[Freeipa-users] Unit pki-tomcatd at pki-tomcat.service entered failed state @ vanilla install on jessie – with log attached
chymian
chymian at gmx.net
Tue Dec 9 22:52:08 UTC 2014
Am Dienstag, 9. Dezember 2014, 09:49:04 schrieb Ade Lee:
> On Tue, 2014-12-09 at 13:54 +0100, chymian wrote:
> > hey people,
> >
> > after a successful install of ipa 4.0.5-2 on jessie, the named services started flawless during setup. see attached log, Installation summary (line 3107)
> > but after reboot, it refuses to start. (did this install a couple times, on vanilla jessie)
> >
> > I can reach & work with Dogtag https://ipa.eb8.lan:8443/ca, but not the admin-services on https://ipa.eb8.lan/ca/ee/ca and https://ipa.eb8.lan/ca/agent/ca.
> >
> >
> > $ systemctl status pki-tomcatd at pki-tomcat.service
> > ● pki-tomcatd at pki-tomcat.service - PKI Tomcat Server pki-tomcat
> > Loaded: loaded (/lib/systemd/system/pki-tomcatd at .service; enabled)
> > Active: failed (Result: resources)
> >
> > Dez 08 20:40:13 ipa systemd[1]: Starting PKI Tomcat Server pki-tomcat...
> > Dez 08 20:40:13 ipa systemd[1]: Failed to load environment files: No such file or directory
> > Dez 08 20:40:13 ipa systemd[1]: pki-tomcatd at pki-tomcat.service failed to run 'start-pre' task: No such file or directory
> > Dez 08 20:40:13 ipa systemd[1]: Failed to start PKI Tomcat Server pki-tomcat.
> > Dez 08 20:40:13 ipa systemd[1]: Unit pki-tomcatd at pki-tomcat.service entered failed state.
> >
> >
>
> Is dogtag actually running? ps -ef |grep java
it shows:
pkiuser 676 1 0 13:25 ? 00:00:26 /usr/lib/jvm/default-java/bin/java -Djava.util.logging.config.file=/var/lib/pki/pki-tomcat/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -DRESTEASY_LIB=/usr/share/java/ -Djava.endorsed.dirs=/usr/share/tomcat7/endorsed -classpath /usr/share/tomcat7/bin/bootstrap.jar:/var/lib/pki/pki-tomcat/bin/tomcat-juli.jar -Dcatalina.base=/var/lib/pki/pki-tomcat -Dcatalina.home=/usr/share/tomcat7 -Djava.io.tmpdir=/var/lib/pki/pki-tomcat/temp org.apache.catalina.startup.Bootstrap start
is it ment to be, that the dogtag-pki package it’s self is not installed, just the dogtag-pki-server-theme is
and a couple pki-packages… pki-base, pki-ca, pki-server, pki-tools?
>
> You could try restarting it -
> systemctl restart pki-tomcatd at pki-tomcat.service
fails with same log-msg.
>
> The logs should be found in the journal -->
> journalctl -u pki-tomcatd at pki-tomcat.service
same as above.
>
> Other debug logs should be found under /var/log/pki/pki-tomcat/. Please
> provide a tar of that directory.
attached
> I am curious what the unit file looks like: On Fedora, its
> at /etc/systemd/system/pki-tomcatd.target.wants/pki-tomcatd at pki-tomcat.service
lrwxrwxrwx 1 pkiuser pkiuser 40 Dez 8 20:22 pki-tomcatd at pki-tomcat.service -> /lib/systemd/system/pki-tomcatd at .service
root at ipa /etc/systemd/system/pki-tomcatd.target.wants
$ cat pki-tomcatd at pki-tomcat.service
[Unit]
Description=PKI Tomcat Server %i
After=pki-tomcatd.target network.target
PartOf=pki-tomcatd.target
[Service]
Type=simple
EnvironmentFile=/etc/tomcat/tomcat.conf
Environment="NAME=%i"
EnvironmentFile=-/etc/default/%i
ExecStartPre=/usr/bin/pkidaemon start %i
ExecStart=/usr/libexec/tomcat/server start
ExecStop=/usr/libexec/tomcat/server stop
SuccessExitStatus=143
User=pkiuser
Group=pkiuser
[Install]
WantedBy=multi-user.target
> which points to an EnvironmentFile /etc/tomcat/tomcat.conf. Does that
> file exist?
there is not even an dir. /etc/tomcat/, or rather a tomcat.conf in it.
this is what was installed:
ii libtomcat7-java 7.0.56-1
ii libtomcatjss-java 7.1.1-2
ii tomcat7-common 7.0.56-1
ii tomcat7-user 7.0.56-1
and if I would install tomcat7, it would give me an /etc/tomcat7 – not a /etc/tomcat
and, here on debian, there is no such dir. /usr/libexec.
seems that the unitfile is more a centos one.
but:
systemctl status pki-tomcatd.service
● pki-tomcatd.service - LSB: Start pki-tomcatd at boot time
Loaded: loaded (/etc/init.d/pki-tomcatd)
Active: active (running) since Di 2014-12-09 13:25:12 CET; 10h ago
CGroup: /user.slice/user-0.slice/session-5.scope/system.slice/pki-tomcatd.service
└─676 /usr/lib/jvm/default-java/bin/java -Djava.util.logging.config.file=/var/lib/pki/pki-tomcat/conf/logging.properties -Djava.util.log...
Dez 09 13:25:12 ipa pki-tomcatd[484]: .
Dez 09 13:25:12 ipa systemd[1]: Started LSB: Start pki-tomcatd at boot time.
which is started with a /etc/init.d/pki-tomcatd script, not systemd-unit-file – yet.
>
> Ade
thx,
guenter
>
> > a second service fails to start:
> >
> > $ systemctl status dirsrv-snmp.service
> > ● dirsrv-snmp.service - 389 Directory Server SNMP Subagent.
> > Loaded: loaded (/lib/systemd/system/dirsrv-snmp.service; enabled)
> > Active: failed (Result: exit-code) since Di 2014-12-09 13:25:04 CET; 5min ago
> > Process: 156 ExecStart=/usr/sbin/ldap-agent /etc/dirsrv/config/ldap-agent.conf (code=exited, status=1/FAILURE)
> >
> > Dez 09 13:25:04 ipa systemd[1]: Starting 389 Directory Server SNMP Subagent....
> > Dez 09 13:25:04 ipa ldap-agent[156]: ldap-agent: No server instances defined in config file
> > Dez 09 13:25:04 ipa systemd[1]: dirsrv-snmp.service: control process exited, code=exited status=1
> > Dez 09 13:25:04 ipa systemd[1]: Failed to start 389 Directory Server SNMP Subagent..
> > Dez 09 13:25:04 ipa systemd[1]: Unit dirsrv-snmp.service entered failed state.
> >
> >
> > except these, I was able to subscribe a jessie-client with autodiscovery right after I did configure the ipa-server, before first reboot.
> >
> >
> > any help appreciated, since I do not have much experience with IPA – yet.
> > guenter
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20141209/7fc3f90a/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pki-tomcat-fail-on-jessie.tar.xz
Type: application/x-xz-compressed-tar
Size: 76476 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20141209/7fc3f90a/attachment.bin>
More information about the Freeipa-users
mailing list