Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1723473
Description of problem: Attempting to upgrade IPA resulted in ipa not started afterwards. When I tried to manually start it, I see this: [root@rhel7-1 ~]# ipactl start IPA version error: data needs to be upgraded (expected version '4.6.5-9.el7', current version '4.6.5-6.el7') Automatically running upgrade, for details see /var/log/ipaupgrade.log Be patient, this may take a few minutes. Automatic upgrade failed: Upgrade failed with This entry already exists IPA server upgrade failed: Inspect /var/log/ipaupgrade.log and run command ipa-server-upgrade manually. ('IPA upgrade failed.', 1) The ipa-server-upgrade command failed. See /var/log/ipaupgrade.log for more information See the upgrade log for more details and/or run /usr/sbin/ipa-server-upgrade again Aborting ipactl Reviewing log, I see this: 2019-06-24T14:52:51Z DEBUG Adding Kerberos principal entry for EXAMPLE$@AD.TEST 2019-06-24T14:52:51Z DEBUG Destroyed connection context.ldap2_140436545772368 2019-06-24T14:52:51Z ERROR Upgrade failed with This entry already exists 2019-06-24T14:52:51Z DEBUG Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/ipaserver/install/upgradeinstance.py", line 274, in __upgrade self.modified = (ld.update(self.files) or self.modified) File "/usr/lib/python2.7/site-packages/ipaserver/install/ldapupdate.py", line 967, in update self._run_updates(all_updates) File "/usr/lib/python2.7/site-packages/ipaserver/install/ldapupdate.py", line 929, in _run_updates self._run_update_plugin(update['plugin']) File "/usr/lib/python2.7/site-packages/ipaserver/install/ldapupdate.py", line 904, in _run_update_plugin restart_ds, updates = self.api.Updater[plugin_name]() File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 1475, in __call__ return self.execute(**options) File "/usr/lib/python2.7/site-packages/ipaserver/install/plugins/adtrust.py", line 693, in execute self.KRB_PRINC_CREATE_DISABLED) File "/usr/lib/python2.7/site-packages/ipaserver/install/plugins/adtrust.py", line 559, in set_krb_principal action(entry) File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 1580, in add_entry self.conn.add_s(str(entry.dn), list(attrs.items())) File "/usr/lib64/python2.7/contextlib.py", line 35, in __exit__ self.gen.throw(type, value, traceback) File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 1038, in error_handler raise errors.DuplicateEntry() DuplicateEntry: This entry already exists 2019-06-24T14:52:51Z DEBUG Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 567, in start_creation run_step(full_msg, method) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 557, in run_step method() File "/usr/lib/python2.7/site-packages/ipaserver/install/upgradeinstance.py", line 282, in __upgrade raise RuntimeError(e) RuntimeError: This entry already exists 2019-06-24T14:52:51Z DEBUG [error] RuntimeError: This entry already exists Version-Release number of selected component (if applicable): ipa-server-4.6.5-9.el7.x86_64 How reproducible: Unknown Steps to Reproduce: 1. Install IPA version 4.6.5-6.el7 on rhel7.7 (from beta I think?) 2. Setup Trust with AD 3. Upgrade Actual results: ipa not running and errors shown above. Expected results: ipa running after upgrade with no errors. Additional info: Will attach logs and ldapsearch
Metadata Update from @abbra: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1723473
Metadata Update from @abbra: - Issue assigned to abbra
master:
ipa-4-6:
ipa-4-7:
Metadata Update from @cheimes: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.