Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-69635

All user groups are not being included during HSM token validation

XMLWordPrintable

    • ipa-4.12.2-9.el10
    • No
    • Important
    • 4
    • rhel-sst-idm-ipa
    • ssg_idm
    • 17
    • 21
    • 3
    • QE ack, Dev ack
    • False
    • Hide

      None

      Show
      None
    • No
    • 2024-Q4-Bravo-S5, 2024-Q4-Bravo-S6, 2024-Q4-Bravo-S7, 2025-Q1-Bravo-S1
    • Unspecified Release Note Type - Unknown
    • None

      What were you trying to do that didn't work?

      During ipa-server-install validation is done to ensure that the token is visible and that the token PIN works. This is to catch errors early.

      This test is done as pkiuser:pkiuser

      The problem is if pkiuser is a member of other groups that are necessary to access the HSM then this validation will fail (but installation would be ok).

      What is the impact of this issue to you?

      It causes server and/or replica installation failure

              rhn-engineering-rcrit Rob Crittenden
              rhn-engineering-rcrit Rob Crittenden
              Florence Renaud Florence Renaud
              Rizwan Shaikh Rizwan Shaikh
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated: