With latest pki-core builds and couple changes to the spec file, FreeIPA can be now built (link to FreeIPA Copr) and installed on RHEL/CentOS-7.
However, I still found couple issues:
Samba Requires are wrong - it looks like the epoch is no longer there. Changes I had to do for Copr build:
diff --git a/freeipa.spec b/freeipa.spec index 2fa51a3..0611859 100644 --- a/freeipa.spec +++ b/freeipa.spec @@ -24,7 +24,7 @@ BuildRequires: 389-ds-base-devel >= 1.3.3.2 BuildRequires: svrcore-devel BuildRequires: policycoreutils >= %{POLICYCOREUTILSVER} BuildRequires: systemd-units -BuildRequires: samba-devel >= 2:4.0.5-1 +BuildRequires: samba-devel >= 4.0.5-1 BuildRequires: samba-python BuildRequires: libwbclient-devel BuildRequires: libtalloc-devel @@ -162,7 +162,7 @@ Group: System Environment/Base Requires: %{name}-server = %version-%release Requires: m2crypto Requires: samba-python -Requires: samba >= 2:4.0.5-1 +Requires: samba >= 4.0.5-1 Requires: samba-winbind Requires: libsss_idmap Requires: libsss_nss_idmap-python
Required selinux-policy is not available on EL 7.0, forcing admins to install selinux-policy from F20.
Install does not complete due to calling wrong service (@#$%^ systemd):
2014-09-24T08:35:27Z DEBUG Saving StateFile to '/var/lib/ipa-client/sysrestore/sysrestore.state' 2014-09-24T08:35:27Z DEBUG Starting external process 2014-09-24T08:35:27Z DEBUG args='/usr/sbin/authconfig' '--update' '--nisdomain' 'idm.lab.bos.redhat.com' 2014-09-24T08:35:28Z DEBUG Process finished, return code=0 2014-09-24T08:35:28Z DEBUG stdout= 2014-09-24T08:35:28Z DEBUG stderr= 2014-09-24T08:35:28Z DEBUG Starting external process 2014-09-24T08:35:28Z DEBUG args='/bin/systemctl' 'enable' 'fedora-domainname.service' 2014-09-24T08:35:28Z DEBUG Process finished, return code=1 2014-09-24T08:35:28Z DEBUG stdout= 2014-09-24T08:35:28Z DEBUG stderr=Failed to issue method call: No such file or directory
2014-09-24T08:35:28Z DEBUG Starting external process 2014-09-24T08:35:28Z DEBUG args='/bin/systemctl' 'restart' 'fedora-domainname.service' 2014-09-24T08:35:28Z DEBUG Process finished, return code=6 2014-09-24T08:35:28Z DEBUG stdout= 2014-09-24T08:35:28Z DEBUG stderr=Failed to issue method call: Unit fedora-domainname.service failed to load: No such file or directory.
So do you plan to add %if %endif sections to upstream .spec to support el7, or what is the proposal for the fix?
FYI, when running yum install freeipa-server in CentOS 7 container, I see
Error: Package: freeipa-server-4.0.3-1.el7.centos.x86_64 (mkosek-freeipa) Requires: selinux-policy >= 3.12.1-176 Available: selinux-policy-3.12.1-153.el7.noarch (base) selinux-policy = 3.12.1-153.el7 Installing: selinux-policy-3.12.1-153.el7_0.10.noarch (updates) selinux-policy = 3.12.1-153.el7_0.10 Error: Package: freeipa-server-4.0.3-1.el7.centos.x86_64 (mkosek-freeipa) Requires: selinux-policy >= 3.12.1-176 Available: selinux-policy-3.12.1-153.el7.noarch (base) selinux-policy = 3.12.1-153.el7 Available: selinux-policy-3.12.1-153.el7_0.10.noarch (updates) selinux-policy = 3.12.1-153.el7_0.10 Error: Package: libwbclient-4.1.9-4.el7.centos.x86_64 (mkosek-freeipa) Requires: libbsd.so.0()(64bit) Error: Package: samba-libs-4.1.9-4.el7.centos.x86_64 (mkosek-freeipa) Requires: libbsd.so.0()(64bit) Error: Package: samba-libs-4.1.9-4.el7.centos.x86_64 (mkosek-freeipa) Requires: libbsd.so.0(LIBBSD_0.3)(64bit) Error: Package: samba-libs-4.1.9-4.el7.centos.x86_64 (mkosek-freeipa) Requires: libbsd.so.0(LIBBSD_0.0)(64bit) Error: Package: libwbclient-4.1.9-4.el7.centos.x86_64 (mkosek-freeipa) Requires: libbsd.so.0(LIBBSD_0.0)(64bit)
Not sure if the {{{libbsd.so}}} issue is somehow implicitly included in your set of issues from comment 0.
Replying to [comment:1 adelton]:
Exactly.
Replying to [comment:3 adelton]: ...
That's strange - what is your libbsd version? I have libbsd-0.5.2-3.el7.x86_64 in my VM.
libbsd-0.5.2-3.el7.x86_64
# rpm -q --provides libbsd libbsd = 0.5.2-3.el7 libbsd(x86-64) = 0.5.2-3.el7 libbsd.so.0()(64bit) libbsd.so.0(LIBBSD_0.0)(64bit) libbsd.so.0(LIBBSD_0.1)(64bit) libbsd.so.0(LIBBSD_0.2)(64bit) libbsd.so.0(LIBBSD_0.3)(64bit) libbsd.so.0(LIBBSD_0.4)(64bit) libbsd.so.0(LIBBSD_0.5)(64bit)
# docker run -ti centos:centos7 yum install libbsd Loaded plugins: fastestmirror base | 3.6 kB 00:00:00 extras | 3.4 kB 00:00:00 updates | 3.4 kB 00:00:00 (1/4): extras/7/x86_64/primary_db | 26 kB 00:00:00 (2/4): base/7/x86_64/group_gz | 157 kB 00:00:00 (3/4): base/7/x86_64/primary_db | 4.9 MB 00:00:01 (4/4): updates/7/x86_64/primary_db | 3.4 MB 00:00:01 Determining fastest mirrors * base: mirror.thelinuxfix.com * extras: centos.mbni.med.umich.edu * updates: holmes.umflint.edu No package libbsd available. Error: Nothing to do
Replying to [comment:5 mkosek]:
I have libbsd-0.5.2-3.el7.x86_64 in my VM.
I wonder how it got to your VM -- http://mirror.centos.org/centos/7/os/x86_64/Packages/, http://mirror.centos.org/centos/7/updates/x86_64/Packages/, nor http://mirror.centos.org/centos/7/extras/x86_64/Packages/ seem to carry it.
I found out it was purposefully removed during 7.0 development process and replaced with samba internal library.
I asked samba maintainer how to resolve it - there are 2 options:
samba-4.1.12-1.fc21.src.rpm and newer no longer depends on libbsd - I built that for the Copr repo. It should be now installable on 7.0, thus fixing comment:3.
The libbsd error is gone but new one appeared:
Error: Package: sssd-common-1.11.2-68.el7_0.5.x86_64 (updates) Requires: libldb(x86-64) = 1.1.16 Available: libldb-1.1.16-4.el7.x86_64 (base) libldb(x86-64) = 1.1.16-4.el7 Installing: libldb-1.1.17-2.el7.centos.x86_64 (mkosek-freeipa) libldb(x86-64) = 1.1.17-2.el7.centos
People keep hitting these issues, both on freeipa-users and other efforts - we should speed it up.
master:
ipa-4-1:
ipa-4-0:
Metadata Update from @mkosek: - Issue assigned to jcholast - Issue set to the milestone: FreeIPA 4.0.4
Login to comment on this ticket.