[Freeipa-users] F18 -> F19 upgrade
Ian Chapman
packages at amiga-hardware.com
Sat Jul 13 03:28:51 UTC 2013
Hi,
I've just recently upgrade my F18 server to F19 and IPA is failing to start:
Jul 13 10:52:30 rex.homenet.lan ipactl[98002]: Aborting ipactl
Jul 13 10:52:30 rex.homenet.lan ipactl[98002]: Starting Directory Service
Jul 13 10:52:30 rex.homenet.lan ipactl[98002]: Starting krb5kdc Service
Jul 13 10:52:30 rex.homenet.lan ipactl[98002]: Starting kadmin Service
Jul 13 10:52:30 rex.homenet.lan ipactl[98002]: Starting ipa_memcached
Service
Jul 13 10:52:30 rex.homenet.lan ipactl[98002]: Starting httpd Service
Jul 13 10:52:30 rex.homenet.lan ipactl[98002]: Starting pki-cad Service
Jul 13 10:52:30 rex.homenet.lan systemd[1]: ipa.service: main process
exited, code=exited, status=1/FAILURE
Jul 13 10:52:30 rex.homenet.lan systemd[1]: Failed to start Identity,
Policy, Audit.
Jul 13 10:52:30 rex.homenet.lan systemd[1]: Unit ipa.service entered
failed state.
It seems that the pki-cad service fails to start. Is that in relation to
dogtag upgrade of 9 to 10 or possibly another problem?
There is of course this page:
http://pki.fedoraproject.org/wiki/Migrating_Dogtag_9_Instances_to_Dogtag_10
but frankly I don't really understand it. Well I get that the idea is to
create a new pki cloned instance which would be dogtag 10 compatible and
then delete the old one - I'm really don't know what I'm supposed to put
in the configuration file. Has anybody else done this? Is there some
more examples? Thanks.
The status of pki-cad is:
systemctl status pki-cad at pki-ca.service
pki-cad at pki-ca.service - PKI Certificate Authority Server pki-ca
Loaded: loaded (/usr/lib/systemd/system/pki-cad at .service; enabled)
Active: failed (Result: exit-code) since Sat 2013-07-13 10:54:23
WST; 30min ago
Process: 98170 ExecStart=/usr/bin/pkicontrol start ca %i
(code=exited, status=1/FAILURE)
Jul 13 10:54:23 rex.homenet.lan systemd[1]: Starting PKI Certificate
Authority Server pki-ca...
Jul 13 10:54:23 rex.homenet.lan pkicontrol[98170]: WARNING: Symbolic
link '/var/lib/pki-ca/pki-ca' does NOT exist!
Jul 13 10:54:23 rex.homenet.lan pkicontrol[98170]: INFO: Attempting to
create '/var/lib/pki-ca/pki-ca' -> '/usr/sbin/tomcat6-sysd' . . .
Jul 13 10:54:23 rex.homenet.lan pkicontrol[98170]: ERROR: Failed making
'/var/lib/pki-ca/pki-ca' -> '/usr/sbin/tomcat6-sysd' since target
'/usr/sb...T exist!
Jul 13 10:54:23 rex.homenet.lan systemd[1]: pki-cad at pki-ca.service:
control process exited, code=exited status=1
Jul 13 10:54:23 rex.homenet.lan systemd[1]: Failed to start PKI
Certificate Authority Server pki-ca.
Jul 13 10:54:23 rex.homenet.lan systemd[1]: Unit pki-cad at pki-ca.service
entered failed state.
--
Ian Chapman.
More information about the Freeipa-users
mailing list