ipa-server-install displays debug output when --debug output is not specified.
Updating DNS system records Configuring client side components This program will set up IPA client. Version 4.10.0.dev202103230732+git4d716d3fb
Using existing certificate '/etc/ipa/ca.crt'. Sudo version 1.9.2 Configure options: --build=x86_64-redhat-linux-gnu --host=x86_64-redhat-linux-gnu --program-prefix= --disable-dependency-tracking --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib64 --libexecdir=/usr/libexec --localstatedir=/var --sharedstatedir=/var/lib --mandir=/usr/share/man --infodir=/usr/share/info --prefix=/usr --sbindir=/usr/sbin --libdir=/usr/lib64 --docdir=/usr/share/doc/sudo --enable-openssl --disable-root-mailer --with-logging=syslog --with-logfac=authpriv --with-pam --with-pam-login --with-editor=/bin/vi --with-env-editor --with-ignore-dot --with-tty-tickets --with-ldap --with-selinux --with-passprompt=[sudo] password for %p: --with-linux-audit --with-sssd Client hostname: server.fedora33.test Realm: FEDORA33.TEST DNS Domain: fedora33.test IPA Server: server.fedora33.test BaseDN: dc=fedora33,dc=test
Sudoers policy plugin version 1.9.2 Sudoers file grammar version 48
Sudoers path: /etc/sudoers nsswitch path: /etc/nsswitch.conf ldap.conf path: /etc/ldap.conf ldap.secret path: /etc/ldap.secret Authentication methods: 'pam' Syslog facility if syslog is being used for logging: authpriv Syslog priority to use when user authenticates successfully: notice Syslog priority to use when user authenticates unsuccessfully: alert Ignore '.' in $PATH Send mail if the user is not in sudoers Lecture user the first time they run sudo Require users to authenticate by default Root may run sudo Always set $HOME to the target user's home directory Allow some information gathering to give useful error messages Visudo will honor the EDITOR environment variable Set the LOGNAME and USER environment variables Length at which to wrap log file lines (0 for no wrap): 80 Authentication timestamp timeout: 5.0 minutes Password prompt timeout: 5.0 minutes Number of tries to enter a password: 3 Umask to use or 0777 to use user's: 022 Path to mail program: /usr/sbin/sendmail Flags for mail program: -t Address to send mail to: root Subject line for mail messages: SECURITY information for %h Incorrect password message: Sorry, try again. Path to lecture status dir: /var/db/sudo/lectured Path to authentication timestamp dir: /run/sudo/ts Default password prompt: [sudo] password for %p: Default user to run commands as: root Value to override user's $PATH with: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/var/lib/snapd/snap/bin Path to the editor for use by visudo: /bin/vi When to require a password for 'list' pseudocommand: any When to require a password for 'verify' pseudocommand: all File descriptors >= 3 will be closed before executing a command Reset the environment to a default set of variables Environment variables to check for sanity: TZ TERM LINGUAS LC_ LANGUAGE LANG COLORTERM Environment variables to remove: =() RUBYOPT RUBYLIB PYTHONUSERBASE PYTHONINSPECT PYTHONPATH PYTHONHOME TMPPREFIX ZDOTDIR READNULLCMD NULLCMD FPATH PERL5DB PERL5OPT PERL5LIB PERLLIB PERLIO_DEBUG JAVA_TOOL_OPTIONS SHELLOPTS BASHOPTS GLOBIGNORE PS4 BASH_ENV ENV TERMCAP TERMPATH TERMINFO_DIRS TERMINFO _RLD LD_* PATH_LOCALE NLSPATH HOSTALIASES RES_OPTIONS LOCALDOMAIN CDPATH IFS Environment variables to preserve: XAUTHORITY _XKB_CHARSET LINGUAS LANGUAGE LC_ALL LC_TIME LC_TELEPHONE LC_PAPER LC_NUMERIC LC_NAME LC_MONETARY LC_MESSAGES LC_MEASUREMENT LC_IDENTIFICATION LC_COLLATE LC_CTYPE LC_ADDRESS LANG USERNAME QTDIR MAIL LS_COLORS KDEDIR HISTSIZE HOSTNAME DISPLAY COLORS Locale to use while parsing sudoers: C Compress I/O logs using zlib Directory in which to store input/output logs: /var/log/sudo-io File in which to store the input/output log: %{seq} Add an entry to the utmp/utmpx file when allocating a pty PAM service name to use: sudo PAM service name to use for login shells: sudo-i Attempt to establish PAM credentials for the target user Create a new PAM session for the command to run in Perform PAM account validation management Enable sudoers netgroup support Check parent directories for writability when editing files with sudoedit Query the group plugin for unknown system groups Allow commands to be run even if sudo cannot write to the audit log Allow commands to be run even if sudo cannot write to the log file Resolve groups in sudoers and match on the group ID, not the name Log entries larger than this value will be split into multiple syslog messages: 960 File mode to use for the I/O log files: 0600 Execute commands by file descriptor instead of by path: digest_only Type of authentication timestamp record: tty Ignore case when matching user names Ignore case when matching group names Log when a command is allowed by sudoers Log when a command is denied by sudoers Sudo log server timeout in seconds: 30 Enable SO_KEEPALIVE socket option on the socket connected to the logserver Verify that the log server's certificate is valid Set the pam remote user to the user running sudo Local IP address and netmask pairs: 192.168.122.37/255.255.255.0 fe80::5054:ff:fe08:49c2/ffff:ffff:ffff:ffff:: Sudoers I/O plugin version 1.9.2 Sudoers audit plugin version 1.9.2 Configured sudoers in /etc/authselect/user-nsswitch.conf Configured /etc/sssd/sssd.conf Systemwide CA database updated. Adding SSH public key from /etc/ssh/ssh_host_ecdsa_key.pub Adding SSH public key from /etc/ssh/ssh_host_ed25519_key.pub Adding SSH public key from /etc/ssh/ssh_host_rsa_key.pub SSSD enabled Configured /etc/openldap/ldap.conf Configured /etc/ssh/ssh_config Configured /etc/ssh/sshd_config.d/04-ipa.conf Configuring fedora33.test as NIS domain. Client configuration complete. The ipa-client-install command was successful
Removed the extra debug output as displayed above while running ipa-server-install/ipa-client-install/ipa-replica-install
freeipa-client-common-4.10.0.dev202103230732+git4d716d3fb-0.fc33.noarch freeipa-selinux-4.10.0.dev202103230732+git4d716d3fb-0.fc33.noarch freeipa-common-4.10.0.dev202103230732+git4d716d3fb-0.fc33.noarch freeipa-server-common-4.10.0.dev202103230732+git4d716d3fb-0.fc33.noarch freeipa-client-4.10.0.dev202103230732+git4d716d3fb-0.fc33.x86_64 freeipa-healthcheck-core-0.8-2.fc33.noarch freeipa-server-4.10.0.dev202103230732+git4d716d3fb-0.fc33.x86_64
Metadata Update from @frenaud: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1943151
Issue linked to Bugzilla: Bug 1943151
Metadata Update from @frenaud: - Issue assigned to frenaud
Metadata Update from @frenaud: - Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/5710
master:
ipa-4-9:
Metadata Update from @frenaud: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.