#6071 ipa-server-install fails in container because of hostnamectl set-hostname
Closed: Fixed None Opened 7 years ago by pvoborni.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1353831

Description of problem:

When running https://github.com/adelton/docker-freeipa with RHEL 7.3 nightly,
the ipa-server-install fails because in unprivileged container, hostnamectl
set-hostname fails.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. Build container image based on RHEL 7.3 nightly repo / upgraded to this
2. Run the container: docker run -t --name freeipa-server-container -h
ipa.example.test -v /dev/urandom:/dev/random:ro -v
/opt/ipa-data-rhel-7.3-nightly:/data -v /sys/fs/cgroup:/sys/fs/cgroup:ro
--cap-add=SYS_TIME  freeipa-server

Actual results:

systemd 219 running in system mode. (+PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK
Detected virtualization docker.
Detected architecture x86-64.
Set hostname to <ipa.example.test>.
Thu Jul  7 16:14:35 EDT 2016 /usr/sbin/ipa-server-configure-first
systemd-tmpfiles-setup.service: main process exited, code=exited,
Job container-ipa.target/start failed with result 'dependency'.
Unit systemd-tmpfiles-setup.service entered failed state.
systemd-tmpfiles-setup.service failed.
ipa         : ERROR    Failed to set this machine hostname to ipa.example.test
(Command '/bin/hostnamectl set-hostname ipa.example.test' returned non-zero
exit status 1).
ipa.ipapython.install.cli.install_tool(Server): ERROR    Command
'/bin/hostnamectl set-hostname ipa.example.test' returned non-zero exit status
ipa.ipapython.install.cli.install_tool(Server): ERROR    The ipa-server-install
command failed. See /var/log/ipaserver-install.log for more information
Checking DNS domain example.test, please wait ...

The log file for this installation can be found in
This program will set up the IPA Server.

This includes:
  * Configure a stand-alone CA (dogtag) for certificate management
  * Configure the Network Time Daemon (ntpd)
  * Create and configure an instance of Directory Server
  * Create and configure a Kerberos Key Distribution Center (KDC)
  * Configure Apache (httpd)
  * Configure DNS (bind)

Warning: skipping DNS resolution of host ipa.example.test
Checking DNS domain example.test., please wait ...
Checking DNS forwarders, please wait ...

The IPA Master Server will be configured with:
Hostname:       ipa.example.test
IP address(es):
Domain name:    example.test
Realm name:     EXAMPLE.TEST

BIND DNS server will be configured to serve IPA domain with:
Forward policy:   only
Reverse zone(s):  No reverse zone

FreeIPA server configuration failed.

Expected results:

No error.

Additional info:

The problem seems to come from change c5686295f14c955d34d9598ddb80b30cb9df663c.

Note that in containers, we rely on the hostname being set from "outside", in
docker run case with -h option. The installer should not run hostnamectl when
the hostname is already set to the required value.


  • a83523e server-install: Fix --hostname option to always override api.env values
  • 80e544e install: Call hostnamectl set-hostname only if --hostname option is used

Metadata Update from @pvoborni:
- Issue assigned to pspacek
- Issue set to the milestone: FreeIPA 4.4.1

6 years ago

Login to comment on this ticket.