Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Report if a certmonger CA is missing #3693

Closed
wants to merge 1 commit into from
Closed

Report if a certmonger CA is missing #3693

wants to merge 1 commit into from

Conversation

rcritten
Copy link
Contributor

If a certmonger CA is not defined but is referenced within
a request (so was removed sometime after a request was
created) then anything that pulls all certmonger requests would
fail with the cryptic error:

"Failed to get request: bus, object_path and dbus_interface
must not be None."

This was often seen during upgrades.

Catch this specific condition and report a more specific error
so the user will have some bread crumb to know how to address
the issue.

https://pagure.io/freeipa/issue/7870

Signed-off-by: Rob Crittenden rcritten@redhat.com

@rcritten
Report if a certmonger CA is missing
27ea121 
If a certmonger CA is not defined but is referenced within
a request (so was removed sometime after a request was
created) then anything that pulls all certmonger requests would
fail with the cryptic error:

"Failed to get request: bus, object_path and dbus_interface
must not be None."

This was often seen during upgrades.

Catch this specific condition and report a more specific error
so the user will have some bread crumb to know how to address
the issue.

https://pagure.io/freeipa/issue/7870

Signed-off-by: Rob Crittenden <rcritten@redhat.com>
@rcritten rcritten added ipa-4-7 ipa-4-6 Mark for backport to ipa 4.6 ipa-4-8 Mark for backport to ipa 4.8 labels Sep 19, 2019
@flo-renaud
Copy link
Contributor

Hi @rcritten
thanks for the PR, works for me. I tested the following scenario:

  • remove the ca 'IPA' with getcert remove-ca -c IPA
  • run upgrade with ipa-server-upgrade
  • the upgrade fails as expected and print a hint at the end:
Failed to get request: certmonger CA 'IPA' is not defined
IPA server upgrade failed: Inspect /var/log/ipaupgrade.log and run command ipa-server-upgrade manually.
certmonger CA 'IPA' is not defined
The ipa-server-upgrade command failed. See /var/log/ipaupgrade.log for more information

@flo-renaud flo-renaud added the ack Pull Request approved, can be merged label Sep 20, 2019
@flo-renaud flo-renaud self-assigned this Sep 20, 2019
@rcritten rcritten added the pushed Pull Request has already been pushed label Sep 20, 2019
@rcritten
Copy link
Contributor Author

master:

  • 5b28c45 Report if a certmonger CA is missing

@rcritten rcritten closed this Sep 20, 2019
This was referenced Sep 20, 2019
Closed
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@flo-renaud flo-renaud

Labels
ack Pull Request approved, can be merged ipa-4-6 Mark for backport to ipa 4.6 ipa-4-8 Mark for backport to ipa 4.8 pushed Pull Request has already been pushed
Projects
None yet
Milestone
No milestone
2 participants
@rcritten @flo-renaud