https://bugzilla.redhat.com/show_bug.cgi?id=751597
Description of problem: I start with machine, whose hostname is ipa-replica.testrelm, with ip 10.16.19.135 # ipa-server-install --setup-dns --forwarder=10.14.63.12 --hostname ipaserver.testrelm -r TESTRELM -n testrelm -p Secret123 -P Secret123 -a Secret123 --ip-address 10.16.19.135 This fails with: [3/17]: configuring certificate server instance CRITICAL:root:failed to configure ca instance Command '/usr/bin/perl /usr/bin/pkisilent 'ConfigureCA' '-cs_hostname' 'ipaserver.testrelm' '-cs_port' '9445' '-client_certdb_dir' '/tmp/tmp-Ychuf6' '-client_certdb_pwd' XXXXXXXX '-preop_pin' 'AIYjmiNBjk4DZ4G18R6C' '-domain_name' 'IPA' '-admin_user' 'admin' '-admin_email' 'root@localhost' '-admin_password' XXXXXXXX '-agent_name' 'ipa-ca-agent' '-agent_key_size' '2048' '-agent_key_type' 'rsa' '-agent_cert_subject' 'CN=ipa-ca-agent,O=TESTRELM' '-ldap_host' 'ipaserver.testrelm' '-ldap_port' '7389' '-bind_dn' 'cn=Directory Manager' '-bind_password' XXXXXXXX '-base_dn' 'o=ipaca' '-db_name' 'ipaca' '-key_size' '2048' '-key_type' 'rsa' '-key_algorithm' 'SHA256withRSA' '-save_p12' 'true' '-backup_pwd' XXXXXXXX '-subsystem_name' 'pki-cad' '-token_name' 'internal' '-ca_subsystem_cert_subject_name' 'CN=CA Subsystem,O=TESTRELM' '-ca_ocsp_cert_subject_name' 'CN=OCSP Subsystem,O=TESTRELM' '-ca_server_cert_subject_name' 'CN=ipaserver.testrelm,O=TESTRELM' '-ca_audit_signing_cert_subject_name' 'CN=CA Audit,O=TESTRELM' '-ca_sign_cert_subject_name' 'CN=Certificate Authority,O=TESTRELM' '-external' 'false' '-clone' 'false'' returned non-zero exit status 255 root : CRITICAL failed to configure ca instance Command '/usr/bin/perl /usr/bin/pkisilent 'ConfigureCA' '-cs_hostname' 'ipaserver.testrelm' '-cs_port' '9445' '-client_certdb_dir' '/tmp/tmp-Ychuf6' '-client_certdb_pwd' XXXXXXXX '-preop_pin' 'AIYjmiNBjk4DZ4G18R6C' '-domain_name' 'IPA' '-admin_user' 'admin' '-admin_email' 'root@localhost' '-admin_password' XXXXXXXX '-agent_name' 'ipa-ca-agent' '-agent_key_size' '2048' '-agent_key_type' 'rsa' '-agent_cert_subject' 'CN=ipa-ca-agent,O=TESTRELM' '-ldap_host' 'ipaserver.testrelm' '-ldap_port' '7389' '-bind_dn' 'cn=Directory Manager' '-bind_password' XXXXXXXX '-base_dn' 'o=ipaca' '-db_name' 'ipaca' '-key_size' '2048' '-key_type' 'rsa' '-key_algorithm' 'SHA256withRSA' '-save_p12' 'true' '-backup_pwd' XXXXXXXX '-subsystem_name' 'pki-cad' '-token_name' 'internal' '-ca_subsystem_cert_subject_name' 'CN=CA Subsystem,O=TESTRELM' '-ca_ocsp_cert_subject_name' 'CN=OCSP Subsystem,O=TESTRELM' '-ca_server_cert_subject_name' 'CN=ipaserver.testrelm,O=TESTRELM' '-ca_audit_signing_cert_subject_name' 'CN=CA Audit,O=TESTRELM' '-ca_sign_cert_subject_name' 'CN=Certificate Authority,O=TESTRELM' '-external' 'false' '-clone' 'false'' returned non-zero exit status 255 Unexpected error - see ipaserver-install.log for details: Configuration of CA failed Version-Release number of selected component (if applicable): ipa-server-2.1.3-8.el6.x86_64 bind-dyndb-ldap-0.2.0-7.el6.x86_64 How reproducible: always Steps to Reproduce: 1.use ipa-server-install with a different hostname than the current hostname as indicated above Actual results: error as indicated above Expected results: install to be successful Additional info: Env before install: # hostname ipa-replica.testrelm # cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 #10.16.19.135 ipa-replica.testrelm ipa-replica # cat /etc/sysconfig/network NETWORKING=yes HOSTNAME=ipa-replica.testrelm # cat /etc/resolv.conf # Generated by NetworkManager domain bos.redhat.com search bos.redhat.com redhat.com testrelm nameserver 10.16.255.2 nameserver 10.16.255.3 nameserver 10.11.255.155 Env after install: # hostname ipaserver.testrelm # cat /etc/sysconfig/network NETWORKING=yes HOSTNAME=ipaserver.testrelm
attachment freeipa-mkosek-160-hosts-file-not-updated-when-ip-is-passed-as-option.patch
Patch freeipa-mkosek-160-hosts-file-not-updated-when-ip-is-passed-as-option.patch sent for review
master: 0165a03
Metadata Update from @mkosek: - Issue assigned to mkosek - Issue set to the milestone: FreeIPA 3.0 Core Effort - 2011/11
Login to comment on this ticket.