[Freeipa-devel] [freeipa PR#517][comment] Use Custodia 0.3 features

Wed, 22 Mar 2017 04:51:14 -0700 

  URL: https://github.com/freeipa/freeipa/pull/517
Title: #517: Use Custodia 0.3 features

MartinBasti commented:
"""
Replica logs^

Master logs:

```
Mar 21 15:46:03 vm-126.abc.idm.lab.eng.brq.redhat.com systemd[1]: Stopping IPA 
Custodia Service...
Mar 21 15:46:03 vm-126.abc.idm.lab.eng.brq.redhat.com systemd[1]: Stopped IPA 
Custodia Service.
Mar 22 10:18:10 vm-126.abc.idm.lab.eng.brq.redhat.com systemd[1]: Starting IPA 
Custodia Service...
Mar 22 10:18:10 vm-126.abc.idm.lab.eng.brq.redhat.com ipa-custodia[83008]: 
2017-03-22 10:18:10 - server                           - Serving on Unix socket 
/ru
Mar 22 10:18:10 vm-126.abc.idm.lab.eng.brq.redhat.com systemd[1]: Started IPA 
Custodia Service.
Mar 22 10:41:44 vm-126.abc.idm.lab.eng.brq.redhat.com ipa-custodia[83008]: 
2017-03-22 10:41:44 - SimpleCredsAuth-[auth:simple]    - PASS: '83694' 
authenticate
Mar 22 10:41:44 vm-126.abc.idm.lab.eng.brq.redhat.com ipa-custodia[83008]: 
2017-03-22 10:41:44 - SimpleHeaderAuth-[auth:header]   - PASS: '83694' 
authenticate
Mar 22 10:41:44 vm-126.abc.idm.lab.eng.brq.redhat.com ipa-custodia[83008]: 
2017-03-22 10:41:44 - IPAKEMKeys-[authz:kemkeys]       - PASS: '83694' 
authorized f
Mar 22 10:41:44 vm-126.abc.idm.lab.eng.brq.redhat.com ipa-custodia[83008]: 
2017-03-22 10:41:44 - Secrets-[/keys]                  - DENIED: '(null)' 
requested
Mar 22 10:41:44 vm-126.abc.idm.lab.eng.brq.redhat.com ipa-custodia[83008]: 
2017-03-22 10:41:44 - server                           - code 406, message Key 
name
Mar 22 10:41:44 vm-126.abc.idm.lab.eng.brq.redhat.com ipa-custodia[83008]: 
127.0.0.1 - - [22/Mar/2017 10:41:44] "GET 
/keys/ca/caSigningCert%20cert-pki-ca?type
~
```

audit.log
```
2017-03-22 10:41:44 - SimpleCredsAuth-[auth:simple]    - PASS: '83694' 
authenticated as '48, 48'
2017-03-22 10:41:44 - SimpleHeaderAuth-[auth:header]   - PASS: '83694' 
authenticated as '(null)'
2017-03-22 10:41:44 - IPAKEMKeys-[authz:kemkeys]       - PASS: '83694' 
authorized for '/keys'
2017-03-22 10:41:44 - Secrets-[/keys]                  - DENIED: '(null)' 
requested key 'ca/caSigningCert%20cert-pki-ca'
```


"""

See the full comment at 
https://github.com/freeipa/freeipa/pull/517#issuecomment-288375592

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to