URL: https://github.com/freeipa/freeipa/pull/2553 Author: fcami Title: #2553: dogtag.py: raise exception if select_any_master() fails Action: opened
PR body: """ Standard users cannot determine services like KRA. Using ldapsearch with (ipaConfigString=enabledService) always fails. Catch that. Note that this is not the definitive fix for https://pagure.io/freeipa/issue/7691 (yet) """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/2553/head:pr2553 git checkout pr2553
From a63dc42dca379db884bd3a74bb62a5d10cdc5fd1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Cami?= <[email protected]> Date: Mon, 12 Nov 2018 18:05:28 +0100 Subject: [PATCH] dogtag.py: raise exception if select_any_master() fails MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Standard users cannot determine services like KRA. Using ldapsearch with (ipaConfigString=enabledService) always fails. Catch that. Fixes: https://pagure.io/freeipa/issue/7691 Signed-off-by: François Cami <[email protected]> --- ipaserver/plugins/dogtag.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ipaserver/plugins/dogtag.py b/ipaserver/plugins/dogtag.py index 9083f7e088..1e775d9e46 100644 --- a/ipaserver/plugins/dogtag.py +++ b/ipaserver/plugins/dogtag.py @@ -1194,7 +1194,8 @@ def select_any_master(ldap2, service='CA'): entry = random.choice(ent) return entry.dn[1].value except Exception: - pass + raise errors.RemoteRetrieveError( + reason=_('Unable to determine master for {0}'.format(service))) return None #-------------------------------------------------------------------------------
_______________________________________________ FreeIPA-devel mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
