[Freeipa-users] /var/kerberos/krb5kdc/principal missing

Patrick Hemmer freeipa at stormcloud9.net
Tue Apr 8 16:40:00 UTC 2014 

Figured it out.
Somehow during the upgrade process, the default_realm changed to one of
our other domains we use. I'm guessing some RPM postinstall script
pulled the domain out of sssd.conf as that's the only place on the box
where that domain is mentioned. We don't touch krb5.conf with any sort
of configuration management utility.

Anyway, after removing the domain from the krb5.conf and restoring the
original settings, ipa started up normally.

-Patrick


------------------------------------------------------------------------
*From: *Patrick Hemmer <freeipa at stormcloud9.net>
*Sent: * 2014-04-08 11:52:34 E
*To: *freeipa-users at redhat.com
*Subject: *[Freeipa-users] /var/kerberos/krb5kdc/principal missing

> I'm having the exact same issue as
> http://www.redhat.com/archives/freeipa-users/2013-October/msg00009.html
> I upgraded from RHEL-6.3 to RHEL-6.5, and now FreeIPA won't start due
> to kadmind not starting.
>
> The kadmind.log contains an extremely unhelpful:
> Apr 08 11:31:20 i-31f62969 kadmind[20850](Error): No such file or
> directory while initializing, aborting
>
> Stracing `/usr/sbin/kadmind -P /var/run/kadmind.pid` results in:
> open("/var/kerberos/krb5kdc/principal", O_RDONLY) = -1 ENOENT (No such
> file or directory)
> gettimeofday({1396971844, 51536}, NULL) = 0
> open("/etc/localtime", O_RDONLY)        = 4
> fstat(4, {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0
> fstat(4, {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0
> mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
> 0) = 0x7f25440dd000
> read(4,
> "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\4\0\0\0\4\0\0\0\0"...,
> 4096) = 3519
> lseek(4, -2252, SEEK_CUR)               = 1267
> read(4,
> "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\5\0\0\0\5\0\0\0\0"...,
> 4096) = 2252
> close(4)                                = 0
> munmap(0x7f25440dd000, 4096)            = 0
> write(3, "Apr 08 11:44:04 i-31f62969 kadmi"..., 105) = 105
> write(2, "kadmind: No such file or directo"..., 64kadmind: No such
> file or directory while initializing, aborting) = 64
> close(3)                                = 0
> munmap(0x7f25440df000, 4096)            = 0
> exit_group(1)                           = ?
>
> As requested in the linked thread, the dbmodules section looks like this:
> [dbmodules]
>   CLIFF.CLOUDBURRITO.COM = {
>     db_library = ipadb.so
>   }
>
> Another important item of note, I have another IPA server which has
> not been upgraded from 6.3 yet, and the file is missing there too, but
> kadmind is currently running just fine...
>
> Ideas?
>
> -Patrick
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140408/f53b2d96/attachment.htm>

More information about the Freeipa-users mailing list