Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1691451 - Failure to configure Containerized RHEL Identity Management (IdM) server for remote logging on RHEL Atomic Host Using the ipa-log-config tool
Summary: Failure to configure Containerized RHEL Identity Management (IdM) server for...
Keywords:
Status: NEW
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: ipa-server-container
Version: 7.6
Hardware: x86_64
OS: Linux
unspecified
low
Target Milestone: rc
: ---
Assignee: Petr Vobornik
QA Contact: Nikhil Dehadrai
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-03-21 15:53 UTC by mabah
Modified: 2019-03-22 22:37 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Target Upstream Version:


Attachments (Terms of Use)

Description mabah 2019-03-21 15:53:37 UTC
Description of problem:

Case# 02332281

Failure to configure ipa-server container to send logs to a remote rsyslog-server container using the ipa-log-config tools.
**Note both containers live in the same RHEL Atomic host.


Version-Release number of selected component (if applicable):

RHEL Atomic Host 7.6.1.1
Containerized RHEL IdM server 4.6.4-10

How reproducible:

100%

Steps to Reproduce:

1. Running the ./ipa-log-config.py  tool from the atomic host and setting the rsyslog container ip address as the target:
[root@atomichosttest ipa-log-config-master]# ./ipa_log_config.py --target 10.179.166.16 


Actual results:

Here is the output of the actual result - It failed.
[root@atomichosttest ipa-log-config-master]# ./ipa_log_config.py --target 10.179.166.16                                                                                                    
Setting SSSD debug level to 2                                                                                                                                                              
Condrestarting SSSD                                                                                                                                                                        
Rsyslog: cleaning up config files:                                                                                                                                                         
  /etc/rsyslog.d/00.load-imfile-module.conf                                                                                                                                                
  /etc/rsyslog.d/00.remote-ipa-elastic-ruleset.conf                                                                                                                                        
  /etc/rsyslog.d/01.ipa-authpriv.conf                                                                                                                                                      
  /etc/rsyslog.d/01.ipa-httpd.conf                                                                                                                                                         
  /etc/rsyslog.d/01.ipa-krb5.conf                                                                                                                                                          
  /etc/rsyslog.d/01.ipa-389.conf                                                                                                                                                           
  /etc/rsyslog.d/01.ipa-ca.conf                                                                                                                                                            
  /etc/rsyslog.d/10.ipa-sssd-processes.conf                                                                                                                                                
  /etc/rsyslog.d/11.ipa-sssd-domains.conf                                                                                                                                                  
Rsyslog: enabling imfile module [/etc/rsyslog.d/00.load-imfile-module.conf]                                                                                                                
Rsyslog: creating ruleset for forwarding logs [/etc/rsyslog.d/00.remote-ipa-elastic-ruleset.conf]                                                                                          
Rsyslog: forwarding authpriv logs to remote ruleset [/etc/rsyslog.d/01.ipa-authpriv.conf]                                                                                                  
SSSD is running in client mode                                                                                                                                                             
SSSD domains: idmatomictest.com                                                                                                                                                            
Realms: IDMATOMICTEST.COM                                                                                                                                                                  
Rsyslog: skipping "/var/log/dirsrv/slapd-IDMATOMICTEST-COM/access", log file not found.                                                                                                    
Rsyslog: skipping "/var/log/pki/pki-tomcat/ca/transactions", log file not found.                                                                                                           
Rsyslog: skipping "/var/log/dirsrv/slapd-IDMATOMICTEST-COM/audit", log file not found.                                                                                                     
Rsyslog: skipping "/var/log/httpd/error_log", log file not found.                                                                                                                          
Rsyslog: skipping "/var/log/krb5kdc.log", log file not found.                                                                                                                              
Rsyslog: skipping "/var/log/httpd/access_log", log file not found.                                                                                                                         
Rsyslog: skipping "/var/log/kadmind.log", log file not found.                                                                                                                              
Rsyslog: skipping "/var/log/dirsrv/slapd-IDMATOMICTEST-COM/errors", log file not found.                                                                                                    
Rsyslog: including "/var/log/sssd/krb5_child.log" log [/etc/rsyslog.d/10.ipa-sssd-processes.conf]                                                                                          
Rsyslog: including "/var/log/sssd/sssd_autofs.log" log [/etc/rsyslog.d/10.ipa-sssd-processes.conf]                                                                                         
Rsyslog: including "/var/log/sssd/sssd_pam.log" log [/etc/rsyslog.d/10.ipa-sssd-processes.conf]                                                                                            
Rsyslog: including "/var/log/sssd/sssd_ifp.log" log [/etc/rsyslog.d/10.ipa-sssd-processes.conf]                                                                                            
Rsyslog: including "/var/log/sssd/selinux_child.log" log [/etc/rsyslog.d/10.ipa-sssd-processes.conf]                                                                                       
Rsyslog: including "/var/log/sssd/sssd_idmatomictest.com.log" log [/etc/rsyslog.d/11.ipa-sssd-domains.conf]                                                                                
Rsyslog: including "/var/log/sssd/sssd_nss.log" log [/etc/rsyslog.d/10.ipa-sssd-processes.conf]                                                                                            
Rsyslog: including "/var/log/sssd/sssd_sudo.log" log [/etc/rsyslog.d/10.ipa-sssd-processes.conf]                                                                                           
Rsyslog: including "/var/log/sssd/gpo_child.log" log [/etc/rsyslog.d/10.ipa-sssd-processes.conf]                                                                                           
Rsyslog: including "/var/log/sssd/sssd_pac.log" log [/etc/rsyslog.d/10.ipa-sssd-processes.conf]                                                                                            
Rsyslog: including "/var/log/sssd/ldap_child.log" log [/etc/rsyslog.d/10.ipa-sssd-processes.conf]                                                                                          
Rsyslog: including "/var/log/sssd/sssd.log" log [/etc/rsyslog.d/10.ipa-sssd-processes.conf]                                                                                                
Rsyslog: including "/var/log/sssd/sssd_ssh.log" log [/etc/rsyslog.d/10.ipa-sssd-processes.conf] 
Enabling and restarting rsyslog service.
Failed to execute operation: No such file or directory                                                                                                                                     
Failed to execute external command: Failed to enable rsyslog servic  

Expected results:

Success

Additional info:

- ipa-server container is in tech preview 
- Disabled auditd from the ipa-log-config.py (By commenting out line#406 and 412).


Note You need to log in before you can comment on or make changes to this bug.