[Freeipa-users] Install error pkispawn

Martin Kosek mkosek at redhat.com
Tue Aug 6 11:47:32 UTC 2013 

On 08/06/2013 10:48 AM, NEVEU Stephane wrote:
> Hi guys,
> 
> New & trying to install FreeIPA-server with the online documentation on a fresh fedora 19... I've got this error message :
> Any idea is welcome :)
> Thank you
> ...
> Continue to configure the system with these values? [no]: yes
> 
> The following operations may take some minutes to complete.
> Please wait until the prompt is returned.
> 
> Configuring NTP daemon (ntpd)
>   [1/4]: stopping ntpd
>   [2/4]: writing configuration
>   [3/4]: configuring ntpd to start on boot
>   [4/4]: starting ntpd
> Done configuring NTP daemon (ntpd).
> Configuring directory server (dirsrv): Estimated time 1 minute
>   [1/38]: creating directory server user
>   [2/38]: creating directory server instance
>   [3/38]: adding default schema
>   [4/38]: enabling memberof plugin
>   [5/38]: enabling winsync plugin
>   [6/38]: configuring replication version plugin
>   [7/38]: enabling IPA enrollment plugin
>   [8/38]: enabling ldapi
>   [9/38]: configuring uniqueness plugin
>   [10/38]: configuring uuid plugin
>   [11/38]: configuring modrdn plugin
>   [12/38]: configuring DNS plugin
>   [13/38]: enabling entryUSN plugin
>   [14/38]: configuring lockout plugin
>   [15/38]: creating indices
>   [16/38]: enabling referential integrity plugin
>   [17/38]: configuring certmap.conf
>   [18/38]: configure autobind for root
>   [19/38]: configure new location for managed entries
>   [20/38]: configure dirsrv ccache
>   [21/38]: enable SASL mapping fallback
>   [22/38]: restarting directory server
>   [23/38]: adding default layout
>   [24/38]: adding delegation layout
>   [25/38]: creating container for managed entries
>   [26/38]: configuring user private groups
>   [27/38]: configuring netgroups from hostgroups
>   [28/38]: creating default Sudo bind user
>   [29/38]: creating default Auto Member layout
>   [30/38]: adding range check plugin
>   [31/38]: creating default HBAC rule allow_all
>   [32/38]: initializing group membership
>   [33/38]: adding master entry
>   [34/38]: configuring Posix uid/gid generation
>   [35/38]: adding replication acis
>   [36/38]: enabling compatibility plugin
>   [37/38]: tuning directory server
>   [38/38]: configuring directory to start on boot
> Done configuring directory server (dirsrv).
> Configuring certificate server (pki-tomcatd): Estimated time 3 minutes 30 seconds
>   [1/20]: creating certificate server user
>   [2/20]: configuring certificate server instance
> ipa         : CRITICAL failed to configure ca instance Command '/usr/sbin/pkispawn -s CA -f /tmp/tmpFi7bLc' returned non-zero exit status 1
> Configuration of CA failed
> 

Hello Stephane,

Thanks for contacting the list! We need to get at first more information about
the failure, i.e.:

1) $ rpm -qa freeipa-server pki-ca "java-*-openjdk-*"
2) Related errors from /var/log/ipaserver-install.log
3) Related errors from /var/log/pki/pki-tomcat/catalina.out (if any)
4) # ausearch -m AVC

Martin

More information about the Freeipa-users mailing list