freeipa

Clone
Source Code
GIT

#6755 [certs.py] - "ipa-replica-prepare" command fails when trying to unlink non-existing "tmpcert.der" file in /var/lib/ipa/
Closed: fixed 7 years ago Opened 7 years ago by mreznik.

Closed: fixed
Reopen Issue

In this test case "ipa-replica-prepare" command fails with:

[2017-03-11T05:53:26Z ipa.ipatests.test_integration.host.Host.vm-058-033.cmd25] <DEBUG>: RUN ['ipa-replica-prepare', '-p', 'Secret123', 'vm-058-047.test.local']
[2017-03-11T05:53:30Z ipa.ipatests.test_integration.host.Host.vm-058-033.cmd25] <DEBUG>: Preparing replica for vm-058-047..test.local from vm-058-033..test.local
[2017-03-11T05:53:33Z ipa.ipatests.test_integration.host.Host.vm-058-033.cmd25] <DEBUG>: Creating SSL certificate for the Directory Server
[2017-03-11T05:53:33Z ipa.ipatests.test_integration.host.Host.vm-058-033.cmd25] <DEBUG>: [Errno 2] No such file or directory: '/var/lib/ipa/ipa-qnucK1/tmpcert.der'
[2017-03-11T05:53:33Z ipa.ipatests.test_integration.host.Host.vm-058-033.cmd25] <DEBUG>: The ipa-replica-prepare command failed.
ipa: ERROR: Exit code: 1
[2017-03-11T05:53:34Z ipa.ipatests.test_integration.host.Host.vm-058-033.cmd25] <ERROR>: Exit code: 1

Tried to reproduce it and got the same error:
~~

Generating key.  This may take a few moments...


ipa.ipaserver.install.ipa_replica_prepare.ReplicaPrepare: DEBUG:   File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 172, in execute
    return_value = self.run()
  File "/usr/lib/python2.7/site-packages/ipaserver/install/ipa_replica_prepare.py", line 360, in run
    self.copy_ds_certificate()
  File "/usr/lib/python2.7/site-packages/ipaserver/install/ipa_replica_prepare.py", line 409, in copy_ds_certificate
    self.export_certdb("dscert", passwd_fname)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/ipa_replica_prepare.py", line 609, in export_certdb
    db.create_server_cert(nickname, hostname)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/certs.py", line 372, in create_server_cert
    os.unlink(self.certder_fname)

ipa.ipaserver.install.ipa_replica_prepare.ReplicaPrepare: DEBUG: The ipa-replica-prepare command failed, exception: OSError: [Errno 2] No such file or directory: '/var/lib/ipa/ipa-F9LSk8/tmpcert.der'
ipa.ipaserver.install.ipa_replica_prepare.ReplicaPrepare: ERROR: [Errno 2] No such file or directory: '/var/lib/ipa/ipa-F9LSk8/tmpcert.der'
ipa.ipaserver.install.ipa_replica_prepare.ReplicaPrepare: ERROR: The ipa-replica-prepare command failed.

The file is really missing (this is another try):

(Pdb) os.listdir('/var/lib/ipa/ipa-zisS_d/')
['tmpcertreq']

It looks like it is supposed to got there with "def issue_server_cert(self, certreq_fname, cert_fname)" but when executing the function getting this:

(Pdb) self.issue_server_cert(self.certreq_fname, self.certder_fname)
*** RuntimeError: CA Host is not set.

Let me know if any other detail is needed. Thanks!

Metadata Update from @mbasti:
- Issue priority set to: 1
- Issue tagged with: regression
7 years ago

Metadata Update from @mbasti:
- Issue set to the milestone: FreeIPA 4.5
7 years ago

Metadata Update from @stlaz:
- Issue assigned to stlaz
7 years ago

master:

  • 992e6ec Fix ipa-replica-prepare server-cert creation
  • 8980f40 Don't fail more if cert req/cert creation failed

Metadata Update from @mbasti:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)
7 years ago

Login to comment on this ticket.

Metadata

regression

None
None
critical
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.