#7430 FreeIPA client fails to fetch vault secrets
Closed: fixed 6 years ago Opened 6 years ago by stlaz.

Ticket was cloned from Red Hat Bugzilla (product Fedora): Bug 1551830

Description of problem:
When using the IPA server in RHEL 7, Fedora 27 clients fail to fetch vault
secrets

[batkisso@dione tmp]$ ipa vault-retrieve iam-vault --shared --out secret.txt
ipa: ERROR: non-public: TypeError: write() argument must be str, not bytes
Traceback (most recent call last):
  File "/usr/lib/python3.6/site-packages/ipalib/backend.py", line 141, in
execute
    return self.Command[_name](*args, **options)
  File "/usr/lib/python3.6/site-packages/ipalib/frontend.py", line 450, in
__call__
    return self.__do_call(*args, **options)
  File "/usr/lib/python3.6/site-packages/ipalib/frontend.py", line 478, in
__do_call
    ret = self.run(*args, **options)
  File "/usr/lib/python3.6/site-packages/ipalib/frontend.py", line 1204, in run
    return self.forward(*args, **options)
  File "/usr/lib/python3.6/site-packages/ipaclient/plugins/vault.py", line
1139, in forward
    f.write(data)
TypeError: write() argument must be str, not bytes
ipa: ERROR: an internal error has occurred


Version-Release number of selected component (if applicable):
freeipa-client-4.6.3-2.fc27.x86_64
freeipa-client-common-4.6.3-2.fc27.noarch
freeipa-common-4.6.3-2.fc27.noarch

server:
ipa-server-4.5.0-22.el7_4.x86_64
ipa-server-dns-4.5.0-22.el7_4.noarch
ipa-common-4.5.0-22.el7_4.noarch
ipa-client-common-4.5.0-22.el7_4.noarch
ipa-client-4.5.0-22.el7_4.x86_64
ipa-server-common-4.5.0-22.el7_4.noarch


This works fine on a RHEL 7.4 client:
[batkisso@aeon tmp]$ ipa vault-retrieve iam-vault --shared --out secret.txt
-------------------------------------
Retrieved data from vault "iam-vault"
-------------------------------------
[batkisso@aeon tmp]$ rpm -qa | egrep '^ipa'
ipa-common-4.5.0-22.el7_4.noarch
ipa-client-common-4.5.0-22.el7_4.noarch
ipa-client-4.5.0-22.el7_4.x86_64

Metadata Update from @stlaz:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1551830

6 years ago

Metadata Update from @stlaz:
- Issue assigned to stlaz

6 years ago

master:

  • c9c41d2 vault: fix vault-retrieve to a file

ipa-4-6:

  • a147233 vault: fix vault-retrieve to a file

Metadata Update from @tdudlak:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)

6 years ago

Login to comment on this ticket.

Metadata