Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1361274 - gnome-session errors in /var/log/messages after fresh install [NEEDINFO]
Summary: gnome-session errors in /var/log/messages after fresh install
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: dnssec-trigger
Version: 7.2
Hardware: x86_64
OS: Linux
high
medium
Target Milestone: rc
: ---
Assignee: Tomáš Hozza 🤓
QA Contact: qe-baseos-daemons
URL:
Whiteboard:
Depends On:
Blocks: 1380362 1393869
TreeView+ depends on / blocked
 
Reported: 2016-07-28 16:26 UTC by jigar
Modified: 2017-02-17 16:17 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-02-17 16:17:09 UTC
Target Upstream Version:
thozza: needinfo? (jraising)


Attachments (Terms of Use)

Description jigar 2016-07-28 16:26:23 UTC
Description of problem: Following errors were seen in /var/log/messages after fresh install of RHEL-7.2 :

quanta gnome-session: Apr 11 15:18:17 dnssec-trigger-panel[14265] fatal error: cannot setup ssl context: Error setting up SSL_CTX client key and cert error:02001002:system library:fopen:No such file or directory

Version-Release number of selected component (if applicable): dnssec-trigger-0.11-21.el7

How reproducible: Sometimes

Steps to Reproduce:
1. Install RHEL-7.2
2. Check /var/log/messages

Actual results: Errors seen in /var/log/messages after fresh install

Expected results: Errors shouldn't be logged in /var/log/messages after fresh install

Comment 2 Tomáš Hozza 🤓 2016-07-29 11:54:51 UTC
Was the dnssec-trigger installed explicitly? The problem here is that the SSL certificates used by the panel to communicate with the daemon are created when the daemon is started for the first time. I don't think we want to create them during the installation, because there may be issues with not having enough entropy.

Comment 5 Tomáš Hozza 🤓 2017-02-17 16:17:09 UTC
I tried to reproduce this issue. The customer had to install dnssec-trigger explicitly, as it is not included in the default installation. After the installation, dnssec-trigger daemon is not started, but is enabled. The panel is not started. If one starts the dnssec-trigger-panel before the reboot, the error is there. During the next system start all necessary keys are created. After that it is not possible to reproduce the error message.

The bottom line is, that the log message can not be present after fresh insyall of the system, but the user has to do an invalid step.

The use and installation of dnssec-trigger is documented in the Security Guide (https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/sec-Securing_DNS_Traffic_with_DNSSEC.html#sec-Security_Guide-Understanding_Dnssec-trigger).

Closing as NOTABUG. Feel free to reopen if you don't agree.


Note You need to log in before you can comment on or make changes to this bug.