389-DS 1.4.0.20-1 broke FreeIPA master. Installation is failing with error ALREADY_EXISTS: Entry dc=ipa,dc=test already exists. Only master with new 389-DS installer code is affected. The 4.7 still uses the old Perl installer and is not affected.
ALREADY_EXISTS: Entry dc=ipa,dc=test already exists
Configuring directory server (dirsrv). Estimated time: 30 seconds [1/44]: creating directory server instance Running setup with verbose Starting installation... READY: Preparing installation for IPA-TEST... dir (sys) : /etc/sysconfig dir (priv): /root/.dirsrv READY: Beginning installation for IPA-TEST... ACTION: creating /var/lib/dirsrv/slapd-IPA-TEST/bak ACTION: creating /etc/dirsrv/slapd-IPA-TEST ACTION: creating /etc/dirsrv/slapd-IPA-TEST ACTION: creating /var/lib/dirsrv/slapd-IPA-TEST/db ACTION: creating /var/lib/dirsrv/slapd-IPA-TEST/ldif ACTION: creating /var/lock/dirsrv/slapd-IPA-TEST ACTION: creating /var/log/dirsrv/slapd-IPA-TEST ACTION: creating /var/run/dirsrv Created symlink /etc/systemd/system/multi-user.target.wants/dirsrv@IPA-TEST.service → /usr/lib/systemd/system/dirsrv@.service. ACTION: Creating certificate database is /etc/dirsrv/slapd-IPA-TEST ACTION: Creating dse.ldif Allocate <class 'lib389.DirSrv'> with master.ipa.test:389 dir (sys) : /etc/sysconfig dir (priv): /root/.dirsrv List from /root/.dirsrv list instance {'SERVER_ID': 'IPA-TEST', 'server-id': 'IPA-TEST', 'SERVER_DIR': '/usr/lib64', 'SERVERBIN_DIR': '/usr/sbin', 'CONFIG_DIR': '/etc/dirsrv/slapd-IPA-TEST', 'INST_DIR': '/usr/lib64/dirsrv/slapd-IPA-TEST', 'RUN_DIR': '/var/run/dirsrv', 'DS_ROOT': '', 'PRODUCT_NAME': 'slapd', 'hostname': b'master.ipa.test', 'ldap-port': 389, 'ldap-secureport': None, 'root-dn': b'cn=Directory Manager', 'user-id': b'dirsrv', 'suffix': None, 'ldapi_enabled': None, 'ldapi_socket': None, 'ldapi_autobind': None} open(): bound as cn=Directory Manager open(): bound as cn=Directory Manager FINISH: Completed installation for IPA-TEST Allocate <class 'lib389.DirSrv'> with ldap://master.ipa.test:389 open(): bound as cn=Directory Manager [error] ALREADY_EXISTS: Entry dc=ipa,dc=test already exists Entry dc=ipa,dc=test already exists The ipa-server-install command failed. See /var/log/ipaserver-install.log for more information
no error
see https://pagure.io/389-ds-base/pull-request/50121
As temporary workaround PR https://github.com/freeipa/freeipa/pull/2731 pins 389-DS to 1.4.0.16.
Metadata Update from @cheimes: - Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/2731 - Issue assigned to cheimes - Issue priority set to: critical - Issue set to the milestone: FreeIPA 4.8 - Issue tagged with: regression, test-failure
You could remove the section where the domain entry is created in the ipa installer if 389 is now creating the domain entry as part of the suffix creation. I always intended it to me the former (you have to create it yourself) but things change :)
Fixed in 0b17ae9, IPA now requires 389-DS 1.4.0.21 / 1.4.1.1
Metadata Update from @cheimes: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
Log in to comment on this ticket.