[Freeipa-users] i could use some help with installing FreeIPA

Galen Brownsmith galens at capaccess.org
Mon Dec 16 23:46:50 UTC 2013 

My install fails on the invocation of pkispawn with a Socket Error in the
pki-ca-spawn log  ; anyone have any ideas?  (It isn't the issue with
special characters in the DM's password, as my Directory Manager and IPA
Admin passwords may be 32 characters long, but only contain [A-Za-z0-9_] )

Configuration and Error Messages follow.

Target System: Fedora19 64bit LXC Container running on top of a Fedora19
64bit host.  Kernel 3.11.10, Q9550 Intel CPU.
Attempting to install freeipa server 3.3.3 .  SEllinux has been set to
'disabled' on the host and container.

/etc/hosts:
# IP            FQDN                            Alias(es)
127.0.0.1       localhost.localdomain           localhost localhost4
192.168.253.94  woeg.marphod.net                woeg

# Peers
192.168.253.99  skete.marphod.net               skete wiki.marphod.net wiki
www.marphod.net www
[... several more machines]

/etc/resolv.conf
; generated by /usr/sbin/dhclient-script
search marphod.net
nameserver 192.168.253.1

/etc/sysconfig/network:
NETWORKING=yes
HOSTNAME=woeg.marphod.net

No software firewall on the Container:
# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination


Not using NetworkManager.  The machine has a virtual nic, and is connected
to the bridge on the host, and can interact with the outside world.

Installation commands:
# ipa-server-install --uninstall -U
# pkidestroy -s CA -i pki-tomcat
# ipa-server-install -N -d --no-host-dns

I select the defaults during the interactive install.

During installation, everything seems to run fine up to the invocation of
pkispawn.   I then get the errors:
<text>
Installing CA into /var/lib/pki/pki-tomcat.
Storing deployment configuration into
/etc/sysconfig/pki/tomcat/pki-tomcat/ca/deployment.cfg.
Installation failed.

ipa         : DEBUG    stderr=Job for
pki-tomcatd at pki-tomcat.servicefailed. See 'systemctl status
pki-tomcatd at pki-tomcat.service'
and 'journalctl -xn' for details.
pkispawn    : ERROR    ....... server failed to restart

ipa         : CRITICAL failed to configure ca instance Command
'/usr/sbin/pkispawn -s CA -f /tmp/tmpwNB5bU' returned non-zero exit status 1
ipa         : DEBUG      File
"/usr/lib/python2.7/site-packages/ipaserver/install/installutils.py", line
622, in run_script
    return_value = main_function()

  File "/usr/sbin/ipa-server-install", line 1074, in main
    dm_password, subject_base=options.subject)

  File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py",
line 478, in configure_instance
    self.start_creation(runtime=210)

  File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
line 364, in start_creation
    method()

  File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py",
line 604, in __spawn_instance
    raise RuntimeError('Configuration of CA failed')

ipa         : DEBUG    The ipa-server-install command failed, exception:
RuntimeError: Configuration of CA failed
Configuration of CA failed
</text>

the relevant errors from /var/log/pki/pki-ca-spawn.timestamp.log: (the ...
skipping... is from the file)
<text>
...skipping...
y still be down
2013-12-16 18:12:23 pkispawn    : DEBUG    ........... No connection -
exception thrown: Cannot connect to proxy. Socket error: [Errno 111]
Connection refused.
2013-12-16 18:12:24 pkispawn    : DEBUG    ........... No connection -
server may still be down
2013-12-16 18:12:24 pkispawn    : DEBUG    ........... No connection -
exception thrown: Cannot connect to proxy. Socket error: [Errno 111]
Connection refused.
2013-12-16 18:12:25 pkispawn    : DEBUG    ........... No connection -
server may still be down
...
(error repeated 12 more times)
...
2013-12-16 18:12:39 pkispawn    : ERROR    ....... server failed to restart
2013-12-16 18:12:39 pkispawn    : DEBUG    ....... Error Type: SystemExit
2013-12-16 18:12:39 pkispawn    : DEBUG    ....... Error Message: 1
2013-12-16 18:12:39 pkispawn    : DEBUG    .......   File
"/usr/sbin/pkispawn", line 374, in main
    rv = instance.spawn()
  File "/usr/lib/python2.7/site-packages/pki/deployment/configuration.py",
line 102, in spawn
    sys.exit(1)
</text>





----------------------------------------------------------------------
That's the news from the Mystic River, where all the alliums are strong,
all the degu are good looking, and all the stuffed animals are above
average.
"May the ducks of your life quack ever harmoniously" - A. Yelton
galens at capaccess.org galens at marphod.net marphod at gmail.com & others
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20131216/2bcef251/attachment.htm>

More information about the Freeipa-users mailing list