Bump version to 220.127.116.11
Bump version to 18.104.22.168
Bump version to 22.214.171.124
This update has been submitted for testing by mreynolds.
This update has obsoleted 389-ds-base-126.96.36.199-1.fc27, and has inherited its bugs and notes.
This update has been pushed to testing.
This seems to cause failures in the openQA tests:
Basically it seems like user logins are failing - the 'freeipa_password_change' test module fails when trying to log into the web UI as test3, and the 'freeipa_client' test module fails when trying to log into a console as test1. Those are both user accounts created on the server after initial server deployment. It's noticeable that another test module which logs into the web UI as the admin user succeeds - that login worked.
Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.
Any details as to why 389-ds-base is causing this FreeIPA WebUI problem? There have not been any changes to how passwords are changed in 389-ds-base in a very long time, and FreeIPA uses its own custom password policy plugin.
It's not a web ui problem. Note I said it also causes console login as a user to fail. It's an authentication problem, somehow. I don't have any details yet because I was at a conference and it's a bit awkward to debug, there's nothing super obvious in the logs. But the tests reliably fail with this update and pass without it, and it looks like similar failures have happened on rawhide/29 recently when the tests have actually made it this far. I'll file a bug with logs attached once I've looked into it a bit more.
Here's some circumstantial evidence, btw: the problematic update is 188.8.131.52. The equivalent release on the 1.4 branch, I think, is 184.108.40.206, those two came out at the same time. 220.127.116.11 was sent to F27 as an update candidate (this update), and 18.104.22.168 was sent to Rawhide at the time and so will be in both Rawhide and F29, but no update was sent to F28 - an F28 build was done in Koji, but no update was submitted.
This exactly matches up with what we're seeing - the bug seems to be happening in F29 and Rawhide, is happening in tests of this update (22.214.171.124) but not other F27 tests run without this update (which will be using 126.96.36.199, I think), and is not happening in any F28 tests (which will be using 188.8.131.52).
I'm gonna maybe run tests with various of the 1.3.8.* builds to try and pin down exactly when this problem appeared. From the existing openQA results it seems to have happened at least in 184.108.40.206 already; the 220.127.116.11 results are useless because server deployment failed...
The issue that IPA ran into was around unhashed passwords. It was added in 18.104.22.168, but removed in 22.214.171.124. So I'm surprised to see the same problem in 126.96.36.199. I have to assume it's "something else" that is causing the failure.
It really can't be, because the updates tests are pretty focused. They install a stable base image, then set up a repo containing only the packages from the update to be tested, then run an update, then reboot, then run the test.
So, when the tests run on this update, they have a stable base F27, plus the updated 389-ds-base package...and they fail. When the tests run on any other F27 update, they have the stable base F27, plus whatever packages were in that update...and the FreeIPA tests usually pass, for other updates. Look, here are the tests for a recent F27 kernel update - so that test will have run with the same base image, plus the updated kernel. Note the FreeIPA tests passed just fine.
Note, it seems the bug actually appeared at least as early as 188.8.131.52 - it didn't appear in 184.108.40.206. I just re-scheduled the tests for 220.127.116.11 last night, and here they are - failure in two client tests, as we've seen before, it fails on login, both to web UI and to a console. I can't tell if this bug existed in 18.104.22.168, though, as FreeIPA server deployment fails in 22.214.171.124. So the delta we know so far is: it works with 126.96.36.199 and fails with 188.8.131.52 and 184.108.40.206. It also seems that it worked with 220.127.116.11 but fails with 18.104.22.168 - I'm not sure about 22.214.171.124 yet.
This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes
Sorry I didn't file a bug yet, btw, life keeps getting in the way :( I'll get to it tomorrow for sure...
I understand :-) Thanks!
This update has been obsoleted by 389-ds-base-126.96.36.199-1.fc27.
Please login to add feedback.
Confirm request to re-trigger tests.
Copyright © 2007-2019 Red Hat, Inc. and
bodhi is Free Software.
if you have any problems. Read the documentation.