Service constructors are called even when the service itself is not configured. A common pattern in FreeIPA code is to instantiate a service and check whether it is configured, then perform uninstall of the service configuration. This fails if the service constructor does depend on the artifacts only present if other (relevant to the service) packages were installed.
A common pattern is:
svc = SVCClass(..) if svc.is_configured(): svc.uninstall()
Most of DNS-related service classes do resolution of UID/GIDs for ODS and NAMED in their constructors which breaks uninstallation of a DNS-less FreeIPA deployment because neither 'bind' nor 'opendnssec' packages are not installed and user and group they provide are not available in the system:
File "/usr/lib/python3.6/site-packages/ipaserver/install/server/install.py", line 1184, in uninstall dns.uninstall() File "/usr/lib/python3.6/site-packages/ipaserver/install/dns.py", line 405, in uninstall ods = opendnssecinstance.OpenDNSSECInstance(fstore) File "/usr/lib/python3.6/site-packages/ipaserver/install/opendnssecinstance.py", line 70, in __init__ self.named_gid = constants.NAMED_GROUP.gid File "/usr/lib/python3.6/site-packages/ipaplatform/base/constants.py", line 96, in gid return self.entity.gr_gid File "/usr/lib/python3.6/site-packages/ipaplatform/base/constants.py", line 89, in entity raise ValueError(f"group '{self!s}' not found") from None 2020-12-21T18:03:50Z DEBUG The ipa-server-install command failed, exception: ValueError: group 'named' not found 2020-12-21T18:03:50Z ERROR group 'named' not found
Metadata Update from @abbra: - Issue assigned to abbra
Metadata Update from @abbra: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1909876
PR: https://github.com/freeipa/freeipa/pull/5376
master:
ipa-4-9:
Metadata Update from @abbra: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.