<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type"> </head> <body bgcolor="#ffffff" text="#000000"> On 09/08/2010 09:02 PM, Adam Young wrote: <blockquote cite="mid:4C88322F.3040309@redhat.com" type="cite"> <meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type"> On 09/08/2010 08:50 PM, Adam Young wrote: <blockquote cite="mid:4C882F68.2010105@redhat.com" type="cite"> <meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type"> On 09/08/2010 08:40 PM, Adam Young wrote: <blockquote cite="mid:4C882D05.5000603@redhat.com" type="cite"> <meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type"> On 09/08/2010 05:19 PM, Rob Crittenden wrote: <blockquote cite="mid:4C87FDC7.90508@redhat.com" type="cite">Allow the schema to be set once an ldap connection is locked. When making LDAP calls via api.Backend.ldap2 the ldap2 object will already be locked by the api.finalize() call. So the first time that api.Backend.ldap2.connect() is called an error would be thrown that self.schema cannot be set because the object is ReadOnly. This uses the documented procedure for working around this lock. This was preventing the DNS installation to proceed. ticket #188 rob <pre wrap=""><fieldset class="mimeAttachmentHeader"></fieldset> _______________________________________________ Freeipa-devel mailing list <a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:Freeipa-devel@redhat.com">Freeipa-devel@redhat.com</a> <a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/freeipa-devel">https://www.redhat.com/mailman/listinfo/freeipa-devel</a></pre> </blockquote> Is this the behaviour it is supposed to fix? 2010-09-08 10:46:18,776 DEBUG locked: cannot set ldap2.schema to <ldap.schema.subentry.SubSchema instance at 0x2df4758> File "/usr/sbin/ipa-server-install", line 835, in <module> sys.exit(main()) File "/usr/sbin/ipa-server-install", line 773, in main api.Backend.ldap2.connect(bind_dn="cn=Directory Manager", bind_pw=dm_password) File "/usr/lib/python2.6/site-packages/ipalib/backend.py", line 62, in connect conn = self.create_connection(*args, **kw) File "/usr/lib/python2.6/site-packages/ipalib/encoder.py", line 188, in new_f return f(*new_args, **kwargs) File "/usr/lib/python2.6/site-packages/ipaserver/plugins/ldap2.py", line 295, in create_connection self.schema = get_schema(self.ldap_uri, conn) File "/usr/lib/python2.6/site-packages/ipalib/base.py", line 131, in __setattr__ SET_ERROR % (self.__class__.__name__, name, value) <pre wrap=""><fieldset class="mimeAttachmentHeader"></fieldset> _______________________________________________ Freeipa-devel mailing list <a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:Freeipa-devel@redhat.com">Freeipa-devel@redhat.com</a> <a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/freeipa-devel">https://www.redhat.com/mailman/listinfo/freeipa-devel</a></pre> </blockquote> I'll ACK, as it seems to get past the previous problem, but I don't think it is 100% yet. My install failed with Unexpected error - see ipaserver-install.log for details: 'getpwnam(): name not found: named' getent passwd named returns nothing. THis was the second time I ran through the install after install bind. Is it possible that we remove the named user from /etc/passwd and don't re-add it? <pre wrap=""><fieldset class="mimeAttachmentHeader"></fieldset> _______________________________________________ Freeipa-devel mailing list <a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:Freeipa-devel@redhat.com">Freeipa-devel@redhat.com</a> <a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/freeipa-devel">https://www.redhat.com/mailman/listinfo/freeipa-devel</a></pre> </blockquote> And now I see that when I do an install (on F13) of bind and bind-dyndb-ldap.x86_64 I get a slew of errors: Warning: RPMDB altered outside of yum. Installing : 32:bind-9.7.1-2.P2.fc13.x86_64 1/2 warning: group named does not exist - using root warning: group named does not exist - using root warning: group named does not exist - using root warning: group named does not exist - using root warning: group named does not exist - using root warning: group named does not exist - using root warning: user named does not exist - using root warning: group named does not exist - using root warning: user named does not exist - using root warning: group named does not exist - using root warning: group named does not exist - using root warning: group named does not exist - using root warning: group named does not exist - using root warning: group named does not exist - using root warning: user named does not exist - using root warning: group named does not exist - using root warning: user named does not exist - using root warning: group named does not exist - using root chown: invalid group: `root:named' Installing : bind-dyndb-ldap-0.1.0-0.9.a1.20091210git.fc13.x86_64 So it isn't strictly our problem, except that it is. <pre wrap=""> <fieldset class="mimeAttachmentHeader"></fieldset> _______________________________________________ Freeipa-devel mailing list <a class="moz-txt-link-abbreviated" href="mailto:Freeipa-devel@redhat.com">Freeipa-devel@redhat.com</a> <a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/freeipa-devel">https://www.redhat.com/mailman/listinfo/freeipa-devel</a></pre> </blockquote> OK, it was an artifact of a lock file on my system. Install now goes fine. I can ACK this with no reservations. </body> </html>