[Freeipa-devel] [freeipa PR#517][comment] Use Custodia 0.3 features
MartinBasti
freeipa-github-notification at redhat.com
Wed Mar 22 11:50:33 UTC 2017
URL: https://github.com/freeipa/freeipa/pull/517
Title: #517: Use Custodia 0.3 features
MartinBasti commented:
"""
Replica logs^
Master logs:
```
Mar 21 15:46:03 vm-126.abc.idm.lab.eng.brq.redhat.com systemd[1]: Stopping IPA Custodia Service...
Mar 21 15:46:03 vm-126.abc.idm.lab.eng.brq.redhat.com systemd[1]: Stopped IPA Custodia Service.
Mar 22 10:18:10 vm-126.abc.idm.lab.eng.brq.redhat.com systemd[1]: Starting IPA Custodia Service...
Mar 22 10:18:10 vm-126.abc.idm.lab.eng.brq.redhat.com ipa-custodia[83008]: 2017-03-22 10:18:10 - server - Serving on Unix socket /ru
Mar 22 10:18:10 vm-126.abc.idm.lab.eng.brq.redhat.com systemd[1]: Started IPA Custodia Service.
Mar 22 10:41:44 vm-126.abc.idm.lab.eng.brq.redhat.com ipa-custodia[83008]: 2017-03-22 10:41:44 - SimpleCredsAuth-[auth:simple] - PASS: '83694' authenticate
Mar 22 10:41:44 vm-126.abc.idm.lab.eng.brq.redhat.com ipa-custodia[83008]: 2017-03-22 10:41:44 - SimpleHeaderAuth-[auth:header] - PASS: '83694' authenticate
Mar 22 10:41:44 vm-126.abc.idm.lab.eng.brq.redhat.com ipa-custodia[83008]: 2017-03-22 10:41:44 - IPAKEMKeys-[authz:kemkeys] - PASS: '83694' authorized f
Mar 22 10:41:44 vm-126.abc.idm.lab.eng.brq.redhat.com ipa-custodia[83008]: 2017-03-22 10:41:44 - Secrets-[/keys] - DENIED: '(null)' requested
Mar 22 10:41:44 vm-126.abc.idm.lab.eng.brq.redhat.com ipa-custodia[83008]: 2017-03-22 10:41:44 - server - code 406, message Key name
Mar 22 10:41:44 vm-126.abc.idm.lab.eng.brq.redhat.com ipa-custodia[83008]: 127.0.0.1 - - [22/Mar/2017 10:41:44] "GET /keys/ca/caSigningCert%20cert-pki-ca?type
~
```
audit.log
```
2017-03-22 10:41:44 - SimpleCredsAuth-[auth:simple] - PASS: '83694' authenticated as '48, 48'
2017-03-22 10:41:44 - SimpleHeaderAuth-[auth:header] - PASS: '83694' authenticated as '(null)'
2017-03-22 10:41:44 - IPAKEMKeys-[authz:kemkeys] - PASS: '83694' authorized for '/keys'
2017-03-22 10:41:44 - Secrets-[/keys] - DENIED: '(null)' requested key 'ca/caSigningCert%20cert-pki-ca'
```
"""
See the full comment at https://github.com/freeipa/freeipa/pull/517#issuecomment-288375592
More information about the Freeipa-devel
mailing list