Univention Bugzilla – Full Text Bug Listing |
Summary: | /etc/cron.daily/univention-ssl exited with return code 2 | ||
---|---|---|---|
Product: | UCS | Reporter: | Daniel Duchon <duchon> |
Component: | SSL | Assignee: | Philipp Hahn <hahn> |
Status: | CLOSED FIXED | QA Contact: | UCS maintainers <ucs-maintainers> |
Severity: | normal | ||
Priority: | P5 | CC: | ahlers, damrose, grandjean, hahn, office, radovanovic.extern, riess82, schnick, tpfannholzer, voelker |
Version: | UCS 5.0 | Flags: | hahn:
Patch_Available+
|
Target Milestone: | UCS 4.4-9-errata | ||
Hardware: | Other | ||
OS: | Linux | ||
URL: | https://help.univention.com/t/openvpn-crl-expired-no-client-access/9983 | ||
What kind of report is it?: | Bug Report | What type of bug is this?: | 3: Simply Wrong: The implementation doesn't match the docu |
Who will be affected by this bug?: | 2: Will only affect a few installed domains | How will those affected feel about the bug?: | 2: A Pain – users won’t like this once they notice it |
User Pain: | 0.069 | Enterprise Customer affected?: | Yes |
School Customer affected?: | ISV affected?: | Yes | |
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | 2022070421000275, 2022070521000335 | Bug group (optional): | bitesize, External feedback |
Max CVSS v3 score: | |||
Bug Depends on: | 47896 | ||
Bug Blocks: | 55030 |
Description
Daniel Duchon
2022-07-04 16:36:04 CEST
I'm facing the same issue since a couple of weeks but on UCS 4.4. univention-app info: univention-app infoUCS: 4.4-9 errata1272 Installed: adconnector=12.0 fetchmail=6.3.26 kde=5.8 kopano-core=8.7.1.0-1 kopano-webapp=3.5.14.2539-2 letsencrypt=1.2.2-20 samba-memberserver=4.7 z-push-kopano=2.6.2-1 Upgradable: same here: univention-app info UCS: 5.0-2 errata352 Installed: letsencrypt=2.0.0-2 samba4=4.16 Upgradable: Fix for both 4.4-9 and 5.0-x: sudo sed -e '1s,/bin/sh,/bin/bash,' -i /etc/cron.daily/univention-ssl The source of that file is git:base/univention-ssl/debian/univention-ssl.cron.daily Fixing it for 4.4-9 first as there are currently other changes pending for 5.0-2 [4.4-9] c57c5eeb83 Bug #54932: univention-ssl 13.0.0-9A~4.4.0.202207181119 doc/errata/staging/univention-ssl.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) [4.4-9] 727e382085 test[ssl]: shellcheck base/univention-ssl/debian/univention-ssl.cron.daily | 7 ++++++- base/univention-ssl/debian/univention-ssl.postinst | 9 ++++++--- base/univention-ssl/extensions-example.sh | 4 +++- base/univention-ssl/make-certificates.sh | 11 ++++++++--- base/univention-ssl/ssl-sync | 5 ++--- base/univention-ssl/tests/common.sh | 26 ++++++++++++++++++++++---- base/univention-ssl/tests/test_defaults | 3 ++- base/univention-ssl/tests/test_host_expired | 7 ++++--- base/univention-ssl/tests/test_host_fqdn | 7 ++++--- base/univention-ssl/tests/test_host_hook | 3 ++- ... 23 files changed, 128 insertions(+), 62 deletions(-) [4.4-9] a661c72fbb fix[ssl]: Source make-certificates.sh with bash base/univention-ssl/debian/changelog | 6 ++++++ base/univention-ssl/debian/univention-ssl.cron.daily | 2 +- doc/errata/staging/univention-ssl.yaml | 10 ++++++++++ 3 files changed, 17 insertions(+), 1 deletion(-) Package: univention-ssl Version: 13.0.0-9A~4.4.0.202207181119 Branch: ucs_4.4-0 Scope: errata4.4-9 QA: done already by tests/ run during package build - now fixed OK: apt install -t apt univention-ssl OK: touch -d @0 /etc/univention/ssl/ucsCA/crl/crl.pem && /etc/cron.daily/univention-ssl && ls -l /etc/univention/ssl/ucsCA/crl/crl.pem another customer facing that issue. Attached ticketnumber 1. created clean 4.4.9 (K)VM instance 2. licensed & system updated 3. download & install: libfaketime and faketime deb packages from Stretch 4. cloned 4.4.9 and univention-ssl package built & installed 5. make sure appropriate version is present: dpkg -s univention-ssl | grep '13.0.0-9A~4.4.0.202207181119' 6. check build output for test results 7. just for the sake of sanity, some basic certification management done manually (list, renew, dump, etc.) 8. tried manually to call: /etc/cron.daily/univention-ssl && echo "$?" |