ipa service-del service without a hostname fails with an internal error. Internally IPA expects a name of format service/hostname.
ipa service-del service
service/hostname
# ipa service-del service ipa: ERROR: an internal error has occurred
ipa: ERROR: invalid 'canonical_principal': Service principal is required
FreeIPA 4.7.2 and earlier
The code fails in ipaserver.plugins.service.check_required because the line host_is_master(ldap, principal.hostname) raises a ValueError.
ipaserver.plugins.service.check_required
host_is_master(ldap, principal.hostname)
... File "/usr/lib/python3.7/site-packages/ipapython/kerberos.py", line 174, in hostname "hostname is defined for host and service principals") ValueError: hostname is defined for host and service principal
Feature request https://pagure.io//freeipa/issue/7695 can be fixed the together with this fix.
Metadata Update from @cheimes: - Issue assigned to cheimes - Issue set to the milestone: FreeIPA 4.6.5
service-mod fails with an unexpected error message. IMO it should also fail with invalid 'canonical_principal': Service principal is required
invalid 'canonical_principal': Service principal is required
$ ipa service-mod service ipa: ERROR: service@IPA.EXAMPLE: service not found
Metadata Update from @cheimes: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1648265
Metadata Update from @cheimes: - Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/2640
master:
ipa-4-7:
@cheimes is this fix complete?
Login to comment on this ticket.