[Freeipa-users] Difficulty installing freeipa

Stamper, Brian P. (ARC-D)[Logyx LLC] brian.p.stamper at nasa.gov
Fri Jun 3 21:09:38 UTC 2011 

I initially started testing with FreeIPA on Fedora 15, using ipa 2.x.  The server install went smoothly, however I was unable to add clients due to lack of backward compatibility, since ipa 2.x isn't available for most of the systems I manage.

I decided to rebuild the test ipa server.  I build a fresh Fedora 13 system and installed the yum packages.  Initially the ipa server installed without errors.  However they were some issues.  It hadn't configured httpd to autostart, and when I did start httpd, I was unable to get to the management UI.  Attempting to kinit would pause for ~10-15 seconds before requesting a password.  I was able to get the ticket.  Attempting to then reach the website, after configuring firefox and importing the certs, resulted in the "Service temporarily unavailable" error.  All of this seemed to indicate a problem with the hosts file, but checking it multiple times, as well as checking all variations of name resolution indicated nothing.

I decided to reinstall to try to fix the kerb oddness and hopefully get to the website gui.  I ran ipa-server-install -uninstall and attempted to reinstall, and got the following error:

CRITICAL Failed to load bootstrap-template.ldif: Command
'/usr/bin/ldapmodify -h 127.0.0.1 -xv -D cn=Directory Manager -w password -f /tmp/tmpe1aE3t' returned non-zero exit status 32

Which led me to this bug, which was reported fixed in 2008:
https://bugzilla.redhat.com/show_bug.cgi?format=multiple&id=448287

Here is an excerpt from the install log:

2011-06-02 12:40:02,619 DEBUG calling setup-ds.pl
2011-06-02 12:40:09,869 INFO [11/06/02:12:40:09] - [Setup] Info Could not import LDIF file '/var/lib/dirsrv/boot.ldif'.  Error: 59648.  Output: importing data ...
[02/Jun/2011:12:40:03 -0700] - WARNING: Import is running with nsslapd-db-private-import-mem on; No other process is allowed to access the database
[02/Jun/2011:12:40:03 -0700] - check_and_set_import_cache: pagesize: 4096, pages: 997331, procpages: 49464
[02/Jun/2011:12:40:03 -0700] - Import allocates 1595728KB import cache.
[02/Jun/2011:12:40:03 -0700] - import userRoot: Beginning import job...
[02/Jun/2011:12:40:03 -0700] - import userRoot: Index buffering enabled with bucket size 100
[02/Jun/2011:12:40:04 -0700] - import userRoot: Could not open LDIF file "/var/lib/dirsrv/boot.ldif", errno 13 (Permission denied)
[02/Jun/2011:12:40:04 -0700] - import userRoot: Aborting all Import threads...
[02/Jun/2011:12:40:09 -0700] - import userRoot: Import threads aborted.
[02/Jun/2011:12:40:09 -0700] - import userRoot: Closing files...
/var/lib/dirsrv/slapd-ARC-NASA-GOV/db/userRoot: No such file or directory
[02/Jun/2011:12:40:09 -0700] - All database threads now stopped
[02/Jun/2011:12:40:09 -0700] - import userRoot: Import failed.

Could not import LDIF file '/var/lib/dirsrv/boot.ldif'.  Error: 59648.  Output: importing data ...
[02/Jun/2011:12:40:03 -0700] - WARNING: Import is running with nsslapd-db-private-import-mem on; No other process is allowed to access the database
[02/Jun/2011:12:40:03 -0700] - check_and_set_import_cache: pagesize: 4096, pages: 997331, procpages: 49464
[02/Jun/2011:12:40:03 -0700] - Import allocates 1595728KB import cache.
[02/Jun/2011:12:40:03 -0700] - import userRoot: Beginning import job...
[02/Jun/2011:12:40:03 -0700] - import userRoot: Index buffering enabled with bucket size 100
[02/Jun/2011:12:40:04 -0700] - import userRoot: Could not open LDIF file "/var/lib/dirsrv/boot.ldif", errno 13 (Permission denied)
[02/Jun/2011:12:40:04 -0700] - import userRoot: Aborting all Import threads...
[02/Jun/2011:12:40:09 -0700] - import userRoot: Import threads aborted.
[02/Jun/2011:12:40:09 -0700] - import userRoot: Closing files...
/var/lib/dirsrv/slapd-ARC-NASA-GOV/db/userRoot: No such file or directory
[02/Jun/2011:12:40:09 -0700] - All database threads now stopped
[02/Jun/2011:12:40:09 -0700] - import userRoot: Import failed.

[11/06/02:12:40:09] - [Setup] Fatal Error: Could not create directory server instance 'ARC-NASA-GOV'.
Error: Could not create directory server instance 'ARC-NASA-GOV'.
[11/06/02:12:40:09] - [Setup] Fatal Exiting . . .
Log file is '-'

Exiting . . .
Log file is '-'

2011-06-02 12:40:09,870 INFO
2011-06-02 12:40:09,870 CRITICAL failed to restart ds instance Command '/usr/sbin/setup-ds.pl --silent --logfile - -f /tmp/tmpLtRn9j' returned non-zero exit status 1
2011-06-02 12:40:09,870 DEBUG restarting ds instance
2011-06-02 12:40:12,030 INFO Shutting down dirsrv:
    ARC-NASA-GOV... server already stopped[FAILED]
  *** Error: 1 instance(s) unsuccessfully stopped[FAILED]
Starting dirsrv:
    ARC-NASA-GOV...[  OK  ]

All my attempts to re-install ipa-server now fail.  I've tried removing all 51 packages associated with ipa-server and re-installing them.  I've removed all 51 packages and deleted every file I could find associated with nscd, 389, ipa, sssd, etc.  I have been unable to return the system to a state that will allow a reinstall of ipa-server.  I upgraded the OS on the test system to Fedora 14 and reinstalled the packages, no change.

Any advice would be appreciated.

-Brian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20110603/3d6d264d/attachment.htm>

More information about the Freeipa-users mailing list