Ludwig Krispenz via FreeIPA-users wrote: > > On 01/11/2018 02:36 PM, Rob Crittenden via FreeIPA-users wrote: >> lejeczek via FreeIPA-users wrote: >>> hi everyone >>> >>> when I see this in replica install log: >>> >>> .. >>> 2018-01-11T12:46:31Z DEBUG args=/usr/bin/certutil -d >>> /etc/dirsrv/slapd-PRIVATE-xx.xx.PRIVATE-CAM-AC-UK/ -L -n >>> PRIVATE.xx.xx.PRIVATE.xx.xx.x IPA CA -a -f >>> /etc/dirsrv/slapd-PRIVATE-xx.xx.PRIVATE-CAM-AC-UK/pwdfile.txt >>> 2018-01-11T12:46:31Z DEBUG Process finished, return code=255 >>> 2018-01-11T12:46:31Z DEBUG stdout= >>> 2018-01-11T12:46:31Z DEBUG stderr=certutil: Could not find cert: >>> PRIVATE.xx.xx.PRIVATE.xx.xx.x IPA CA >>> : PR_FILE_NOT_FOUND_ERROR: File not found >>> .. >>> >>> Is that just the log or actual surrounding quotes are missing in >>> replica-install code? >>> For, when I manually in bash exec this on replica candidate: >>> >>> $ certutil -d /etc/dirsrv/slapd-PRIVATE-xx.xx.PRIVATE-CAM-AC-UK/ -L -n >>> "PRIVATE.xx.xx.PRIVATE.xx.xx.x IPA CA" -a -f >>> /etc/dirsrv/slapd-PRIVATE-xx.xx.PRIVATE-CAM-AC-UK/pwdfile.txt >>> -----BEGIN CERTIFICATE----- >>> MIID0DCCArigAwIBAgIBATANBgkqhkiG9w0BAQsFADBNMSswKQYDVQQKDCJQUklW >>> QVRFLkNDTlIuQ0VCLlBSSVZBVEUuQ0FNLkFDLlVLMR4wHAYDVQQDDBVDZXJ0aWZp >>> Y2F0ZSBBdXRob3JpdHkwHhcNMTgwMTExMTIxMjIxWhcNMzgwMTExMTIxMjIxWjBN >>> ... >> Arguments passed into exec don't need to be shell-escaped or quoted. > but "PRIVATE.xx.xx.PRIVATE.xx.xx.x IPA CA" contains spaces, if you don't > quiote it how would certutil handle it ?
Because we are calling it using python subprocess and not forking out into a shell to execute it. Each argument is independent and doesn't need to be scanned by the shell to see where each arg begins and ends. rob _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org