[Freeipa-users] Setup of freeipa 4.1.3 failed

Roberto Cornacchia roberto.cornacchia at gmail.com
Wed Apr 1 14:31:40 UTC 2015 

Unfortunately I don't have the log anymore, as it was overwritten by the
following successful installation.
But the personal log I kept manually says (this was freeIPA 4.1.2):

...
Restarting the directory server
Restarting the KDC
Restarting the certificate server

CA did not start in 300.0s

It seems that Stash was already using port 8443.
Changed Stash configuration and (just to be sure) stopped both Jira and
Stash before attempting again

Ran
$ ipa-server-install --uninstall

and tried installation again.
Succeeded:




On 1 April 2015 at 16:17, Martin Kosek <mkosek at redhat.com> wrote:

> Hmm, really? The port 8443 is already checked in FreeIPA 4.0.4 or later,
> based
> on this ticket:
>
> https://fedorahosted.org/freeipa/ticket/4564
>
> If your installation crashed because port 8443 was occupied, the fix 4564
> is
> either incomplete or non-functional and we should fix it.
>
> On 04/01/2015 01:38 PM, Roberto Cornacchia wrote:
> > I had this error during my first installation. It turned out the problem
> > was that port 8443 was already used by another process.
> >
> > Roberto
> >
> > On 31 March 2015 at 19:54, Markus Roth <markus at die5roths.de> wrote:
> >
> >> Hi all,
> >>
> >> I want setup freeipa 4.1.3 on a fresh installed fedora 21.
> >> The ipa-server-install shows the following output:
> >>
> >> configuring NTP daemon (ntpd)
> >>   [1/4]: stopping ntpd
> >>   [2/4]: writing configuration
> >>   [3/4]: configuring ntpd to start on boot
> >>   [4/4]: starting ntpd
> >> Done configuring NTP daemon (ntpd).
> >> Configuring directory server (dirsrv): Estimated time 1 minute
> >>   [1/38]: creating directory server user
> >>   [2/38]: creating directory server instance
> >>   [3/38]: adding default schema
> >>   [4/38]: enabling memberof plugin
> >>   [5/38]: enabling winsync plugin
> >>   [6/38]: configuring replication version plugin
> >>   [7/38]: enabling IPA enrollment plugin
> >>   [8/38]: enabling ldapi
> >>   [9/38]: configuring uniqueness plugin
> >>   [10/38]: configuring uuid plugin
> >>   [11/38]: configuring modrdn plugin
> >>   [12/38]: configuring DNS plugin
> >>   [13/38]: enabling entryUSN plugin
> >>   [14/38]: configuring lockout plugin
> >>   [15/38]: creating indices
> >>   [16/38]: enabling referential integrity plugin
> >>   [17/38]: configuring certmap.conf
> >>   [18/38]: configure autobind for root
> >>   [19/38]: configure new location for managed entries
> >>   [20/38]: configure dirsrv ccache
> >>   [21/38]: enable SASL mapping fallback
> >>   [22/38]: restarting directory server
> >>   [23/38]: adding default layout
> >>   [24/38]: adding delegation layout
> >>   [25/38]: creating container for managed entries
> >>   [26/38]: configuring user private groups
> >>   [27/38]: configuring netgroups from hostgroups
> >>   [28/38]: creating default Sudo bind user
> >>   [29/38]: creating default Auto Member layout
> >>   [30/38]: adding range check plugin
> >>   [31/38]: creating default HBAC rule allow_all
> >>   [32/38]: initializing group membership
> >>   [33/38]: adding master entry
> >>   [34/38]: configuring Posix uid/gid generation
> >>   [35/38]: adding replication acis
> >>   [36/38]: enabling compatibility plugin
> >>   [37/38]: tuning directory server
> >>   [38/38]: configuring directory to start on boot
> >> Done configuring directory server (dirsrv).
> >> Configuring certificate server (pki-tomcatd): Estimated time 3 minutes
> 30
> >> seconds
> >>   [1/27]: creating certificate server user
> >>   [2/27]: configuring certificate server instance
> >>   [3/27]: stopping certificate server instance to update CS.cfg
> >>   [4/27]: backing up CS.cfg
> >>   [5/27]: disabling nonces
> >>   [6/27]: set up CRL publishing
> >>   [7/27]: enable PKIX certificate path discovery and validation
> >>   [8/27]: starting certificate server instance
> >>   [error] RuntimeError: CA did not start in 300.0s
> >> CA did not start in 300.0s
> >>
> >> The ipa server install log shows this:
> >>
> >> 2015-03-31T17:39:35Z DEBUG The CA status is: check interrupted
> >> 2015-03-31T17:39:35Z DEBUG Waiting for CA to start...
> >> 2015-03-31T17:39:36Z DEBUG Traceback (most recent call last):
> >>   File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
> >> line
> >> 382, in start_creation
> >>     run_step(full_msg, method)
> >>   File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
> >> line
> >> 372, in run_step
> >>     method()
> >>   File
> "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py",
> >> line 526, in __start
> >>     self.start()
> >>   File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
> >> line
> >> 279, in start
> >>     self.service.start(instance_name, capture_output=capture_output,
> >> wait=wait)
> >>   File
> "/usr/lib/python2.7/site-packages/ipaplatform/redhat/services.py",
> >> line
> >> 229, in start
> >>     self.wait_until_running()
> >>   File
> "/usr/lib/python2.7/site-packages/ipaplatform/redhat/services.py",
> >> line
> >> 223, in wait_until_running
> >>     raise RuntimeError('CA did not start in %ss' % timeout)
> >> RuntimeError: CA did not start in 300.0s
> >>
> >> 2015-03-31T17:39:36Z DEBUG   [error] RuntimeError: CA did not start in
> >> 300.0s
> >> 2015-03-31T17:39:36Z DEBUG   File "/usr/lib/python2.7/site-
> >> packages/ipaserver/install/installutils.py", line 642, in run_script
> >>     return_value = main_function()
> >>
> >>   File "/usr/sbin/ipa-server-install", line 1183, in main
> >>     ca_signing_algorithm=options.ca_signing_algorithm)
> >>
> >>   File
> "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py",
> >> line 520, in configure_instance
> >>     self.start_creation(runtime=210)
> >>
> >>   File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
> >> line
> >> 382, in start_creation
> >>     run_step(full_msg, method)
> >>
> >>   File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
> >> line
> >> 372, in run_step
> >>     method()
> >>
> >>   File
> "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py",
> >> line 526, in __start
> >>     self.start()
> >>
> >>   File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
> >> line
> >> 279, in start
> >>     self.service.start(instance_name, capture_output=capture_output,
> >> wait=wait)
> >>
> >>   File
> "/usr/lib/python2.7/site-packages/ipaplatform/redhat/services.py",
> >> line
> >> 229, in start
> >>     self.wait_until_running()
> >>
> >>   File
> "/usr/lib/python2.7/site-packages/ipaplatform/redhat/services.py",
> >> line
> >> 223, in wait_until_running
> >>     raise RuntimeError('CA did not start in %ss' % timeout)
> >>
> >> 2015-03-31T17:39:36Z DEBUG The ipa-server-install command failed,
> >> exception:
> >> RuntimeError: CA did not start in 300.0s
> >>
> >> I uninstalled the ipa server completely several times and installed it
> >> again.
> >> But it always stops at the same step with the setup.
> >>
> >> Can anybody help?
> >>
> >> Markus.
> >>
> >> --
> >> Manage your subscription for the Freeipa-users mailing list:
> >> https://www.redhat.com/mailman/listinfo/freeipa-users
> >> Go to http://freeipa.org for more info on the project
> >>
> >
> >
> >
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150401/e5b35fb2/attachment.htm>

More information about the Freeipa-users mailing list