https://bugzilla.redhat.com/show_bug.cgi?id=803452 (Red Hat Enterprise Linux 6)
Description of problem: Upgrading IPA to version 2.2.0-3 on RHEL6.2 errors configuring ipa_memcached. In this case, services were down before the upgrade, /var/run/slapd-TESTRELM-COM.socket was removed, and resolv.conf was pointed to a different name server. ipactl stop rm /var/run/slapd-TESTRELM-COM.socket yum update 'ipa*' Version-Release number of selected component (if applicable): RHEL6.2 build with IPA 2.1.3 being upgraded to 2.2.0-3. How reproducible: Currently unknown. First time seeing this and haven't reproduced yet. Steps to Reproduce: 1. <Start with RHEL6.2 build> 2. <setup IPA 2.1.3 server from base OS repos> 3. ipactl stop 4. rm /var/run/slapd-<REALMINSTANCE>.socket 5. <add RHEL6.3 repos and/or repos containing IPA 2.2.0-3 rpms> 6. vi /etc/resolv.conf # point to known good DNS server if necessary 7. yum -y update 'ipa*' Actual results: Error and traceback seen: <snip> Updating : ipa-server-2.2.0-3.el6.x86_64 21/44 Upgraded /etc/httpd/conf.d/ipa.conf to version 4 Configuring ipa_memcached [1/2]: starting ipa_memcached [2/2]: configuring ipa_memcached to start on boot Traceback (most recent call last): File "/usr/sbin/ipa-upgradeconfig", line 289, in <module> sys.exit(main()) File "/usr/sbin/ipa-upgradeconfig", line 282, in main memcache.create_instance('MEMCACHE', fqdn, None, ipautil.realm_to_suffix(krbctx.default_realm)) File "/usr/lib/python2.6/site-packages/ipaserver/install/service.py", line 325, in create_instance self.start_creation("Configuring %s" % self.service_name) File "/usr/lib/python2.6/site-packages/ipaserver/install/service.py", line 257, in start_creation method() File "/usr/lib/python2.6/site-packages/ipaserver/install/service.py", line 338, in __enable self.dm_password, self.suffix) File "/usr/lib/python2.6/site-packages/ipaserver/install/service.py", line 311, in ldap_enable self.admin_conn.addEntry(entry) File "/usr/lib/python2.6/site-packages/ipaserver/ipaldap.py", line 496, in addEntry self.__handle_errors(e, arg_desc=arg_desc) File "/usr/lib/python2.6/site-packages/ipaserver/ipaldap.py", line 312, in __handle_errors raise errors.NotFound(reason=arg_desc) ipalib.errors.NotFound: entry=dn: cn=MEMCACHE,cn=dell-pe2950-01.testrelm.com,cn =masters,cn=ipa,cn=etc,dc=testrelm,dc=com cn: MEMCACHE ipaconfigstring: enabledService ipaconfigstring: startOrder 39 objectclass: nsContainer objectclass: ipaConfigObject </snip> And, afterwards, IPA will not start: [root@dell-pe2950-01 ipa-upgrade]# ipactl start Starting Directory Service Starting dirsrv: PKI-IPA...[ OK ] TESTRELM-COM...[ OK ] Failed to read data from Directory Service: Failed to get list of services to probe status! Configured hostname 'dell-pe2950-01.testrelm.com' does not match any master server in LDAP: No master found because of error: {'matched': 'dc=testrelm,dc=com', 'desc': 'No such object'} Shutting down Shutting down dirsrv: PKI-IPA...[ OK ] TESTRELM-COM...[ OK ] Expected results: Clean upgrade and IPA can be started after upgrade. Additional info: /var/log/messages contain some KDC/LDAP messages for sssd: Mar 14 13:18:44 dell-pe2950-01 [sssd[ldap_child[13376]]]: Failed to initialize credentials using keytab [(null)]: Cannot contact any KDC for realm 'TESTRELM.COM'. Unable to create GSSAPI-encrypted LDAP connection. Mar 14 13:18:44 dell-pe2950-01 [sssd[ldap_child[13376]]]: Cannot contact any KDC for requested realm
Might be a dup.
Unable to reproduce
Looks like this is another manifestation of the 389-ds database corruption on upgrade. Upstream bug closed as duplicate of 803930.
I'm doing the same, closing as a duplicate of 2541
Metadata Update from @dpal: - Issue assigned to rcritten - Issue set to the milestone: FreeIPA 2.2 Core Effort - 2012/03
Login to comment on this ticket.