Uninstallation of FreeIPA server is blocked because remove-ds.pl is waiting for a password input:
remove-ds.pl
16172 pts/2 S 0:00 \_ /bin/bash 27701 pts/2 S+ 0:04 \_ /usr/bin/python3 -E /usr/sbin/ipa-server-install --uninstall -U 28063 pts/2 S+ 0:00 \_ /usr/bin/perl /usr/sbin/remove-ds.pl -i slapd-IPA.EXAMPLE 28064 pts/2 S+ 0:00 \_ /bin/sh /usr/sbin/stop-dirsrv IPA.EXAMPLE 28095 pts/2 S+ 0:00 \_ /usr/bin/systemctl stop dirsrv@IPA.EXAMPLE.service 28096 pts/2 S+ 0:00 \_ /usr/bin/systemd-tty-ask-password-agent --watch
389-ds-base-1.4.0.6-2.fc28.x86_64
# ipa-server-install --uninstall -U Shutting down all IPA services Configuring certmonger to stop tracking system certificates for KRA Configuring certmonger to stop tracking system certificates for CA Unconfiguring CA Unconfiguring krb5kdc Unconfiguring kadmin Unconfiguring directory server
Uninstallation just sits there and doesn't proceed.
remove-ds shouldn't block.
All commands are executed as user root with an unconfined context:
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 root 16172 0.0 0.0 18304 5140 pts/2 S Apr10 0:00 \_ /bin/bash unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 root 27701 0.8 1.1 400852 91360 pts/2 S+ 07:30 0:04 \_ /usr/bin/python3 -E /usr/sbin/ipa-server-install --uninstall -U unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 root 28063 0.0 0.2 123680 21732 pts/2 S+ 07:30 0:00 \_ /usr/bin/perl /usr/sbin/remove-ds.pl -i slapd-IPA.EXAMPLE unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 root 28064 0.0 0.0 12788 3136 pts/2 S+ 07:30 0:00 \_ /bin/sh /usr/sbin/stop-dirsrv IPA.EXAMPLE unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 root 28095 0.0 0.0 77968 6076 pts/2 S+ 07:30 0:00 \_ /usr/bin/systemctl stop dirsrv@IPA.EXAMPLE.service unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 root 28096 0.0 0.0 74880 3600 pts/2 S+ 07:30 0:00 \_ /usr/bin/systemd-tty-ask-password-agent --watch
Metadata Update from @mreynolds: - Custom field component adjusted to None - Custom field origin adjusted to None - Custom field reviewstatus adjusted to None - Custom field type adjusted to None - Custom field version adjusted to None - Issue set to the milestone: 1.4.0
Metadata Update from @mreynolds: - Issue assigned to mreynolds
I've never seen remove-ds.pl block before or prompt for any kind of password. So this is odd indeed.
I tested 389-ds-base-1.4.0.7 on F28 with freeipa 4.6.90. Uninstall works fine for me. I installed and uninstalled over and over - no problems.
Perhaps there is more to reproducing the problem than installing and uninstalling?
The only time we access systemd-ask-password is part of svrcore to get the pin for the NSSDB. This indicates that perhaps it's starting the server?
Can this error be produced with ds-create or dsctl <inst> remove?
No movement in 11 months, so I think this is no longer an issue.
Metadata Update from @firstyear: - Issue close_status updated to: worksforme - Issue status updated to: Closed (was: Open)
389-ds-base is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in 389-ds-base's github repository.
This issue has been cloned to Github and is available here: - https://github.com/389ds/389-ds-base/issues/2694
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Metadata Update from @spichugi: - Issue close_status updated to: wontfix (was: worksforme)
Login to comment on this ticket.