Ticket was cloned from Red Hat Bugzilla (product Fedora): Bug 974306
ipa-server-install does not stop on dirsrv restart failure caused by wrongly configured iptables which filtered loopback communication:
# cat /etc/sysconfig/iptables *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT #-A INPUT -i lo -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT # cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 #::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 # ipa-server-install ... [2/4]: writing configuration [3/4]: configuring ntpd to start on boot [4/4]: starting ntpd Done configuring NTP daemon (ntpd). Configuring directory server (dirsrv): Estimated time 1 minute [1/37]: creating directory server user [2/37]: creating directory server instance ipa : CRITICAL Failed to restart the directory server (). See the installation log for details. [3/37]: adding default schema [4/37]: enabling memberof plugin #
We should stop right after this service restart fails.
May be related to #3730.
As Ana is moving out of the team, I am moving her unresolved tickets to free-to-take pool.
This seems more like an instance of #2539.
closing as duplicate of #2539. #2539 moved to 4.3.1.
Metadata Update from @mkosek: - Issue assigned to someone - Issue set to the milestone: Ticket Backlog
Login to comment on this ticket.