|
Well... not to be a messenger of bad news, but
389-admin/389-console & friends are deprecated. We are not
doing any more bug fixes around these packages. The old java
console has been replaced by a Cockpit plugin in
Fedora31/RHEL8/CentOS8.
Sorry,
Mark
On 8/30/19 11:37 AM, Paul Whitney
wrote:
Please do. It is not “critical” yet, but I the writing is on the
wall and will become an issue without some waiver. Worst case I
enable it and disable as needed.
Thank you,
Paul M. Whitney
Sent from my Mac Book Pro
I can open the issue on your behalf, or if
it's serious and you want it looked at as a priority,
you may want to consider raising a case with RH/SUSE
direct.
On 30 Aug 2019, at
09:32, Paul Whitney <paul.whitney@xxxxxxxxxxxxxxxxx>
wrote:
Ok, is there an action required from me?
Paul
On 8/29/19, 5:34 PM, "William Brown" <wbrown@xxxxxxx> wrote:
This could be in "report an issue" territory I think
in that case. Seems easy to reproduce.
On 30 Aug 2019, at
02:15, Paul Whitney <paul.whitney@xxxxxxx>
wrote:
Hi William,
It is an issue with FIPS. You are correct there are
differences between the pin.txt file used in
admin-serv and the slap instances. However, I went
into grub.conf and changed fips=1 to fips=0.
Rebooted the system and the dirsrv-admin process
started right up. DISA hardening requires FIPS
enabled OS. So this may be one of those issues that
will come back again. In the meantime, we will look
at finding a waiver.
Thanks,
Paul
On Aug 28, 2019, at
7:10 PM, William Brown <wbrown@xxxxxxx>
wrote:
If memory serves correctly ... there are some
un-resolved issues between dirsrv-admin + fips. I
remember discussing this with Mark as something
that may fall into the "fix when someone runs into
it" because that combination we thought would be
rare.
But I'm not sure that this issue here is a fips
one? I've seen another issue lately where the
dirsrv-admin used a different pin.txt to the
dirsrvinstances, but I'm not sure of the details.
Are there fresh installs of ds? Or upgrades?
On 28 Aug 2019,
at 05:51, Paul Whitney <paul.whitney@xxxxxxxxxxxxxxxxx>
wrote:
Hi guys,
I have SSL enabled both slapd instances and
dirsrv-admin on FIPS enabled CentOS 7. The
instances seem to start up no problem. However,
the admin console (dirsrv-admin) is complaining
the password credentials are not valid for the
NSS FIPS 140-2 DB even through the exact same
credentials are presented to the SLAPD
instances. I am using a pin.txt file in the
correct format for both SLAPD and DIRSRV-ADMIN.
Are there compatibility issues with FIPS and
389-DS admin-serv?
Paul M. Whitney
_______________________________________________
389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
—
Sincerely,
William Brown
Senior Software Engineer, 389 Directory Server
SUSE Labs
_______________________________________________
389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
_______________________________________________
389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
—
Sincerely,
William Brown
Senior Software Engineer, 389 Directory Server
SUSE Labs
_______________________________________________
389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
_______________________________________________
389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
—
Sincerely,
William Brown
Senior Software Engineer, 389 Directory Server
SUSE Labs
_______________________________________________
389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
_______________________________________________
389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
--
389 Directory Server Development Team
|
