{"update": {"autokarma": true, "autotime": true, "stable_karma": 1, "stable_days": 7, "unstable_karma": -1, "require_bugs": true, "require_testcases": true, "display_name": "", "notes": "bump version to 1.4.3.19", "type": "security", "status": "obsolete", "request": null, "severity": "medium", "suggest": "unspecified", "locked": false, "pushed": false, "critpath": false, "critpath_groups": null, "close_bugs": true, "date_submitted": "2021-02-11 17:09:44", "date_modified": null, "date_approved": null, "date_testing": null, "date_stable": null, "alias": "FEDORA-2021-e55a8d7545", "test_gating_status": "ignored", "from_tag": null, "date_pushed": null, "meets_testing_requirements": false, "url": "https://bodhi.stg.fedoraproject.org/updates/FEDORA-2021-e55a8d7545", "title": "389-ds-base-1.4.3.19-1.fc32", "version_hash": "2f6bd57ef09f4ae95314187d24cd6971476f6d19", "release": {"name": "F32", "long_name": "Fedora 32", "version": "32", "id_prefix": "FEDORA", "branch": "f32", "dist_tag": "f32", "stable_tag": "f32-updates", "testing_tag": "f32-updates-testing", "candidate_tag": "f32-updates-candidate", "pending_signing_tag": "f32-signing-pending", "pending_testing_tag": "f32-updates-testing-pending", "pending_stable_tag": "f32-updates-pending", "override_tag": "f32-override", "mail_template": "fedora_errata_template", "state": "archived", "composed_by_bodhi": true, "create_automatic_updates": false, "package_manager": "dnf", "testing_repository": "updates-testing", "released_on": null, "eol": null, "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "tbordaz", "email": "tbordaz@redhat.com", "id": 2494, "avatar": "https://seccdn.libravatar.org/avatar/856711b8fb54e30a01184c7a7744cc1a2f9aff9a99d0c8362e2bdf1bd3176b94?s=24&d=retro", "openid": "tbordaz.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "git389"}, {"name": "git389test"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by tbordaz. ", "timestamp": "2021-02-11 17:09:45", "update_id": 283103, "user_id": 91, "id": 1882534, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'ignored'.", "timestamp": "2021-02-11 17:09:45", "update_id": 283103, "user_id": 91, "id": 1882535, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'waiting'.", "timestamp": "2021-02-11 17:09:45", "update_id": 283103, "user_id": 91, "id": 1882536, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'ignored'.", "timestamp": "2021-02-11 17:14:56", "update_id": 283103, "user_id": 91, "id": 1882558, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": -1, "karma_critpath": 0, "text": "As you can see from the Automated Tests tab, this appears to break server deployment. Logs at https://openqa.fedoraproject.org/tests/774965/file/role_deploy_domain_controller-var_log.tar.gz .", "timestamp": "2021-02-11 23:43:10", "update_id": 283103, "user_id": 302, "id": 1883274, "bug_feedback": [{"karma": 0, "comment_id": 1883274, "bug_id": 1908653, "bug": {"bug_id": 1908653, "title": "CVE-2020-35518 389-ds-base: information disclosure during the binding of a DN [fedora-all]", "security": true, "parent": false}}], "testcase_feedback": [{"karma": 0, "comment_id": 1883274, "testcase_id": 142, "testcase": {"name": "QA:Testcase 389 ds base setup testcase", "id": 142}}, {"karma": 0, "comment_id": 1883274, "testcase_id": 143, "testcase": {"name": "QA:Testcase Create normalized dn cache testcase", "id": 143}}, {"karma": 0, "comment_id": 1883274, "testcase_id": 144, "testcase": {"name": "QA:Testcase Create normalized dn cache testcase2", "id": 144}}], "user": {"name": "adamwill", "email": "awilliam@redhat.com", "id": 302, "avatar": "https://seccdn.libravatar.org/avatar/51720fbb2ec5dfd2bc005ac374a3bfd3190cb8f45f3bb8d6bdf35fb6a051d03b?s=24&d=retro", "openid": "adamwill.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "qa-tools-sig"}, {"name": "fedora-contributor"}, {"name": "news"}, {"name": "gittriage"}, {"name": "sysadmin"}, {"name": "gitspin-kickstarts"}, {"name": "signed_fpca"}, {"name": "gitgeneric-release"}, {"name": "yak_farmers"}, {"name": "triagers"}, {"name": "qa"}, {"name": "sysadmin-qa"}, {"name": "fedorabugs"}, {"name": "ipausers"}, {"name": "gitmkinitrd"}, {"name": "qa-admin"}, {"name": "aws-qa"}, {"name": "change-wranglers"}, {"name": "fedora-ci-admins"}, {"name": "common-issues-triage"}, {"name": "sysadmin-main"}, {"name": "program-management"}, {"name": "gitfedora-project-schedule"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been obsoleted.", "timestamp": "2021-02-11 23:43:10", "update_id": 283103, "user_id": 91, "id": 1883275, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "...or at https://openqa.fedoraproject.org/tests/774968/file/role_deploy_domain_controller-var_log.tar.gz (possibly a bit cleaner as no replica stuff is involved).", "timestamp": "2021-02-11 23:49:13", "update_id": 283103, "user_id": 302, "id": 1883277, "bug_feedback": [{"karma": 0, "comment_id": 1883277, "bug_id": 1908653, "bug": {"bug_id": 1908653, "title": "CVE-2020-35518 389-ds-base: information disclosure during the binding of a DN [fedora-all]", "security": true, "parent": false}}], "testcase_feedback": [{"karma": 0, "comment_id": 1883277, "testcase_id": 142, "testcase": {"name": "QA:Testcase 389 ds base setup testcase", "id": 142}}, {"karma": 0, "comment_id": 1883277, "testcase_id": 143, "testcase": {"name": "QA:Testcase Create normalized dn cache testcase", "id": 143}}, {"karma": 0, "comment_id": 1883277, "testcase_id": 144, "testcase": {"name": "QA:Testcase Create normalized dn cache testcase2", "id": 144}}], "user": {"name": "adamwill", "email": "awilliam@redhat.com", "id": 302, "avatar": "https://seccdn.libravatar.org/avatar/51720fbb2ec5dfd2bc005ac374a3bfd3190cb8f45f3bb8d6bdf35fb6a051d03b?s=24&d=retro", "openid": "adamwill.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "qa-tools-sig"}, {"name": "fedora-contributor"}, {"name": "news"}, {"name": "gittriage"}, {"name": "sysadmin"}, {"name": "gitspin-kickstarts"}, {"name": "signed_fpca"}, {"name": "gitgeneric-release"}, {"name": "yak_farmers"}, {"name": "triagers"}, {"name": "qa"}, {"name": "sysadmin-qa"}, {"name": "fedorabugs"}, {"name": "ipausers"}, {"name": "gitmkinitrd"}, {"name": "qa-admin"}, {"name": "aws-qa"}, {"name": "change-wranglers"}, {"name": "fedora-ci-admins"}, {"name": "common-issues-triage"}, {"name": "sysadmin-main"}, {"name": "program-management"}, {"name": "gitfedora-project-schedule"}]}}, {"karma": 0, "karma_critpath": 0, "text": "To me this looks like Dogtag never created its Replication Manager bind users before actual use. Looking at the pki-core code, I don't see how it ever worked in past -- the bind user for replicationdb is never created in IPA workflow. 389-ds does return error 49, e.g. entry does not exist:\n\n```\n[11/Feb/2021:12:53:00.424286315 -0500] conn=102 op=0 RESULT err=49 tag=97 nentries=0 wtime=0.000126054 optime=0.000467697 etime=0.000592407 - Entry does not exist\n```\nbut while in past it was treated as 'NO_SUCH_USER' in Dogtag, this update causes Dogtag to treat it as 'INVALID_PASSWORD':\n\n```\n2021-02-11 12:53:00 [main] INFO: CMSEngine: initializing password store for replicationdb\n2021-02-11 12:53:00 [main] INFO: CMSEngine: verifying connection to ipa001.test.openqa.fedoraproject.org:389 as cn=Replication Manager masterAgreement1-ipa001.test.openqa.fedoraproject.org-pki-tomcat,cn=config\n2021-02-11 12:53:00 [main] INFO: CMSEngine: verifying connection to ipa001.test.openqa.fedoraproject.org:389 as cn=Replication Manager masterAgreement1-ipa001.test.openqa.fedoraproject.org-pki-tomcat,cn=config\n2021-02-11 12:53:01 [main] INFO: CMSEngine: verifying connection to ipa001.test.openqa.fedoraproject.org:389 as cn=Replication Manager masterAgreement1-ipa001.test.openqa.fedoraproject.org-pki-tomcat,cn=config\n2021-02-11 12:53:01 [main] SEVERE: CMSEngine: password test execution failed: 2\n```\n\nCompare this to my F33 setup with 389-ds-base-1.4.4.11-1.fc33.x86_64 and pki-ca-10.11.0-0.1.alpha1.20210204232642UTC.23c3d215.fc33.noarch:\n\n```\n2021-01-26 07:02:26 [main] INFO: CMSEngine: initializing password store for replicationdb\n2021-01-26 07:02:26 [main] INFO: CMSEngine: verifying connection to master.ipa.test:389 as cn=Replication Manager masterAgreement1-master.ipa.test-pki-tomcat,cn=config\n2021-01-26 07:02:27 [main] WARNING: CMSEngine: password test execution failed for replicationdb with NO_SUCH_USER. This may not be a latest instance. Ignoring ..\n```\nsadly, I don't have older 389-ds access logs on that instance to verify what 389-ds did return.", "timestamp": "2021-02-12 07:46:47", "update_id": 283103, "user_id": 1242, "id": 1883763, "bug_feedback": [{"karma": 0, "comment_id": 1883763, "bug_id": 1908653, "bug": {"bug_id": 1908653, "title": "CVE-2020-35518 389-ds-base: information disclosure during the binding of a DN [fedora-all]", "security": true, "parent": false}}], "testcase_feedback": [{"karma": 0, "comment_id": 1883763, "testcase_id": 142, "testcase": {"name": "QA:Testcase 389 ds base setup testcase", "id": 142}}, {"karma": 0, "comment_id": 1883763, "testcase_id": 143, "testcase": {"name": "QA:Testcase Create normalized dn cache testcase", "id": 143}}, {"karma": 0, "comment_id": 1883763, "testcase_id": 144, "testcase": {"name": "QA:Testcase Create normalized dn cache testcase2", "id": 144}}], "user": {"name": "abbra", "email": "abokovoy@redhat.com", "id": 1242, "avatar": "https://seccdn.libravatar.org/avatar/3f3c51cb81fb43e685e65ff696d895ac268ff71949128c02b81dec65a4405a0a?s=24&d=retro", "openid": "abbra.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "bind-dyndb-ldap"}, {"name": "gitfreeipa"}, {"name": "gitslapi-nis"}, {"name": "gitfreeipa-docs"}]}}, {"karma": 0, "karma_critpath": 0, "text": "Here's the log tarball from the same test passing on a different F32 update:\nhttps://openqa.fedoraproject.org/tests/775367/file/role_deploy_domain_controller_check-var_log.tar.gz", "timestamp": "2021-02-12 20:49:05", "update_id": 283103, "user_id": 302, "id": 1884552, "bug_feedback": [{"karma": 0, "comment_id": 1884552, "bug_id": 1908653, "bug": {"bug_id": 1908653, "title": "CVE-2020-35518 389-ds-base: information disclosure during the binding of a DN [fedora-all]", "security": true, "parent": false}}], "testcase_feedback": [{"karma": 0, "comment_id": 1884552, "testcase_id": 142, "testcase": {"name": "QA:Testcase 389 ds base setup testcase", "id": 142}}, {"karma": 0, "comment_id": 1884552, "testcase_id": 143, "testcase": {"name": "QA:Testcase Create normalized dn cache testcase", "id": 143}}, {"karma": 0, "comment_id": 1884552, "testcase_id": 144, "testcase": {"name": "QA:Testcase Create normalized dn cache testcase2", "id": 144}}], "user": {"name": "adamwill", "email": "awilliam@redhat.com", "id": 302, "avatar": "https://seccdn.libravatar.org/avatar/51720fbb2ec5dfd2bc005ac374a3bfd3190cb8f45f3bb8d6bdf35fb6a051d03b?s=24&d=retro", "openid": "adamwill.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "qa-tools-sig"}, {"name": "fedora-contributor"}, {"name": "news"}, {"name": "gittriage"}, {"name": "sysadmin"}, {"name": "gitspin-kickstarts"}, {"name": "signed_fpca"}, {"name": "gitgeneric-release"}, {"name": "yak_farmers"}, {"name": "triagers"}, {"name": "qa"}, {"name": "sysadmin-qa"}, {"name": "fedorabugs"}, {"name": "ipausers"}, {"name": "gitmkinitrd"}, {"name": "qa-admin"}, {"name": "aws-qa"}, {"name": "change-wranglers"}, {"name": "fedora-ci-admins"}, {"name": "common-issues-triage"}, {"name": "sysadmin-main"}, {"name": "program-management"}, {"name": "gitfedora-project-schedule"}]}}], "builds": [{"nvr": "389-ds-base-1.4.3.19-1.fc32", "signed": true, "release_id": 35, "type": "rpm", "epoch": 0}], "bugs": [{"bug_id": 1908653, "title": "CVE-2020-35518 389-ds-base: information disclosure during the binding of a DN [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1883274, "bug_id": 1908653, "comment": {"karma": -1, "karma_critpath": 0, "text": "As you can see from the Automated Tests tab, this appears to break server deployment. Logs at https://openqa.fedoraproject.org/tests/774965/file/role_deploy_domain_controller-var_log.tar.gz .", "timestamp": "2021-02-11 23:43:10", "update_id": 283103, "user_id": 302, "id": 1883274, "testcase_feedback": [{"karma": 0, "comment_id": 1883274, "testcase_id": 142, "testcase": {"name": "QA:Testcase 389 ds base setup testcase", "id": 142}}, {"karma": 0, "comment_id": 1883274, "testcase_id": 143, "testcase": {"name": "QA:Testcase Create normalized dn cache testcase", "id": 143}}, {"karma": 0, "comment_id": 1883274, "testcase_id": 144, "testcase": {"name": "QA:Testcase Create normalized dn cache testcase2", "id": 144}}], "user": {"name": "adamwill", "email": "awilliam@redhat.com", "id": 302, "avatar": "https://seccdn.libravatar.org/avatar/51720fbb2ec5dfd2bc005ac374a3bfd3190cb8f45f3bb8d6bdf35fb6a051d03b?s=24&d=retro", "openid": "adamwill.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "qa-tools-sig"}, {"name": "fedora-contributor"}, {"name": "news"}, {"name": "gittriage"}, {"name": "sysadmin"}, {"name": "gitspin-kickstarts"}, {"name": "signed_fpca"}, {"name": "gitgeneric-release"}, {"name": "yak_farmers"}, {"name": "triagers"}, {"name": "qa"}, {"name": "sysadmin-qa"}, {"name": "fedorabugs"}, {"name": "ipausers"}, {"name": "gitmkinitrd"}, {"name": "qa-admin"}, {"name": "aws-qa"}, {"name": "change-wranglers"}, {"name": "fedora-ci-admins"}, {"name": "common-issues-triage"}, {"name": "sysadmin-main"}, {"name": "program-management"}, {"name": "gitfedora-project-schedule"}]}}}, {"karma": 0, "comment_id": 1883763, "bug_id": 1908653, "comment": {"karma": 0, "karma_critpath": 0, "text": "To me this looks like Dogtag never created its Replication Manager bind users before actual use. Looking at the pki-core code, I don't see how it ever worked in past -- the bind user for replicationdb is never created in IPA workflow. 389-ds does return error 49, e.g. entry does not exist:\n\n```\n[11/Feb/2021:12:53:00.424286315 -0500] conn=102 op=0 RESULT err=49 tag=97 nentries=0 wtime=0.000126054 optime=0.000467697 etime=0.000592407 - Entry does not exist\n```\nbut while in past it was treated as 'NO_SUCH_USER' in Dogtag, this update causes Dogtag to treat it as 'INVALID_PASSWORD':\n\n```\n2021-02-11 12:53:00 [main] INFO: CMSEngine: initializing password store for replicationdb\n2021-02-11 12:53:00 [main] INFO: CMSEngine: verifying connection to ipa001.test.openqa.fedoraproject.org:389 as cn=Replication Manager masterAgreement1-ipa001.test.openqa.fedoraproject.org-pki-tomcat,cn=config\n2021-02-11 12:53:00 [main] INFO: CMSEngine: verifying connection to ipa001.test.openqa.fedoraproject.org:389 as cn=Replication Manager masterAgreement1-ipa001.test.openqa.fedoraproject.org-pki-tomcat,cn=config\n2021-02-11 12:53:01 [main] INFO: CMSEngine: verifying connection to ipa001.test.openqa.fedoraproject.org:389 as cn=Replication Manager masterAgreement1-ipa001.test.openqa.fedoraproject.org-pki-tomcat,cn=config\n2021-02-11 12:53:01 [main] SEVERE: CMSEngine: password test execution failed: 2\n```\n\nCompare this to my F33 setup with 389-ds-base-1.4.4.11-1.fc33.x86_64 and pki-ca-10.11.0-0.1.alpha1.20210204232642UTC.23c3d215.fc33.noarch:\n\n```\n2021-01-26 07:02:26 [main] INFO: CMSEngine: initializing password store for replicationdb\n2021-01-26 07:02:26 [main] INFO: CMSEngine: verifying connection to master.ipa.test:389 as cn=Replication Manager masterAgreement1-master.ipa.test-pki-tomcat,cn=config\n2021-01-26 07:02:27 [main] WARNING: CMSEngine: password test execution failed for replicationdb with NO_SUCH_USER. This may not be a latest instance. Ignoring ..\n```\nsadly, I don't have older 389-ds access logs on that instance to verify what 389-ds did return.", "timestamp": "2021-02-12 07:46:47", "update_id": 283103, "user_id": 1242, "id": 1883763, "testcase_feedback": [{"karma": 0, "comment_id": 1883763, "testcase_id": 142, "testcase": {"name": "QA:Testcase 389 ds base setup testcase", "id": 142}}, {"karma": 0, "comment_id": 1883763, "testcase_id": 143, "testcase": {"name": "QA:Testcase Create normalized dn cache testcase", "id": 143}}, {"karma": 0, "comment_id": 1883763, "testcase_id": 144, "testcase": {"name": "QA:Testcase Create normalized dn cache testcase2", "id": 144}}], "user": {"name": "abbra", "email": "abokovoy@redhat.com", "id": 1242, "avatar": "https://seccdn.libravatar.org/avatar/3f3c51cb81fb43e685e65ff696d895ac268ff71949128c02b81dec65a4405a0a?s=24&d=retro", "openid": "abbra.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "bind-dyndb-ldap"}, {"name": "gitfreeipa"}, {"name": "gitslapi-nis"}, {"name": "gitfreeipa-docs"}]}}}, {"karma": 0, "comment_id": 1883277, "bug_id": 1908653, "comment": {"karma": 0, "karma_critpath": 0, "text": "...or at https://openqa.fedoraproject.org/tests/774968/file/role_deploy_domain_controller-var_log.tar.gz (possibly a bit cleaner as no replica stuff is involved).", "timestamp": "2021-02-11 23:49:13", "update_id": 283103, "user_id": 302, "id": 1883277, "testcase_feedback": [{"karma": 0, "comment_id": 1883277, "testcase_id": 142, "testcase": {"name": "QA:Testcase 389 ds base setup testcase", "id": 142}}, {"karma": 0, "comment_id": 1883277, "testcase_id": 143, "testcase": {"name": "QA:Testcase Create normalized dn cache testcase", "id": 143}}, {"karma": 0, "comment_id": 1883277, "testcase_id": 144, "testcase": {"name": "QA:Testcase Create normalized dn cache testcase2", "id": 144}}], "user": {"name": "adamwill", "email": "awilliam@redhat.com", "id": 302, "avatar": "https://seccdn.libravatar.org/avatar/51720fbb2ec5dfd2bc005ac374a3bfd3190cb8f45f3bb8d6bdf35fb6a051d03b?s=24&d=retro", "openid": "adamwill.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "qa-tools-sig"}, {"name": "fedora-contributor"}, {"name": "news"}, {"name": "gittriage"}, {"name": "sysadmin"}, {"name": "gitspin-kickstarts"}, {"name": "signed_fpca"}, {"name": "gitgeneric-release"}, {"name": "yak_farmers"}, {"name": "triagers"}, {"name": "qa"}, {"name": "sysadmin-qa"}, {"name": "fedorabugs"}, {"name": "ipausers"}, {"name": "gitmkinitrd"}, {"name": "qa-admin"}, {"name": "aws-qa"}, {"name": "change-wranglers"}, {"name": "fedora-ci-admins"}, {"name": "common-issues-triage"}, {"name": "sysadmin-main"}, {"name": "program-management"}, {"name": "gitfedora-project-schedule"}]}}}, {"karma": 0, "comment_id": 1884552, "bug_id": 1908653, "comment": {"karma": 0, "karma_critpath": 0, "text": "Here's the log tarball from the same test passing on a different F32 update:\nhttps://openqa.fedoraproject.org/tests/775367/file/role_deploy_domain_controller_check-var_log.tar.gz", "timestamp": "2021-02-12 20:49:05", "update_id": 283103, "user_id": 302, "id": 1884552, "testcase_feedback": [{"karma": 0, "comment_id": 1884552, "testcase_id": 142, "testcase": {"name": "QA:Testcase 389 ds base setup testcase", "id": 142}}, {"karma": 0, "comment_id": 1884552, "testcase_id": 143, "testcase": {"name": "QA:Testcase Create normalized dn cache testcase", "id": 143}}, {"karma": 0, "comment_id": 1884552, "testcase_id": 144, "testcase": {"name": "QA:Testcase Create normalized dn cache testcase2", "id": 144}}], "user": {"name": "adamwill", "email": "awilliam@redhat.com", "id": 302, "avatar": "https://seccdn.libravatar.org/avatar/51720fbb2ec5dfd2bc005ac374a3bfd3190cb8f45f3bb8d6bdf35fb6a051d03b?s=24&d=retro", "openid": "adamwill.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "qa-tools-sig"}, {"name": "fedora-contributor"}, {"name": "news"}, {"name": "gittriage"}, {"name": "sysadmin"}, {"name": "gitspin-kickstarts"}, {"name": "signed_fpca"}, {"name": "gitgeneric-release"}, {"name": "yak_farmers"}, {"name": "triagers"}, {"name": "qa"}, {"name": "sysadmin-qa"}, {"name": "fedorabugs"}, {"name": "ipausers"}, {"name": "gitmkinitrd"}, {"name": "qa-admin"}, {"name": "aws-qa"}, {"name": "change-wranglers"}, {"name": "fedora-ci-admins"}, {"name": "common-issues-triage"}, {"name": "sysadmin-main"}, {"name": "program-management"}, {"name": "gitfedora-project-schedule"}]}}}, {"karma": 1, "comment_id": 1911824, "bug_id": 1908653, "comment": {"karma": 1, "karma_critpath": 0, "text": "This passes all openQA tests, seems to also fix https://bugzilla.redhat.com/show_bug.cgi?id=1929940 though it's not currently marked.", "timestamp": "2021-03-01 23:23:38", "update_id": 287423, "user_id": 302, "id": 1911824, "testcase_feedback": [{"karma": 0, "comment_id": 1911824, "testcase_id": 142, "testcase": {"name": "QA:Testcase 389 ds base setup testcase", "id": 142}}, {"karma": 0, "comment_id": 1911824, "testcase_id": 143, "testcase": {"name": "QA:Testcase Create normalized dn cache testcase", "id": 143}}, {"karma": 0, "comment_id": 1911824, "testcase_id": 144, "testcase": {"name": "QA:Testcase Create normalized dn cache testcase2", "id": 144}}], "user": {"name": "adamwill", "email": "awilliam@redhat.com", "id": 302, "avatar": "https://seccdn.libravatar.org/avatar/51720fbb2ec5dfd2bc005ac374a3bfd3190cb8f45f3bb8d6bdf35fb6a051d03b?s=24&d=retro", "openid": "adamwill.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "qa-tools-sig"}, {"name": "fedora-contributor"}, {"name": "news"}, {"name": "gittriage"}, {"name": "sysadmin"}, {"name": "gitspin-kickstarts"}, {"name": "signed_fpca"}, {"name": "gitgeneric-release"}, {"name": "yak_farmers"}, {"name": "triagers"}, {"name": "qa"}, {"name": "sysadmin-qa"}, {"name": "fedorabugs"}, {"name": "ipausers"}, {"name": "gitmkinitrd"}, {"name": "qa-admin"}, {"name": "aws-qa"}, {"name": "change-wranglers"}, {"name": "fedora-ci-admins"}, {"name": "common-issues-triage"}, {"name": "sysadmin-main"}, {"name": "program-management"}, {"name": "gitfedora-project-schedule"}]}}}, {"karma": 0, "comment_id": 1915670, "bug_id": 1908653, "comment": {"karma": 1, "karma_critpath": 0, "text": "Installation of ipa server with CA/KRA/DNS manually tested with the combined updates, works well.", "timestamp": "2021-03-02 20:59:41", "update_id": 287426, "user_id": 3071, "id": 1915670, "testcase_feedback": [{"karma": 0, "comment_id": 1915670, "testcase_id": 142, "testcase": {"name": "QA:Testcase 389 ds base setup testcase", "id": 142}}, {"karma": 0, "comment_id": 1915670, "testcase_id": 143, "testcase": {"name": "QA:Testcase Create normalized dn cache testcase", "id": 143}}, {"karma": 0, "comment_id": 1915670, "testcase_id": 144, "testcase": {"name": "QA:Testcase Create normalized dn cache testcase2", "id": 144}}], "user": {"name": "frenaud", "email": "frenaud@redhat.com", "id": 3071, "avatar": "https://seccdn.libravatar.org/avatar/1e52aaae9646f0f890f5f6c771cd060c66898d5fdf78e8a6021eb2b75e27ffe2?s=24&d=retro", "openid": "frenaud.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "gitfreeipa"}]}}}, {"karma": 1, "comment_id": 1912388, "bug_id": 1908653, "comment": {"karma": 1, "karma_critpath": 0, "text": "Tested in freeipa upstream CI: https://github.com/freeipa-pr-ci2/freeipa/pull/745\nThe failures are known issues, the combined updates are working well", "timestamp": "2021-03-02 12:41:41", "update_id": 287425, "user_id": 3071, "id": 1912388, "testcase_feedback": [{"karma": 0, "comment_id": 1912388, "testcase_id": 142, "testcase": {"name": "QA:Testcase 389 ds base setup testcase", "id": 142}}, {"karma": 0, "comment_id": 1912388, "testcase_id": 143, "testcase": {"name": "QA:Testcase Create normalized dn cache testcase", "id": 143}}, {"karma": 0, "comment_id": 1912388, "testcase_id": 144, "testcase": {"name": "QA:Testcase Create normalized dn cache testcase2", "id": 144}}], "user": {"name": "frenaud", "email": "frenaud@redhat.com", "id": 3071, "avatar": "https://seccdn.libravatar.org/avatar/1e52aaae9646f0f890f5f6c771cd060c66898d5fdf78e8a6021eb2b75e27ffe2?s=24&d=retro", "openid": "frenaud.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "gitfreeipa"}]}}}, {"karma": 1, "comment_id": 1917687, "bug_id": 1908653, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2021-03-03 11:12:02", "update_id": 287425, "user_id": 685, "id": 1917687, "testcase_feedback": [{"karma": 1, "comment_id": 1917687, "testcase_id": 142, "testcase": {"name": "QA:Testcase 389 ds base setup testcase", "id": 142}}, {"karma": 1, "comment_id": 1917687, "testcase_id": 143, "testcase": {"name": "QA:Testcase Create normalized dn cache testcase", "id": 143}}, {"karma": 1, "comment_id": 1917687, "testcase_id": 144, "testcase": {"name": "QA:Testcase Create normalized dn cache testcase2", "id": 144}}], "user": {"name": "fcami", "email": "fdc@fcami.net", "id": 685, "avatar": "https://seccdn.libravatar.org/avatar/50e67d6bd8fd754776a97cfc0726e679c2f8400e76dd1a85664b9087ae48810d?s=24&d=retro", "openid": "fcami.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "packager"}]}}}, {"karma": 1, "comment_id": 1917688, "bug_id": 1908653, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2021-03-03 11:12:22", "update_id": 287423, "user_id": 685, "id": 1917688, "testcase_feedback": [{"karma": 0, "comment_id": 1917688, "testcase_id": 142, "testcase": {"name": "QA:Testcase 389 ds base setup testcase", "id": 142}}, {"karma": 0, "comment_id": 1917688, "testcase_id": 143, "testcase": {"name": "QA:Testcase Create normalized dn cache testcase", "id": 143}}, {"karma": 0, "comment_id": 1917688, "testcase_id": 144, "testcase": {"name": "QA:Testcase Create normalized dn cache testcase2", "id": 144}}], "user": {"name": "fcami", "email": "fdc@fcami.net", "id": 685, "avatar": "https://seccdn.libravatar.org/avatar/50e67d6bd8fd754776a97cfc0726e679c2f8400e76dd1a85664b9087ae48810d?s=24&d=retro", "openid": "fcami.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "packager"}]}}}, {"karma": 1, "comment_id": 1920563, "bug_id": 1908653, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2021-03-04 09:31:31", "update_id": 287426, "user_id": 685, "id": 1920563, "testcase_feedback": [{"karma": 1, "comment_id": 1920563, "testcase_id": 142, "testcase": {"name": "QA:Testcase 389 ds base setup testcase", "id": 142}}, {"karma": 1, "comment_id": 1920563, "testcase_id": 143, "testcase": {"name": "QA:Testcase Create normalized dn cache testcase", "id": 143}}, {"karma": 1, "comment_id": 1920563, "testcase_id": 144, "testcase": {"name": "QA:Testcase Create normalized dn cache testcase2", "id": 144}}], "user": {"name": "fcami", "email": "fdc@fcami.net", "id": 685, "avatar": "https://seccdn.libravatar.org/avatar/50e67d6bd8fd754776a97cfc0726e679c2f8400e76dd1a85664b9087ae48810d?s=24&d=retro", "openid": "fcami.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "packager"}]}}}]}], "updateid": "FEDORA-2021-e55a8d7545", "karma": -1, "content_type": "rpm", "test_cases": [{"name": "QA:Testcase 389 ds base setup testcase", "id": 142}, {"name": "QA:Testcase Create normalized dn cache testcase", "id": 143}, {"name": "QA:Testcase Create normalized dn cache testcase2", "id": 144}]}, "can_edit": false, "ci_allowed": false}