2014-10-30T13:39:06Z ERROR Upgrade failed with cannot connect to 'ldapi://%2fvar%2frun%2fslapd-EXAMPLE-COM.socket': 2014-10-30T13:39:06Z DEBUG Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/ipaserver/install/upgradeinstance.py", line 152, in __upgrade self.modified = (ld.update(self.files, ordered=True) or File "/usr/lib/python2.7/site-packages/ipaserver/install/ldapupdate.py", line 874, in update updates = api.Backend.updateclient.update(POST_UPDATE, self.dm_password, self.ldapi, self.live_run) File "/usr/lib/python2.7/site-packages/ipaserver/install/plugins/updateclient.py", line 131, in update ld.update_from_dict(updates) File "/usr/lib/python2.7/site-packages/ipaserver/install/ldapupdate.py", line 889, in update_from_dict self._run_updates(updates) File "/usr/lib/python2.7/site-packages/ipaserver/install/ldapupdate.py", line 799, in _run_updates self._update_record(update) File "/usr/lib/python2.7/site-packages/ipaserver/install/ldapupdate.py", line 661, in _update_record e = self._get_entry(new_entry.dn) File "/usr/lib/python2.7/site-packages/ipaserver/install/ldapupdate.py", line 544, in _get_entry return self.conn.get_entries(dn, scope, searchfilter, sattrs) File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 1421, in get_entries base_dn=base_dn, scope=scope, filter=filter, attrs_list=attrs_list) File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 1527, in find_entries break File "/usr/lib64/python2.7/contextlib.py", line 35, in __exit__ self.gen.throw(type, value, traceback) File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 1206, in error_handler error=info) NetworkError: cannot connect to 'ldapi://%2fvar%2frun%2fslapd-EXAMPLE-COM.socket':
Entries are not updated. Upgrade has to be done manually.
# ipactl restart # ipa-ldap-updater --upgrade # ipa-upgradeconfig
after manual update IPA works as expected
upgrade log ipaupgrade.log
I forgot to add, this happens only during dnf/yum upgrade.
Martin is investigating.
Bug: If any update plugin requires restarting dirserv during upgrade, the old ldap connection persist in upgrade instance and causes errors.
Fix: Close the old ldap connection before restarting dirserv, open the new connection after.
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1161128
Pushed to:
Metadata Update from @mbasti: - Issue assigned to mbasti - Issue set to the milestone: FreeIPA 4.0.5
Login to comment on this ticket.