Univention Bugzilla – Bug 55030
/etc/cron.daily/univention-ssl exited with return code 2
Last modified: 2022-07-28 09:11:32 CEST
+++ This bug was initially created as a clone of Bug #54932 +++ This seems to be a regression. After Updating univention-ssl to Version 14.0.2-3A~5.0.0.202206071244, every night-job creates a E-Mail with the following content: <CONTENT> "run-parts: /etc/cron.daily/univention-ssl exited with return code 2" </CONTENT> Additional Environment Informations: ~# univention-app info UCS: 5.0-1 errata342 ~# apt info univention-ssl Package: univention-ssl Version: 14.0.2-3A~5.0.0.202206071244 Priority: optional Section: univention Maintainer: Univention GmbH <packages@univention.de> Installed-Size: 96,3 kB Depends: openssl, python3-m2crypto, python3-univention-lib, shell-univention-lib (>= 3.0.1-1), univention-directory-listener, univention-ssh, univention-config (>= 7.0.25) Recommends: rdate Download-Size: 23,0 kB APT-Manual-Installed: no APT-Sources: https://updates.software-univention.de errata501/main amd64 Packages ~# sh /etc/cron.daily/univention-ssl || echo "$?" 2 ~# bash /etc/cron.daily/univention-ssl && echo "$?" 0 +++ This bug was initially created as a clone of Bug #47896 +++ Users report about an error level from univention-ssl. Doing some investigation I got the following debug output: + . /usr/share/univention-lib/ucr.sh + is_ucr_false ssl/validity/check + local value + /usr/sbin/univention-config-registry get ssl/validity/check + value=yes + tr [:upper:] [:lower:] + echo -n yes + return 1 + univention-certificate-check-validity + check_gen_crl + local interval crl=/etc/univention/ssl/ucsCA/crl/crl.pem + ucr get server/role + [ domaincontroller_master = domaincontroller_master ] + ucr get ssl/crl/interval + interval=7 + [ 7 -ge 1 ] + [ -f /etc/univention/ssl/ucsCA/crl/crl.pem ] + find /etc/univention/ssl/ucsCA/crl/crl.pem -mtime -7 + [ -n ] + . /usr/share/univention-ssl/make-certificates.sh + SSLBASE=/etc/univention/ssl + CA=ucsCA + /usr/sbin/univention-config-registry get ssl/crl/validity + DEFAULT_CRL_DAYS=10 + : 10 + /usr/sbin/univention-config-registry get ssl/default/days + DEFAULT_DAYS=1825 + : 1825 + /usr/sbin/univention-config-registry get ssl/default/hashfunction + DEFAULT_MD=sha256 + : sha256 + /usr/sbin/univention-config-registry get ssl/default/bits + DEFAULT_BITS=2048 + : 2048 + export DEFAULT_MD DEFAULT_BITS DEFAULT_CRL_DAYS + test -e /etc/univention/ssl/password + cat /etc/univention/ssl/password + PASSWD=M7NBxxxxx2tZ0aprRdJ3 /etc/cron.daily/univention-ssl: 438: /usr/share/univention-ssl/make-certificates.sh: Syntax error: redirection unexpected
[5.0-2] c26ecdc2ba Bug #54932: Fix cron task, create errata and changelog base/univention-ssl/debian/changelog | 6 ++++++ base/univention-ssl/debian/univention-ssl.cron.daily | 9 +++++++-- base/univention-ssl/debian/univention-ssl.postinst | 9 ++++++--- base/univention-ssl/extensions-example.sh | 4 +++- base/univention-ssl/ssl-sync | 5 ++--- base/univention-ssl/tests/common.sh | 26 ++++++++++++++++++++++---- base/univention-ssl/tests/test_defaults | 3 ++- base/univention-ssl/tests/test_host_expired | 7 ++++--- base/univention-ssl/tests/test_host_fqdn | 7 ++++--- base/univention-ssl/tests/test_host_hook | 3 ++- [5.0-2] 42d82c1a6c Bug #54697: univention-ssl 14.0.2-5A~5.0.0.202207251753 doc/errata/staging/univention-ssl.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) OK: apt-get install -t apt univention-ssl OK: head -n 1 /etc/cron.daily/univention-ssl OK: touch -d @0 /etc/univention/ssl/ucsCA/crl/crl.pem && /etc/cron.daily/univention-ssl && ls -l /etc/univention/ssl/ucsCA/crl/crl.pem
<https://errata.software-univention.de/#/?erratum=5.0x373>