When certmonger pre/post scripts fail with unexpected exception (as they did for example in #4092), they do it silently without reporting a failure to syslog. Thus, when some part of the renew/pre/post script fails, admin is not notified of it.
We should at least envelop the scripts in install/restart_scripts/ and install/certmonger/dogtag-ipa-retrieve-agent-submit into a main() function which is then called, catch the unexpected exceptions and report to syslog.
install/restart_scripts/
install/certmonger/dogtag-ipa-retrieve-agent-submit
main()
syslog
master:
This patch completed the ticket, closing.
Metadata Update from @mkosek: - Issue assigned to jcholast - Issue set to the milestone: FreeIPA 4.0 Backlog
Login to comment on this ticket.