[Freeipa-users] Setup of freeipa 4.1.3 failed

Martin Kosek mkosek at redhat.com
Wed Apr 1 14:17:44 UTC 2015 

Hmm, really? The port 8443 is already checked in FreeIPA 4.0.4 or later, based
on this ticket:

https://fedorahosted.org/freeipa/ticket/4564

If your installation crashed because port 8443 was occupied, the fix 4564 is
either incomplete or non-functional and we should fix it.

On 04/01/2015 01:38 PM, Roberto Cornacchia wrote:
> I had this error during my first installation. It turned out the problem
> was that port 8443 was already used by another process.
> 
> Roberto
> 
> On 31 March 2015 at 19:54, Markus Roth <markus at die5roths.de> wrote:
> 
>> Hi all,
>>
>> I want setup freeipa 4.1.3 on a fresh installed fedora 21.
>> The ipa-server-install shows the following output:
>>
>> configuring NTP daemon (ntpd)
>>   [1/4]: stopping ntpd
>>   [2/4]: writing configuration
>>   [3/4]: configuring ntpd to start on boot
>>   [4/4]: starting ntpd
>> Done configuring NTP daemon (ntpd).
>> Configuring directory server (dirsrv): Estimated time 1 minute
>>   [1/38]: creating directory server user
>>   [2/38]: creating directory server instance
>>   [3/38]: adding default schema
>>   [4/38]: enabling memberof plugin
>>   [5/38]: enabling winsync plugin
>>   [6/38]: configuring replication version plugin
>>   [7/38]: enabling IPA enrollment plugin
>>   [8/38]: enabling ldapi
>>   [9/38]: configuring uniqueness plugin
>>   [10/38]: configuring uuid plugin
>>   [11/38]: configuring modrdn plugin
>>   [12/38]: configuring DNS plugin
>>   [13/38]: enabling entryUSN plugin
>>   [14/38]: configuring lockout plugin
>>   [15/38]: creating indices
>>   [16/38]: enabling referential integrity plugin
>>   [17/38]: configuring certmap.conf
>>   [18/38]: configure autobind for root
>>   [19/38]: configure new location for managed entries
>>   [20/38]: configure dirsrv ccache
>>   [21/38]: enable SASL mapping fallback
>>   [22/38]: restarting directory server
>>   [23/38]: adding default layout
>>   [24/38]: adding delegation layout
>>   [25/38]: creating container for managed entries
>>   [26/38]: configuring user private groups
>>   [27/38]: configuring netgroups from hostgroups
>>   [28/38]: creating default Sudo bind user
>>   [29/38]: creating default Auto Member layout
>>   [30/38]: adding range check plugin
>>   [31/38]: creating default HBAC rule allow_all
>>   [32/38]: initializing group membership
>>   [33/38]: adding master entry
>>   [34/38]: configuring Posix uid/gid generation
>>   [35/38]: adding replication acis
>>   [36/38]: enabling compatibility plugin
>>   [37/38]: tuning directory server
>>   [38/38]: configuring directory to start on boot
>> Done configuring directory server (dirsrv).
>> Configuring certificate server (pki-tomcatd): Estimated time 3 minutes 30
>> seconds
>>   [1/27]: creating certificate server user
>>   [2/27]: configuring certificate server instance
>>   [3/27]: stopping certificate server instance to update CS.cfg
>>   [4/27]: backing up CS.cfg
>>   [5/27]: disabling nonces
>>   [6/27]: set up CRL publishing
>>   [7/27]: enable PKIX certificate path discovery and validation
>>   [8/27]: starting certificate server instance
>>   [error] RuntimeError: CA did not start in 300.0s
>> CA did not start in 300.0s
>>
>> The ipa server install log shows this:
>>
>> 2015-03-31T17:39:35Z DEBUG The CA status is: check interrupted
>> 2015-03-31T17:39:35Z DEBUG Waiting for CA to start...
>> 2015-03-31T17:39:36Z DEBUG Traceback (most recent call last):
>>   File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
>> line
>> 382, in start_creation
>>     run_step(full_msg, method)
>>   File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
>> line
>> 372, in run_step
>>     method()
>>   File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py",
>> line 526, in __start
>>     self.start()
>>   File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
>> line
>> 279, in start
>>     self.service.start(instance_name, capture_output=capture_output,
>> wait=wait)
>>   File "/usr/lib/python2.7/site-packages/ipaplatform/redhat/services.py",
>> line
>> 229, in start
>>     self.wait_until_running()
>>   File "/usr/lib/python2.7/site-packages/ipaplatform/redhat/services.py",
>> line
>> 223, in wait_until_running
>>     raise RuntimeError('CA did not start in %ss' % timeout)
>> RuntimeError: CA did not start in 300.0s
>>
>> 2015-03-31T17:39:36Z DEBUG   [error] RuntimeError: CA did not start in
>> 300.0s
>> 2015-03-31T17:39:36Z DEBUG   File "/usr/lib/python2.7/site-
>> packages/ipaserver/install/installutils.py", line 642, in run_script
>>     return_value = main_function()
>>
>>   File "/usr/sbin/ipa-server-install", line 1183, in main
>>     ca_signing_algorithm=options.ca_signing_algorithm)
>>
>>   File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py",
>> line 520, in configure_instance
>>     self.start_creation(runtime=210)
>>
>>   File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
>> line
>> 382, in start_creation
>>     run_step(full_msg, method)
>>
>>   File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
>> line
>> 372, in run_step
>>     method()
>>
>>   File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py",
>> line 526, in __start
>>     self.start()
>>
>>   File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
>> line
>> 279, in start
>>     self.service.start(instance_name, capture_output=capture_output,
>> wait=wait)
>>
>>   File "/usr/lib/python2.7/site-packages/ipaplatform/redhat/services.py",
>> line
>> 229, in start
>>     self.wait_until_running()
>>
>>   File "/usr/lib/python2.7/site-packages/ipaplatform/redhat/services.py",
>> line
>> 223, in wait_until_running
>>     raise RuntimeError('CA did not start in %ss' % timeout)
>>
>> 2015-03-31T17:39:36Z DEBUG The ipa-server-install command failed,
>> exception:
>> RuntimeError: CA did not start in 300.0s
>>
>> I uninstalled the ipa server completely several times and installed it
>> again.
>> But it always stops at the same step with the setup.
>>
>> Can anybody help?
>>
>> Markus.
>>
>> --
>> Manage your subscription for the Freeipa-users mailing list:
>> https://www.redhat.com/mailman/listinfo/freeipa-users
>> Go to http://freeipa.org for more info on the project
>>
> 
> 
>

More information about the Freeipa-users mailing list