python2.7/site-packages/ipalib/rpc.py", line 287, in json_encode_binary new_list = [json_encode_binary(v, version) for v in val] File "/usr/lib/python2.7/site-packages/ipalib/rpc.py", line 284, in json_encode_binary new_dict[k] = json_encode_binary(v, version) File "/usr/lib/python2.7/site-packages/ipalib/rpc.py", line 297, in json_encode_binary return {'__datetime__': val.strftime(LDAP_GENERALIZED_TIME_FORMAT)} ValueError: year=1100 is before 1900; the datetime strftime() methods require year >= 1900 ipa: ERROR: an internal error has occurred On Web UI, user gets error. Please see attachment. Version-Release number of selected component (if applicable): ipa-server-4.2.0-15.el7_2.3.x86_64 How reproducible: 100% Steps to Reproduce: 1. install ipa-server and configure 2. add user in IPA server 3. try to modify Kerberos Principal expiration date using command line or web ui Actual results: User get trace back like mentioned above in stdout (cmd line) or error_log (web ui) Expected results: Either user is notified that date is before 1900 year or Change Kerberos Principal Expiration Date as per user input Additional info: We can fix this either adding constant like LDAP_STRING_TIME_FORMAT = '{0.year:4d}{0.month:02d}{0.day:02d}{0.hour:02d}{0.minute:02d}{0.second:02d}Z' and formatting datetime values like import datetime d = datetime.datetime(1900, 10, 10, 10, 10, 10) LDAP_STRING_TIME_FORMAT.format(d)
Metadata Update from @pvoborni: - Issue assigned to tbabej - Issue set to the milestone: FreeIPA 4.5 backlog
As stated in the description, the issue is related to python2. As FreeIPA upstream is removing python2 support (see ticket #7568: Deprecate Python 2), only python3 is supported and the issue does not appear any more. Hence closing as duplicate.
Metadata Update from @frenaud: - Issue close_status updated to: duplicate - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.