[Freeipa-users] freeipa-client on Debian Wheezy

Martin Kosek mkosek at redhat.com
Fri Jul 19 15:08:22 UTC 2013 

Thanks, this should help. Maybe the IPA just tries to close the connection
twice _after_ keys were uploaded to the server.

Anyway, what version of IPA software is the Debian package based on? I cannot
find line "self._conn.close()" in ipalib/rpc.py in any of our active branches.

Martin

On 07/19/2013 05:03 PM, Alexandre Ellert wrote:
> Here is the traceback :
> Adding SSH public key from /etc/ssh/ssh_host_rsa_key.pub
> Adding SSH public key from /etc/ssh/ssh_host_ecdsa_key.pub
> Adding SSH public key from /etc/ssh/ssh_host_dsa_key.pub
> Forwarding 'host_mod' to server u'https://inf-ipa.numeezy.fr/ipa/xml'
> host_mod: KerbTransport instance has no attribute '_conn'
> Traceback (most recent call last):
>   File "/usr/sbin/ipa-client-install", line 1234, in update_ssh_keys
>     updatedns=False
>   File "/usr/lib/python2.7/dist-packages/ipalib/frontend.py", line 435, in __call__
>     ret = self.run(*args, **options)
>   File "/usr/lib/python2.7/dist-packages/ipalib/frontend.py", line 748, in run
>     return self.forward(*args, **options)
>   File "/usr/lib/python2.7/dist-packages/ipalib/frontend.py", line 769, in forward
>     return self.Backend.xmlclient.forward(self.name, *args, **kw)
>   File "/usr/lib/python2.7/dist-packages/ipalib/rpc.py", line 748, in forward
>     response = command(*xml_wrap(params))
>   File "/usr/lib/python2.7/xmlrpclib.py", line 1224, in __call__
>     return self.__send(self.__name, args)
>   File "/usr/lib/python2.7/xmlrpclib.py", line 1578, in __request
>     verbose=self.__verbose
>   File "/usr/lib/python2.7/dist-packages/ipalib/rpc.py", line 490, in request
>     self.close()
>   File "/usr/lib/python2.7/dist-packages/ipalib/rpc.py", line 457, in close
>     self._conn.close()
> AttributeError: KerbTransport instance has no attribute '_conn'
> Failed to upload host SSH public keys.
> 
> -> Key are correctly uploaded on the new VM.
> 
> Le 19 juil. 2013 à 16:30, Alexandre Ellert <aellert at numeezy.com> a écrit :
> 
>>
>> Le 19 juil. 2013 à 16:24, Martin Kosek <mkosek at redhat.com> a écrit :
>>
>>> On 07/19/2013 03:28 PM, Alexandre Ellert wrote:
>>>>
>>>> Le 19 juil. 2013 à 10:20, Martin Kosek <mkosek at redhat.com> a écrit :
>>>>
>>>>> On 07/19/2013 02:59 AM, Alexandre Ellert wrote:
>>>>>> Hi,
>>>>>>
>>>>>> I have these 3 errors/warnings message when I join a Debian client to a RHEL 6.4 server (ipa-server-3.0.0-26.el6_4.4.x86_64):
>>>>>>
>>>>>> => certmonger failed to stop: [Errno 2] No such file or directory: '/var/run/ipa/services.list'
>>>>>> There is no such file even on RHEL 6. What is this file ?
>>>>>
>>>>> This was added in IPA 3.0.1 to fix a systemd hang so it does not exist in
>>>>> RHEL-6.4 which contains IPA 3.0. The deb package should just make sure the
>>>>> /var/run/ipa/ directory is there (or update debian platform file to override
>>>>> PlatformService class in ipapython/platform/base/__init__.py).
>>>>
>>>> I managed to fix that and will update soon my repo with a new package version. Thanks for the information.
>>>>
>>>>>
>>>>>> => host_mod: KerbTransport instance has no attribute '_conn'
>>>>>> What does that mean ?
>>>>>
>>>>> This means that there was some issue with XMLRPC call to IPA server (the error
>>>>> message is indeed unfortunate) - does ipaclient-install.log contain more details?
>>>>
>>>> Unfortunately there is no more details in ipaclient-install.log, here is the relevant part :
>>>> 2013-07-19T13:06:26Z INFO host_mod: KerbTransport instance has no attribute '_conn'
>>>> 2013-07-19T13:06:26Z WARNING Failed to upload host SSH public keys.
>>>> Is there any way to get more debug log ?
>>>> In my opinion, warning about ssh keys should not trigger here, because I can see them on my IPA server.
>>>>
>>>
>>> Are you sure the SSH keys aren't there from previous installation attempt or
>>> similar? The _conn generally means there was some problem with the connection
>>> to server in the xmlrpclib python library.
>>
>> I can confirm you that SSH key upload is successful. I've done tests with a fresh install of Debian.
>> To be sure, I will create a new VM and try an ipa-client-install with modifications you give me.
>>
>>>
>>> We need to find out what and why triggers it, a change in ipa-client-install
>>> script like below may shed more light on what is the source of the error:
>>>
>>>
>>> diff --git a/ipa-client/ipa-install/ipa-client-install
>>> b/ipa-client/ipa-install/ipa-client-install
>>> index 280edd7..f82b9f6 100755
>>> --- a/ipa-client/ipa-install/ipa-client-install
>>> +++ b/ipa-client/ipa-install/ipa-client-install
>>> @@ -1450,6 +1450,8 @@ def update_ssh_keys(server, hostname, ssh_dir, create_sshfp):
>>>        pass
>>>    except StandardError, e:
>>>        root_logger.info("host_mod: %s", str(e))
>>> +        import traceback
>>> +        traceback.print_exc()
>>>        root_logger.warning("Failed to upload host SSH public keys.")
>>>        return
>>>
>>>
>>> Martin
>>
>> Thanks
>> Alexandre
>>
>>
>> _______________________________________________
>> Freeipa-users mailing list
>> Freeipa-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/freeipa-users
>

More information about the Freeipa-users mailing list