Issue #7449: Uninstall: DNSSEC data export failed - freeipa

freeipa

#7449 Uninstall: DNSSEC data export failed

Opened 6 years ago by cheimes. Modified 3 years ago

Issue

ipa-server-install --uninstall fails to export DNSSEC data with error message because LDAP server has been stopped already:

Shutting down all IPA services
Unconfiguring ntpd
Configuring certmonger to stop tracking system certificates for KRA
Unconfiguring KRA
Configuring certmonger to stop tracking system certificates for CA
Unconfiguring CA
Unconfiguring ods-enforcerd
Exporting DNSSEC data before uninstallation
ipaserver.install.opendnssecinstance: ERROR    DNSSEC data export failed

Steps to Reproduce

ipa-server-install
ipa-dns-install --dnssec-master --auto-forwarders --auto-reverse --unattended
ipa-server-install --uninstall -U

Version/Release/Distribution

freeipa-server-4.6.90.dev201803141340+git2c05e42af-0.fc28.x86_64

Additional info:

2018-03-15T06:44:16Z DEBUG Exporting DNSSEC data before uninstallation
2018-03-15T06:44:16Z DEBUG Starting external process
2018-03-15T06:44:16Z DEBUG args=['/usr/libexec/ipa/ipa-ods-exporter', 'ipa-full-update']
2018-03-15T06:44:16Z DEBUG runas=ods (UID 999, GID 998)
2018-03-15T06:44:20Z DEBUG Process finished, return code=1
2018-03-15T06:44:20Z DEBUG stdout=
2018-03-15T06:44:20Z DEBUG stderr=importing all plugin modules in ipaserver.plugins...
...
Kerberos principal: ipa-ods-exporter/master.ipa.example
Initializing principal ipa-ods-exporter/master.ipa.example using keytab /etc/ipa/dnssec/ipa-ods-exporter.keytab
using ccache /var/opendnssec/tmp/ipa-ods-exporter.ccache
Attempt 1/5: success
Got TGT
Connecting to LDAP
Traceback (most recent call last):
  File "/usr/lib/python3.6/site-packages/ipapython/ipaldap.py", line 1007, in error_handler
    yield
  File "/usr/lib/python3.6/site-packages/ipapython/ipaldap.py", line 1166, in gssapi_bind
    '', auth_tokens, server_controls, client_controls)
  File "/usr/lib64/python3.6/site-packages/ldap/ldapobject.py", line 444, in sasl_interactive_bind_s
    return self._ldap_call(self._l.sasl_interactive_bind_s,who,auth,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls),sasl_flags)
  File "/usr/lib64/python3.6/site-packages/ldap/ldapobject.py", line 308, in _ldap_call
    reraise(exc_type, exc_value, exc_traceback)
  File "/usr/lib64/python3.6/site-packages/ldap/compat.py", line 44, in reraise
    raise exc_value
  File "/usr/lib64/python3.6/site-packages/ldap/ldapobject.py", line 292, in _ldap_call
    result = func(*args,**kwargs)
ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server", 'errno': 111, 'info': 'Connection refused'}

cheimes commented 5 years ago

It's still broken in 4.7.0 on F28 and F29.

Metadata Update from @frenaud:
- Issue set to the milestone: DNSSEC

3 years ago

Metadata

Assignee

None

Tags

None

Blocking

None

Depending on

None

Priority

None

Milestone

DNSSEC

None

affects_doc

None

source

None

knownissue

None

type

None

blockedby

None

test_case

None

component

None

blocking

None

on_review

None

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

None

tester

None

changelog

None

design

None

freeipa

Source Code

#7449 Uninstall: DNSSEC data export failed Opened 6 years ago by cheimes. Modified 3 years ago

Close issue as:

Issue

Steps to Reproduce

Version/Release/Distribution

Additional info:

Metadata

#7449 Uninstall: DNSSEC data export failed

Opened 6 years ago by cheimes. Modified 3 years ago