Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug2228209-pkidbuser-wrong-o-in-pkispawn #4522

Merged
merged 1 commit into from
Aug 1, 2023
Merged

Bug2228209-pkidbuser-wrong-o-in-pkispawn #4522

merged 1 commit into from
Aug 1, 2023

Conversation

ladycfu
Copy link
Contributor

@ladycfu ladycfu commented Aug 1, 2023

Ths patch addresses the issue where by default non-CA instances are created with hardcoded ending "-CA":
pki_share_dbuser_dn=uid=pkidbuser,ou=people,o=%(pki_instance_name)s-CA and
pki_ds_base_dn=o=%(pki_instance_name)s-

where subsystem type is TKS, OCSP, TKS, or KRA,
which effictive makes the 'o' component of pki_share_dbuser_dn not matching with that of the pki_ds_base_dn.

fixes https://bugzilla.redhat.com/show_bug.cgi?id=2228209

@ladycfu
Bug2228209-pkidbuser-wrong-o-in-pkispawn
5f18fa6 
Ths patch addresses the issue where by default non-CA instances are
created with hardcoded ending "-CA":
pki_share_dbuser_dn=uid=pkidbuser,ou=people,o=%(pki_instance_name)s-CA
and
pki_ds_base_dn=o=%(pki_instance_name)s-<subsystem type>

where subsystem type is TKS, OCSP, TKS, or KRA,
which effictive makes the 'o' component of pki_share_dbuser_dn
not matching with that of the pki_ds_base_dn.

fixes https://bugzilla.redhat.com/show_bug.cgi?id=2228209
@ladycfu ladycfu requested a review from edewata August 1, 2023 21:05
edewata
edewata approved these changes Aug 1, 2023
View reviewed changes
Copy link
Contributor

@edewata edewata left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

There's a TPS test failure but that test has not been very reliable so I think we can ignore that. In IPA these params are specified explicitly so it should be safe to change the defaults.

@ladycfu ladycfu merged commit e055ae8 into dogtagpki:v10.13 Aug 1, 2023
56 of 57 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@edewata edewata edewata approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ladycfu @edewata