[Bug 1905473] [NEW] NSS DB can't be created with barbican stein
Jan Wasilewski
1905473 at bugs.launchpad.net
Tue Nov 24 21:35:55 UTC 2020
Public bug reported:
During integration barbican with dogtag, I faced an issue that NSS DB is
not possible to be created during first request. It seems that file
which has to be temporarly created for storing NSS DB password, has some
troubles during creation. A part of failing code is:
https://raw.githubusercontent.com/dogtagpki/pki/master/base/common/python/pki/crypto.py
Specific part of code responsible for fault is:
http://paste.openstack.org/show/800374/
It leads to this error in barbican api logs:
When I made a "dirty hack" which is:
- creation of /etc/barbican/temp file with chmod 777
- add such part of code to crypto.py: http://paste.openstack.org/show/800375/
This problem is solved. But for me it looks like some kind of issues
with python versions, but it's just my guess.
OS and packages details:
Distributor ID: Ubuntu
Description: Ubuntu 18.04.5 LTS
Release: 18.04
Codename: bionic
Barbican packages:
ii barbican-api 1:8.0.1-0ubuntu1~cloud0 all OpenStack Key Management Service - API Server
ii barbican-common 1:8.0.1-0ubuntu1~cloud0 all OpenStack Key Management Service - common files
ii barbican-keystone-listener 1:8.0.1-0ubuntu1~cloud0 all OpenStack Key Management Service - Keystone Listener
ii barbican-worker 1:8.0.1-0ubuntu1~cloud0 all OpenStack Key Management Service - Worker Node
ii python3-barbican 1:8.0.1-0ubuntu1~cloud0 all OpenStack Key Management Service - Python 3 files
PKI packages:
ii pki-base 10.6.0-1ubuntu2 all Certificate System - PKI Framework
ii pki-base-java 10.6.0-1ubuntu2 all Certificate System - PKI Framework -- java client support
ii pki-tools 10.6.0-1ubuntu2 amd64 Certificate System - PKI Tools
ii python3-pki-base 10.6.0-1ubuntu2 all Certificate System - PKI Framework -- python3 client support
** Affects: barbican (Ubuntu)
Importance: Undecided
Status: Confirmed
--
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to barbican in Ubuntu.
https://bugs.launchpad.net/bugs/1905473
Title:
NSS DB can't be created with barbican stein
Status in barbican package in Ubuntu:
Confirmed
Bug description:
During integration barbican with dogtag, I faced an issue that NSS DB
is not possible to be created during first request. It seems that file
which has to be temporarly created for storing NSS DB password, has
some troubles during creation. A part of failing code is:
https://raw.githubusercontent.com/dogtagpki/pki/master/base/common/python/pki/crypto.py
Specific part of code responsible for fault is:
http://paste.openstack.org/show/800374/
It leads to this error in barbican api logs:
When I made a "dirty hack" which is:
- creation of /etc/barbican/temp file with chmod 777
- add such part of code to crypto.py: http://paste.openstack.org/show/800375/
This problem is solved. But for me it looks like some kind of issues
with python versions, but it's just my guess.
OS and packages details:
Distributor ID: Ubuntu
Description: Ubuntu 18.04.5 LTS
Release: 18.04
Codename: bionic
Barbican packages:
ii barbican-api 1:8.0.1-0ubuntu1~cloud0 all OpenStack Key Management Service - API Server
ii barbican-common 1:8.0.1-0ubuntu1~cloud0 all OpenStack Key Management Service - common files
ii barbican-keystone-listener 1:8.0.1-0ubuntu1~cloud0 all OpenStack Key Management Service - Keystone Listener
ii barbican-worker 1:8.0.1-0ubuntu1~cloud0 all OpenStack Key Management Service - Worker Node
ii python3-barbican 1:8.0.1-0ubuntu1~cloud0 all OpenStack Key Management Service - Python 3 files
PKI packages:
ii pki-base 10.6.0-1ubuntu2 all Certificate System - PKI Framework
ii pki-base-java 10.6.0-1ubuntu2 all Certificate System - PKI Framework -- java client support
ii pki-tools 10.6.0-1ubuntu2 amd64 Certificate System - PKI Tools
ii python3-pki-base 10.6.0-1ubuntu2 all Certificate System - PKI Framework -- python3 client support
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/barbican/+bug/1905473/+subscriptions
More information about the Ubuntu-openstack-bugs
mailing list