#4716 ipa-server-install fails when restarting named
Closed: Fixed None Opened 9 years ago by jcholast.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1162340

Description of problem:

Installing ipa server after downgrading 389-ds-base to workaround bz1158410
fails when restarting named

ipa-server install fails with error:
  [12/12]: changing resolv.conf to point to ourselves
Done configuring DNS (named).
Restarting named
ipa         : ERROR    Named service failed to start (Command ''/bin/systemctl'
'restart' 'named.service'' returned non-zero exit status 1)
named service failed to start



New msg when doing a yum install ipa-server:
<..snip..>
Running transaction
  Installing : ipa-server-4.1.0-4.el7.x86_64
1/1
warning: user named does not exist - using root
warning: group named does not exist - using root
  Verifying  : ipa-server-4.1.0-4.el7.x86_64
1/1
<..snip..>

Uninstalled and reinstalled - still same error.

Version-Release number of selected component (if applicable):
ipa-server-4.1.0-4.el7.x86_64
bind-dyndb-ldap-6.0-1.el7.x86_64
389-ds-base-1.3.3.1-6.el7.x86_64


How reproducible:
always

Steps to Reproduce:
1.install ipa-server


Actual results:
Error as mentioned in description


Expected results:
successful install

Additional info:

# journalctl -b -u named
<..snip..>
Nov 10 15:46:00 beast.testrelm.test named[16067]: bind-dyndb-ldap version 6.0
compiled at 07:24:05 Sep 23 2014, compiler 4.8.3 20140911 (Red Hat 4.8.3-7)
Nov 10 15:46:00 beast.testrelm.test named[16067]: unable to open directory
'dyndb-ldap/ipa', working directory is '/var/named': permission denied
Nov 10 15:46:00 beast.testrelm.test named[16067]: LDAP config validation failed
for database 'ipa': permission denied
Nov 10 15:46:00 beast.testrelm.test named[16067]: dynamic database 'ipa'
configuration failed: permission denied
Nov 10 15:46:00 beast.testrelm.test named[16067]: loading configuration:
permission denied
Nov 10 15:46:00 beast.testrelm.test named[16067]: exiting (due to fatal error)
Nov 10 15:46:00 beast.testrelm.test systemd[1]: named.service: control process
exited, code=exited status=1
Nov 10 15:46:00 beast.testrelm.test systemd[1]: Failed to start Berkeley
Internet Name Domain (DNS).
<..snip..>

# ls -lZ /var/named/dyndb-ldap/
drwxrwx---. root root system_u:object_r:named_zone_t:s0 ipa

# ls -lZ /var/named/dyndb-ldap/ipa

nothing to list in this dir ^

This is blocking Fedora 21.

master:

  • 7c176b7 Fix named working directory permissions

ipa-4-1:

  • ba12404 Fix named working directory permissions

Metadata Update from @jcholast:
- Issue assigned to mbasti
- Issue set to the milestone: FreeIPA 4.1.2

6 years ago

Login to comment on this ticket.

Metadata