lejeczek via FreeIPA-users wrote:
> hi everyone
> 
> when I see this in replica install log:
> 
> ..
> 2018-01-11T12:46:31Z DEBUG args=/usr/bin/certutil -d
> /etc/dirsrv/slapd-PRIVATE-xx.xx.PRIVATE-CAM-AC-UK/ -L -n
> PRIVATE.xx.xx.PRIVATE.xx.xx.x IPA CA -a -f
> /etc/dirsrv/slapd-PRIVATE-xx.xx.PRIVATE-CAM-AC-UK/pwdfile.txt
> 2018-01-11T12:46:31Z DEBUG Process finished, return code=255
> 2018-01-11T12:46:31Z DEBUG stdout=
> 2018-01-11T12:46:31Z DEBUG stderr=certutil: Could not find cert:
> PRIVATE.xx.xx.PRIVATE.xx.xx.x IPA CA
> : PR_FILE_NOT_FOUND_ERROR: File not found
> ..
> 
> Is that just the log or actual surrounding quotes are missing in
> replica-install code?
> For, when I manually in bash exec this on replica candidate:
> 
> $ certutil -d /etc/dirsrv/slapd-PRIVATE-xx.xx.PRIVATE-CAM-AC-UK/ -L -n
> "PRIVATE.xx.xx.PRIVATE.xx.xx.x IPA CA" -a -f
> /etc/dirsrv/slapd-PRIVATE-xx.xx.PRIVATE-CAM-AC-UK/pwdfile.txt
> -----BEGIN CERTIFICATE-----
> MIID0DCCArigAwIBAgIBATANBgkqhkiG9w0BAQsFADBNMSswKQYDVQQKDCJQUklW
> QVRFLkNDTlIuQ0VCLlBSSVZBVEUuQ0FNLkFDLlVLMR4wHAYDVQQDDBVDZXJ0aWZp
> Y2F0ZSBBdXRob3JpdHkwHhcNMTgwMTExMTIxMjIxWhcNMzgwMTExMTIxMjIxWjBN
> ...

Arguments passed into exec don't need to be shell-escaped or quoted.

This is most likely IPA looking to see what CA certificate(s) are
already available in order to know what to add.

rob
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to