Issue #4093: CA certificate renewal scripts do not log failures - freeipa

freeipa

#4093 CA certificate renewal scripts do not log failures

Closed: Fixed None Opened 10 years ago by mkosek.

When certmonger pre/post scripts fail with unexpected exception (as they did for example in #4092), they do it silently without reporting a failure to syslog. Thus, when some part of the renew/pre/post script fails, admin is not notified of it.

We should at least envelop the scripts in install/restart_scripts/ and install/certmonger/dogtag-ipa-retrieve-agent-submit into a main() function which is then called, catch the unexpected exceptions and report to syslog.

pviktori commented 10 years ago

master:

8e98690 Log unhandled exceptions in certificate renewal scripts.

mkosek commented 9 years ago

This patch completed the ticket, closing.

Metadata Update from @mkosek:
- Issue assigned to jcholast
- Issue set to the milestone: FreeIPA 4.0 Backlog

7 years ago

Metadata

Assignee

jcholast

Tags

None

Blocking

None

Depending on

None

Priority

normal

Milestone

FreeIPA 4.0 Backlog

None

affects_doc

None

source

None

knownissue

None

type

task

blockedby

None

test_case

None

component

Certificate management

blocking

None

on_review

keywords

None

test_coverage

None

reviewer

pviktori

external_tracker

None

rhbz

tester

None

changelog

None

design

None

freeipa

Source Code

#4093 CA certificate renewal scripts do not log failures Closed: Fixed None Opened 10 years ago by mkosek.

Metadata

#4093 CA certificate renewal scripts do not log failures

Closed: Fixed None Opened 10 years ago by mkosek.