[Freeipa-users] freeipa server install fails on fedora 20
Dmitri Pal
dpal at redhat.com
Mon Sep 8 21:50:50 UTC 2014
On 09/08/2014 03:49 PM, Olga Kornievskaia wrote:
> Can somebody help with the following problem(s) I've encountered while
> trying to install the freeipa server?
>
> Problem #1:
> On fedora 20, I have:
> 1. using yum install acquired the free-ipa-server package.
> 2. ran ipa-server-install
> --- that has failed with "CA did not start in 300s"
>
> One thing that's noticeable in the logs (the snippet is included
> below) is that request for request
> 'https://ipa1.gateway.2wire.net:443/ca/admin/ca/getStatus'
> <https://ipa1.gateway.2wire.net/ca/admin/ca/getStatus%27>
>
> has 443 as port as for before all the requests for 8443 (e.g.., same
> (manual) request on port 8443 succeeds). Seems like an install script
> somewhere has the wrong port ?
443 is the right port.
Do you have something already running on the same box on that port?
That might prevent things from installing and running.
Please try on a clean machine or VM.
Also more logs will be helpful.
Please see this [1] on how to troubleshoot.
The second problem is most likely an artifact of the incomplete install.
[1] http://www.freeipa.org/page/Troubleshooting
>
> 2014-09-08T19:21:07Z DEBUG Waiting for CA to start...
>
> 2014-09-08T19:21:08Z DEBUG request
> 'https://ipa1.gateway.2wire.net:443/ca/admin/ca/getStatus'
>
> 2014-09-08T19:21:08Z DEBUG request body ''
>
> 2014-09-08T19:21:08Z DEBUG request status 503
>
> 2014-09-08T19:21:08Z DEBUG request reason_phrase u'Service Unavailable'
>
> 2014-09-08T19:21:08Z DEBUG request headers {'date': 'Mon, 08 Sep 2014
> 19:21:08 GMT', 'content-length': '299', 'content-type': 'text/html;
> charset=iso-8859-1', 'connection': 'close', 'server': 'Apache/2.4.10
> (Fedora) mod_auth_kerb/5.4 mod_nss/2.4.6 NSS/3.15.3 Basic ECC
> mod_wsgi/3.5 Python/2.7.5'}2014-09-08T19:21:08Z DEBUG request body
> '<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML
> 2.0//EN">\n<html><head>\n<title>503 Service
> Unavailable</title>\n</head><body>\n<h1>Service
> Unavailable</h1>\n<p>The server is temporarily unable to service
> your\nrequest due to maintenance downtime or capacity\nproblems.
> Please try again later.</p>\n</body></html>\n'
>
> 2014-09-08T19:21:08Z DEBUG The CA status is: Service Unavailable
>
>
> Problem #2:
> The next problem I'm encountering and doesn't seem to be related to
> the CA setup is on the next step of "kinit admin". It fails with
> "generic pre authentication failure while getting initial credentials"
>
> stracing kinit show that it tried to open file
> "/var/lib/sss/pubconf/kdcinfo.GATEWAY.2WIRE.NET
> <http://kdcinfo.gateway.2wire.net/>") and fails with "no such file"
> error. "pubconf" dir only has empty "krb5.include.d".
>
> I don't know if this failure is due to the fact that the setup didn't
> run all the way and some configuration is missing or this is a
> separate issue .
>
> Are these bugs that need to be filled with bugzilla or am I doing
> something incorrectly?
>
> Any help would be appreciated.
>
> Thank you.
>
>
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140908/ee191361/attachment.htm>
More information about the Freeipa-users
mailing list