freeipa

Clone
Source Code
GIT

#2478 ipa-replica-install with --setup-dns options fails
Closed: Fixed None Opened 13 years ago by ohamada.

Closed: Fixed
Reopen Issue

When installing replica with --setup-dns option, the installation fails (during ipa-client installation). According to logs the ticket is missing. When installing without --setup-dns, installation completes successfully.

ipa-server package:
freeipa-server-2.99.0GIT87901ed-0.fc16.x86_64

I had to use following krb5 packages for F17 (F16 version does not exist at the moment):
krb5-server-1.10-4.fc17.x86_64
krb5-workstation-1.10-4.fc17.x86_64
krb5-libs-1.10-4.fc17.x86_64
krb5-server-ldap-1.10-4.fc17.x86_64
krb5-devel-1.10-4.fc17.x86_64
krb5-debuginfo-1.10-4.fc17.x86_64
krb5-pkinit-1.10-4.fc17.x86_64

ipareplica-install.log:

2012-03-01T15:37:12Z DEBUG   [8/8]: changing resolv.conf to point to ourselves
2012-03-01T15:37:12Z DEBUG Backing up system configuration file '/etc/resolv.conf'
2012-03-01T15:37:12Z DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index'
2012-03-01T15:37:12Z DEBUG   duration: 0 seconds
2012-03-01T15:37:12Z DEBUG done configuring named.
2012-03-01T15:37:16Z DEBUG args=/usr/sbin/ipa-client-install --on-master --unattended --domain idm.lab.bos.redhat.com --server vm-070.idm.lab.bos.redhat.com --realm IDM.LAB.BOS.REDHAT.COM
2012-03-01T15:37:16Z DEBUG stdout=^[[?1034hDiscovery was successful!
Hostname: vm-070.idm.lab.bos.redhat.com
Realm: IDM.LAB.BOS.REDHAT.COM
DNS Domain: idm.lab.bos.redhat.com
IPA Server: vm-070.idm.lab.bos.redhat.com
BaseDN: dc=idm,dc=lab,dc=bos,dc=redhat,dc=com



2012-03-01T15:37:16Z DEBUG stderr=Traceback (most recent call last):
  File "/usr/sbin/ipa-client-install", line 1493, in <module>
    sys.exit(main())
  File "/usr/sbin/ipa-client-install", line 1480, in main
    rval = install(options, env, fstore, statestore)
  File "/usr/sbin/ipa-client-install", line 1300, in install
    api.Backend.xmlclient.connect()
  File "/usr/lib/python2.7/site-packages/ipalib/backend.py", line 63, in connect
    conn = self.create_connection(*args, **kw)
  File "/usr/lib/python2.7/site-packages/ipalib/rpc.py", line 385, in create_connection
    raise errors.KerberosError(major=str(krberr), minor='')
ipalib.errors.KerberosError: Kerberos error: No credentials cache found/

2012-03-01T15:37:16Z DEBUG Failed to configure the client
  File "/usr/sbin/ipa-replica-install", line 490, in <module>
    main()

  File "/usr/sbin/ipa-replica-install", line 479, in main
    raise RuntimeError("Failed to configure the client")

/var/log/messages:

Mar  1 10:34:44 vm-143 systemd[1]: Reloading.
Mar  1 10:34:44 vm-143 systemd[1]: Reloading.
Mar  1 10:34:49 vm-143 systemd[1]: Reloading.
Mar  1 10:34:57 vm-143 systemd[1]: PID 22414 read from file /var/run/krb5kdc.pid does not exist.
Mar  1 10:34:57 vm-143 systemd[1]: Reloading.
Mar  1 10:34:57 vm-143 ns-slapd: GSSAPI Error: Unspecified GSS failure.  Minor code may provide more information (Credentials cache file '/tmp/krb5cc_499' not found)
Mar  1 10:34:57 vm-143 systemd[1]: PID 22424 read from file /var/run/kadmind.pid does not exist.
Mar  1 10:34:57 vm-143 systemd[1]: Reloading.
Mar  1 10:34:57 vm-143 systemd[1]: Reloading.
Mar  1 10:34:58 vm-143 systemd[1]: PID file /var/run/ipa_memcached/ipa_memcached.pid not readable (yet?) after start.
Mar  1 10:34:58 vm-143 systemd[1]: Reloading.
Mar  1 10:34:58 vm-143 systemd[1]: Reloading.
Mar  1 10:34:58 vm-143 systemd[1]: Reloading.
Mar  1 10:35:01 vm-143 ns-slapd: GSSAPI Error: Unspecified GSS failure.  Minor code may provide more information (Credentials cache file '/tmp/krb5cc_499' not found)
Mar  1 10:35:07 vm-143 ns-slapd: GSSAPI Error: Unspecified GSS failure.  Minor code may provide more information (Credentials cache file '/tmp/krb5cc_499' not found)
Mar  1 10:35:18 vm-143 ns-slapd: GSSAPI Error: Unspecified GSS failure.  Minor code may provide more information (Credentials cache file '/tmp/krb5cc_499' not found)
Mar  1 10:35:43 vm-143 ns-slapd: GSSAPI Error: Unspecified GSS failure.  Minor code may provide more information (Credentials cache file '/tmp/krb5cc_499' not found)
Mar  1 10:36:15 vm-143 dbus-daemon[648]: dbus[648]: avc:  received policyload notice (seqno=3)
Mar  1 10:36:15 vm-143 dbus[648]: avc:  received policyload notice (seqno=3)
Mar  1 10:36:15 vm-143 dbus-daemon[648]: dbus[648]: [system] Reloaded configuration
Mar  1 10:36:15 vm-143 dbus[648]: [system] Reloaded configuration
Mar  1 10:36:16 vm-143 setsebool: The httpd_can_network_connect policy boolean was changed to true by root
Mar  1 10:36:17 vm-143 systemd[1]: PID file /var/run/httpd/httpd.pid not readable (yet?) after start.
Mar  1 10:36:17 vm-143 systemd[1]: Reloading.
Mar  1 10:36:18 vm-143 kernel: [86280.736091] httpd[23104]: segfault at 30 ip 00007f0d8e3997c7 sp 00007fff413efbd0 error 4 in libapr-1.so.0.4.6[7f0d8e383000+2e000]
Mar  1 10:36:18 vm-143 kernel: [86280.736284] httpd[23103]: segfault at 30 ip 00007f0d8e3997c7 sp 00007fff413efad0 error 4 in libapr-1.so.0.4.6[7f0d8e383000+2e000]
Mar  1 10:36:29 vm-143 systemd[1]: PID file /var/run/httpd/httpd.pid not readable (yet?) after start.
Mar  1 10:36:31 vm-143 ns-slapd: GSSAPI Error: Unspecified GSS failure.  Minor code may provide more information (Credentials cache file '/tmp/krb5cc_499' not found)
Mar  1 10:37:03 vm-143 ns-slapd: GSSAPI Error: Unspecified GSS failure.  Minor code may provide more information (Credentials cache file '/tmp/krb5cc_499' not found)
Mar  1 10:37:04 vm-143 systemd[1]: PID 23008 read from file /var/run/krb5kdc.pid does not exist.
Mar  1 10:37:05 vm-143 systemd[1]: PID file /var/run/httpd/httpd.pid not readable (yet?) after start.
Mar  1 10:37:09 vm-143 named[23246]: starting BIND 9.8.2rc1-RedHat-9.8.2-0.2.rc1.fc16 -u named
Mar  1 10:37:09 vm-143 named[23246]: built with '--build=x86_64-redhat-linux-gnu' '--host=x86_64-redhat-linux-gnu' '--program-prefix=' '--disable-dependency-tracking' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib64' '--libexecdir=/usr/libexec' '--sharedstatedir=/var/lib' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--with-libtool' '--localstatedir=/var' '--enable-threads' '--enable-ipv6' '--with-pic' '--disable-static' '--disable-openssl-version-check' '--enable-exportlib' '--with-export-libdir=/usr/lib64' '--with-export-includedir=/usr/include' '--includedir=/usr/include/bind9' '--with-pkcs11=/usr/lib64/pkcs11/PKCS11_API.so' '--with-dlz-ldap=yes' '--with-dlz-postgres=yes' '--with-dlz-mysql=yes' '--with-dlz-filesystem=yes' '--with-gssapi=yes' '--disable-isc-spnego' 'build_alias=x86_64-redhat-linux-gnu' 'host_alias=x86_64-redhat-linux-gnu' 'CFLAGS= -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic' 'LDFLAGS=-Wl,-z,relro ' 'CPPFLAGS= -DDIG_SIGCHASE'
Mar  1 10:37:09 vm-143 named[23246]: ----------------------------------------------------
Mar  1 10:37:09 vm-143 named[23246]: BIND 9 is maintained by Internet Systems Consortium,
Mar  1 10:37:09 vm-143 named[23246]: Inc. (ISC), a non-profit 501(c)(3) public-benefit
Mar  1 10:37:09 vm-143 named[23246]: corporation.  Support and training for BIND 9 are
Mar  1 10:37:09 vm-143 named[23246]: available at https://www.isc.org/support
Mar  1 10:37:09 vm-143 named[23246]: ----------------------------------------------------
Mar  1 10:37:09 vm-143 named[23246]: adjusted limit on open files from 4096 to 1048576
Mar  1 10:37:09 vm-143 named[23246]: found 1 CPU, using 1 worker thread

This is also reproducable with ipa-client-install --enable-dns-updates --mkhomedir

Same backtrace.

master: 55f89dc

ipa-2-2: 5b9fba7

Metadata Update from @ohamada:
- Issue assigned to rcritten
- Issue set to the milestone: FreeIPA 2.2 Core Effort - 2012/03
8 years ago

Log in to comment on this ticket.

Metadata
None
None
None
normal
None
None
None
None
defect
None
None
IPA
None
0
None
None
None
None
None
None
None
0
Powered by Pagure 5.14.1
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.