When running ipa-ca-install on a replica, the installer points to non-existing log files in case the installation fails:
# ipa-ca-install ... ipa.ipaserver.install.cainstance.CAInstance: CRITICAL Failed to configure CA instance: Command ''/usr/sbin/pkispawn' '-s' 'CA' '-f' '/tmp/tmpjXBYmy'' returned non-zero exit status 1 ipa.ipaserver.install.cainstance.CAInstance: CRITICAL See the installation logs and the following files/directories for more information: ipa.ipaserver.install.cainstance.CAInstance: CRITICAL /var/log/pki-ca-install.log ipa.ipaserver.install.cainstance.CAInstance: CRITICAL /var/log/pki/pki-tomcat
The files /var/log/pki-ca-install.log and /var/log/pki/pki-tomcat doesn't exist. Instead we have /var/log/ipareplica-ca-install.log which should be printed out on stderr.
sorry for the bad formatting but I think you got the point.
this was modified in #5197 in aeffe2d
@@ -461,11 +440,7 @@ class DogtagInstance(service.Service): % (self.subsystem, e)) self.log.critical("See the installation logs and the following " "files/directories for more information:") - logs = [self.dogtag_constants.PKI_INSTALL_LOG, - self.dogtag_constants.PKI_LOG_TOP_LEVEL] - - for log in logs: - self.log.critical(" %s" % log) + self.log.critical(" %s" % paths.TOMCAT_TOPLEVEL_DIR)
TOMCAT_TOPLEVEL_DIR = "/var/log/pki/pki-tomcat"
There is quite a lot of logs in the pki directory. The installer should mention the most interesting ones, namely:
/var/log/pki/pki-ca-spawn-$timestamp.log
/var/log/pki/pki-tomcat/ca/debug
/var/log/pki/pki-tomcat/ca/selftest.log
journalctl -u pki-tomcatd@pki-tomcat.service
4.3.2 was released, moving to 4.3.3
Metadata Update from @tscherf: - Issue assigned to someone - Issue set to the milestone: FreeIPA 4.3.3
4.3.x EOL
Metadata Update from @mbasti: - Issue close_status updated to: None - Issue set to the milestone: FreeIPA 4.4.5 (was: FreeIPA 4.3.3)
Login to comment on this ticket.