[Freeipa-users] Saltstack and ipa-install on Centos7 failing
Dmitri Pal
dpal at redhat.com
Fri Mar 13 13:15:51 UTC 2015
On 03/13/2015 07:43 AM, Andrew Holway wrote:
> Hallo
>
> I have a quite odd situation. I am using saltstack to set up freeipa
> servers on Centos 7 but I am getting the following error:
>
> failed to create ds instance Command '/usr/sbin/setup-ds.pl
> <http://setup-ds.pl> --silent --logfile - -f /tmp/tmp5witgD' returned
> non-zero exit status 1
>
> Saltstack outputs the command it is trying to run:
>
> ipa-server-install -a password --realm CLOUD.DOMAIN.DE
> <http://CLOUD.DOMAIN.DE> -P password -p password -n cloud.domain.de
> <http://cloud.domain.de> --setup-dns --unattended --no-forwarders
>
> However if I run this command manually on a clean machine it works fine.
>
> It works on Centos 6.
It usually means that you have different privileges and context when you
are running command manually and via SaltStack.
There is probably a different user and a different SELinux context.
Do you see any AVC denials?
It really seems that you have two DS instances going on the same
machine. I suspewt that when run manually as root you sort of override
the lock and things go through but when you do it via SaltStack it is
different.
Why do you need two DS instances?
>
>
>
> I see this in the slapd error log:
>
> [root at freeipa-2 slapd-CLOUD-NATIVE-INSTRUMENTS-DE]# cat errors
> 389-Directory/1.3.1.6 <http://1.3.1.6> B2014.219.1825
> freeipa-2.cloud.native-instruments.de:389
> <http://freeipa-2.cloud.native-instruments.de:389>
> (/etc/dirsrv/slapd-CLOUD-NATIVE-INSTRUMENTS-DE)
>
> [13/Mar/2015:10:45:59 +0000] - Error - Unable to create
> /var/lock/dirsrv/slapd-CLOUD-NATIVE-INSTRUMENTS-DE/imports, Netscape
> Portable Runtime error -5966 (Access Denied.)
> [13/Mar/2015:10:45:59 +0000] - Shutting down due to possible conflicts
> with other slapd processes
> [13/Mar/2015:10:45:59 +0000] - Error - Unable to create
> /var/lock/dirsrv/slapd-CLOUD-NATIVE-INSTRUMENTS-DE/imports, Netscape
> Portable Runtime error -5966 (Access Denied.)
> [13/Mar/2015:10:45:59 +0000] - Shutting down due to possible conflicts
> with other slapd processes
> [root at freeipa-2 slapd-CLOUD-NATIVE-INSTRUMENTS-DE]# cat errors | sed
> s/NATIVE-INSTRUMENTS/DOMAIN/g
> 389-Directory/1.3.1.6 <http://1.3.1.6> B2014.219.1825
> freeipa-2.cloud.native-instruments.de:389
> <http://freeipa-2.cloud.native-instruments.de:389>
> (/etc/dirsrv/slapd-CLOUD-DOMAIN-DE)
>
> [13/Mar/2015:10:45:59 +0000] - Error - Unable to create
> /var/lock/dirsrv/slapd-CLOUD-DOMAIN-DE/imports, Netscape Portable
> Runtime error -5966 (Access Denied.)
> [13/Mar/2015:10:45:59 +0000] - Shutting down due to possible conflicts
> with other slapd processes
> [13/Mar/2015:10:45:59 +0000] - Error - Unable to create
> /var/lock/dirsrv/slapd-CLOUD-DOMAIN-DE/imports, Netscape Portable
> Runtime error -5966 (Access Denied.)
> [13/Mar/2015:10:45:59 +0000] - Shutting down due to possible conflicts
> with other slapd processes
>
>
>
>
>
>
>
> ipaserver-install.log
>
> 015-03-13T10:45:57Z DEBUG Loading StateFile from
> '/var/lib/ipa/sysrestore/sysrestore.state'
> 2015-03-13T10:45:57Z DEBUG Loading Index file from
> '/var/lib/ipa/sysrestore/sysrestore.index'
> 2015-03-13T10:45:57Z DEBUG httpd is not configured
> 2015-03-13T10:45:57Z DEBUG kadmin is not configured
> 2015-03-13T10:45:57Z DEBUG dirsrv is not configured
> 2015-03-13T10:45:57Z DEBUG pki-cad is not configured
> 2015-03-13T10:45:57Z DEBUG pki-tomcatd is not configured
> 2015-03-13T10:45:57Z DEBUG install is not configured
> 2015-03-13T10:45:57Z DEBUG krb5kdc is not configured
> 2015-03-13T10:45:57Z DEBUG ntpd is not configured
> 2015-03-13T10:45:57Z DEBUG named is not configured
> 2015-03-13T10:45:57Z DEBUG ipa_memcached is not configured
> 2015-03-13T10:45:57Z DEBUG filestore is tracking no files
> 2015-03-13T10:45:57Z DEBUG Loading Index file from
> '/var/lib/ipa-client/sysrestore/sysrestore.index'
> 2015-03-13T10:45:57Z DEBUG /usr/sbin/ipa-server-install was invoked
> with options: {'reverse_zone': None, 'mkhomedir': False,
> 'create_sshfp': True, 'conf_sshd': True, 'conf_ntp': True, 'subject':
> None, 'no_forwarders': True, 'ui_redirect': True, 'domain_name':
> 'cloud.domain.de <http://cloud.domain.de>', 'idmax': 0, 'hbac_allow':
> False, 'no_reverse': False, 'dirsrv_pkcs12': None, 'unattended': True,
> 'trust_sshfp': False, 'external_ca_file': None, 'no_host_dns': False,
> 'http_pkcs12': None, 'realm_name': 'CLOUD.DOMAIN.DE
> <http://CLOUD.DOMAIN.DE>', 'forwarders': None, 'idstart': 1544400000,
> 'external_ca': False, 'ip_address': None, 'conf_ssh': True, 'zonemgr':
> None, 'root_ca_file': None, 'setup_dns': True, 'host_name': None,
> 'debug': False, 'external_cert_file': None, 'uninstall': False}
> 2015-03-13T10:45:57Z DEBUG missing options might be asked for
> interactively later
>
> 2015-03-13T10:45:57Z DEBUG Loading Index file from
> '/var/lib/ipa/sysrestore/sysrestore.index'
> 2015-03-13T10:45:57Z DEBUG Loading StateFile from
> '/var/lib/ipa/sysrestore/sysrestore.state'
> 2015-03-13T10:45:57Z DEBUG Starting external process
> 2015-03-13T10:45:57Z DEBUG args=/bin/systemctl is-enabled chronyd.service
> 2015-03-13T10:45:57Z DEBUG Process finished, return code=0
> 2015-03-13T10:45:57Z DEBUG stdout=enabled
>
> 2015-03-13T10:45:57Z DEBUG stderr=
> 2015-03-13T10:45:57Z DEBUG Starting external process
> 2015-03-13T10:45:57Z DEBUG args=/usr/sbin/httpd -t -D DUMP_VHOSTS
> 2015-03-13T10:45:57Z DEBUG Process finished, return code=0
> 2015-03-13T10:45:57Z DEBUG stdout=VirtualHost configuration:
> *:8443 is a NameVirtualHost
> default server freeipa-2.cloud.domain.de
> <http://freeipa-2.cloud.domain.de> (/etc/httpd/conf.d/nss.conf:86)
> port 8443 namevhost freeipa-2.cloud.domain.de
> <http://freeipa-2.cloud.domain.de> (/etc/httpd/conf.d/nss.conf:86)
> port 8443 namevhost freeipa-2.cloud.domain.de
> <http://freeipa-2.cloud.domain.de> (/etc/httpd/conf.d/nss.conf:86)
>
> 2015-03-13T10:45:57Z DEBUG stderr=
> 2015-03-13T10:45:57Z DEBUG Check if freeipa-2.cloud.domain.de
> <http://freeipa-2.cloud.domain.de> is a primary hostname for localhost
> 2015-03-13T10:45:57Z DEBUG Primary hostname for localhost:
> freeipa-2.cloud.domain.de <http://freeipa-2.cloud.domain.de>
> 2015-03-13T10:45:57Z DEBUG will use host_name:
> freeipa-2.cloud.domain.de <http://freeipa-2.cloud.domain.de>
>
> 2015-03-13T10:45:57Z DEBUG Starting external process
> 2015-03-13T10:45:57Z DEBUG args=/sbin/ip -family inet -oneline address
> show
> 2015-03-13T10:45:57Z DEBUG Process finished, return code=0
> 2015-03-13T10:45:57Z DEBUG stdout=1: lo inet 127.0.0.1/8
> <http://127.0.0.1/8> scope host lo\ valid_lft forever
> preferred_lft forever
> 2: eth0 inet 10.16.1.100/24 <http://10.16.1.100/24> brd 10.16.1.255
> scope global dynamic eth0\ valid_lft 2770sec preferred_lft 2770sec
>
> 2015-03-13T10:45:57Z DEBUG stderr=
> 2015-03-13T10:45:57Z DEBUG will use dns_forwarders: ()
>
> 2015-03-13T10:45:57Z DEBUG importing all plugin modules in
> '/usr/lib/python2.7/site-packages/ipalib/plugins'...
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/aci.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/automember.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/automount.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/baseldap.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/batch.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/cert.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/config.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/delegation.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/dns.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/group.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/hbacrule.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/hbacsvc.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/hbacsvcgroup.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/hbactest.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/host.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/hostgroup.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/idrange.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/internal.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/kerberos.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/krbtpolicy.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/migration.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/misc.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/netgroup.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/passwd.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/permission.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/ping.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/pkinit.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/privilege.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/pwpolicy.py'
> 2015-03-13T10:45:57Z DEBUG Starting external process
> 2015-03-13T10:45:57Z DEBUG args=klist -V
> 2015-03-13T10:45:57Z DEBUG Process finished, return code=0
> 2015-03-13T10:45:57Z DEBUG stdout=Kerberos 5 version 1.11.3
>
> 2015-03-13T10:45:57Z DEBUG stderr=
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/realmdomains.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/role.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/selfservice.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/selinuxusermap.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/service.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/sudocmd.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/sudocmdgroup.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/sudorule.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/trust.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/user.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/virtual.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipalib/plugins/xmlclient.py'
> 2015-03-13T10:45:57Z DEBUG importing all plugin modules in
> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins'...
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/adtrust.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/baseupdate.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/dns.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/fix_replica_agreements.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/rename_managed.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/update_anonymous_aci.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/update_idranges.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/update_pacs.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/update_services.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/updateclient.py'
> 2015-03-13T10:45:57Z DEBUG importing plugin module
> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/upload_cacrt.py'
> 2015-03-13T10:45:58Z DEBUG Adding DS group dirsrv
> 2015-03-13T10:45:58Z DEBUG Starting external process
> 2015-03-13T10:45:58Z DEBUG args=/usr/sbin/groupadd -r dirsrv
> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0
> 2015-03-13T10:45:58Z DEBUG stdout=
> 2015-03-13T10:45:58Z DEBUG stderr=
> 2015-03-13T10:45:58Z DEBUG Done adding DS group
> 2015-03-13T10:45:58Z DEBUG Starting external process
> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl is-enabled chronyd.service
> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0
> 2015-03-13T10:45:58Z DEBUG stdout=enabled
>
> 2015-03-13T10:45:58Z DEBUG stderr=
> 2015-03-13T10:45:58Z DEBUG Starting external process
> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl is-active chronyd.service
> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0
> 2015-03-13T10:45:58Z DEBUG stdout=active
>
> 2015-03-13T10:45:58Z DEBUG stderr=
> 2015-03-13T10:45:58Z DEBUG Saving StateFile to
> '/var/lib/ipa/sysrestore/sysrestore.state'
> 2015-03-13T10:45:58Z DEBUG Saving StateFile to
> '/var/lib/ipa/sysrestore/sysrestore.state'
> 2015-03-13T10:45:58Z DEBUG Starting external process
> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl stop chronyd.service
> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0
> 2015-03-13T10:45:58Z DEBUG stdout=
> 2015-03-13T10:45:58Z DEBUG stderr=
> 2015-03-13T10:45:58Z DEBUG Starting external process
> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl disable chronyd.service
> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0
> 2015-03-13T10:45:58Z DEBUG stdout=
> 2015-03-13T10:45:58Z DEBUG stderr=rm
> '/etc/systemd/system/multi-user.target.wants/chronyd.service'
>
> 2015-03-13T10:45:58Z DEBUG Loading StateFile from
> '/var/lib/ipa/sysrestore/sysrestore.state'
> 2015-03-13T10:45:58Z DEBUG Configuring NTP daemon (ntpd)
> 2015-03-13T10:45:58Z DEBUG [1/4]: stopping ntpd
> 2015-03-13T10:45:58Z DEBUG Starting external process
> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl is-active ntpd.service
> 2015-03-13T10:45:58Z DEBUG Process finished, return code=3
> 2015-03-13T10:45:58Z DEBUG stdout=unknown
>
> 2015-03-13T10:45:58Z DEBUG stderr=
> 2015-03-13T10:45:58Z DEBUG Saving StateFile to
> '/var/lib/ipa/sysrestore/sysrestore.state'
> 2015-03-13T10:45:58Z DEBUG Starting external process
> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl stop ntpd.service
> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0
> 2015-03-13T10:45:58Z DEBUG stdout=
> 2015-03-13T10:45:58Z DEBUG stderr=
> 2015-03-13T10:45:58Z DEBUG duration: 0 seconds
> 2015-03-13T10:45:58Z DEBUG [2/4]: writing configuration
> 2015-03-13T10:45:58Z DEBUG Backing up system configuration file
> '/etc/ntp.conf'
> 2015-03-13T10:45:58Z DEBUG Saving Index File to
> '/var/lib/ipa/sysrestore/sysrestore.index'
> 2015-03-13T10:45:58Z DEBUG Backing up system configuration file
> '/etc/sysconfig/ntpd'
> 2015-03-13T10:45:58Z DEBUG Saving Index File to
> '/var/lib/ipa/sysrestore/sysrestore.index'
> 2015-03-13T10:45:58Z DEBUG duration: 0 seconds
> 2015-03-13T10:45:58Z DEBUG [3/4]: configuring ntpd to start on boot
> 2015-03-13T10:45:58Z DEBUG Starting external process
> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl is-enabled ntpd.service
> 2015-03-13T10:45:58Z DEBUG Process finished, return code=1
> 2015-03-13T10:45:58Z DEBUG stdout=disabled
>
> 2015-03-13T10:45:58Z DEBUG stderr=
> 2015-03-13T10:45:58Z DEBUG Saving StateFile to
> '/var/lib/ipa/sysrestore/sysrestore.state'
> 2015-03-13T10:45:58Z DEBUG Starting external process
> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl enable ntpd.service
> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0
> 2015-03-13T10:45:58Z DEBUG stdout=
> 2015-03-13T10:45:58Z DEBUG stderr=ln -s
> '/usr/lib/systemd/system/ntpd.service'
> '/etc/systemd/system/multi-user.target.wants/ntpd.service'
>
> 2015-03-13T10:45:58Z DEBUG duration: 0 seconds
> 2015-03-13T10:45:58Z DEBUG [4/4]: starting ntpd
> 2015-03-13T10:45:58Z DEBUG Starting external process
> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl start ntpd.service
> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0
> 2015-03-13T10:45:58Z DEBUG stdout=
> 2015-03-13T10:45:58Z DEBUG stderr=
> 2015-03-13T10:45:58Z DEBUG Starting external process
> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl is-active ntpd.service
> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0
> 2015-03-13T10:45:58Z DEBUG stdout=active
>
> 2015-03-13T10:45:58Z DEBUG stderr=
> 2015-03-13T10:45:58Z DEBUG duration: 0 seconds
> 2015-03-13T10:45:58Z DEBUG Done configuring NTP daemon (ntpd).
> 2015-03-13T10:45:58Z DEBUG Loading StateFile from
> '/var/lib/ipa/sysrestore/sysrestore.state'
> 2015-03-13T10:45:58Z DEBUG Configuring directory server (dirsrv):
> Estimated time 1 minute
> 2015-03-13T10:45:58Z DEBUG [1/38]: creating directory server user
> 2015-03-13T10:45:58Z DEBUG Adding DS user dirsrv
> 2015-03-13T10:45:58Z DEBUG Starting external process
> 2015-03-13T10:45:58Z DEBUG args=/usr/sbin/useradd -g dirsrv -c DS
> System User -d /var/lib/dirsrv -s /sbin/nologin -M -r dirsrv
> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0
> 2015-03-13T10:45:58Z DEBUG stdout=
> 2015-03-13T10:45:58Z DEBUG stderr=
> 2015-03-13T10:45:58Z DEBUG Done adding DS user
> 2015-03-13T10:45:58Z DEBUG duration: 0 seconds
> 2015-03-13T10:45:58Z DEBUG [2/38]: creating directory server instance
> 2015-03-13T10:45:58Z DEBUG Saving StateFile to
> '/var/lib/ipa/sysrestore/sysrestore.state'
> 2015-03-13T10:45:58Z DEBUG Backing up system configuration file
> '/etc/sysconfig/dirsrv'
> 2015-03-13T10:45:58Z DEBUG Saving Index File to
> '/var/lib/ipa/sysrestore/sysrestore.index'
> 2015-03-13T10:45:58Z DEBUG
> dn: dc=cloud,dc=domain,dc=de
> objectClass: top
> objectClass: domain
> objectClass: pilotObject
> dc: cloud
> info: IPA V2.0
>
> 2015-03-13T10:45:58Z DEBUG writing inf template
> 2015-03-13T10:45:58Z DEBUG
> [General]
> FullMachineName= freeipa-2.cloud.domain.de
> <http://freeipa-2.cloud.domain.de>
> SuiteSpotUserID= dirsrv
> SuiteSpotGroup= dirsrv
> ServerRoot= /usr/lib64/dirsrv
> [slapd]
> ServerPort= 389
> ServerIdentifier= CLOUD-DOMAIN-DE
> Suffix= dc=cloud,dc=domain,dc=de
> RootDN= cn=Directory Manager
> InstallLdifFile= /var/lib/dirsrv/boot.ldif
> inst_dir= /var/lib/dirsrv/scripts-CLOUD-DOMAIN-DE
>
> 2015-03-13T10:45:58Z DEBUG calling setup-ds.pl <http://setup-ds.pl>
> 2015-03-13T10:45:58Z DEBUG Starting external process
> 2015-03-13T10:45:58Z DEBUG args=/usr/sbin/setup-ds.pl
> <http://setup-ds.pl> --silent --logfile - -f /tmp/tmp5witgD
> 2015-03-13T10:45:59Z DEBUG Process finished, return code=1
> 2015-03-13T10:45:59Z DEBUG stdout=[15/03/13:10:45:59] - [Setup] Info
> Could not import LDIF file '/var/lib/dirsrv/boot.ldif'. Error: 256.
> Output: importing data ...
> [13/Mar/2015:10:45:59 +0000] - Error - Unable to create
> /var/lock/dirsrv/slapd-CLOUD-DOMAIN-DE/imports, Netscape Portable
> Runtime error -5966 (Access Denied.)
> [13/Mar/2015:10:45:59 +0000] - Shutting down due to possible conflicts
> with other slapd processes
>
> Could not import LDIF file '/var/lib/dirsrv/boot.ldif'. Error: 256.
> Output: importing data ...
> [13/Mar/2015:10:45:59 +0000] - Error - Unable to create
> /var/lock/dirsrv/slapd-CLOUD-DOMAIN-DE/imports, Netscape Portable
> Runtime error -5966 (Access Denied.)
> [13/Mar/2015:10:45:59 +0000] - Shutting down due to possible conflicts
> with other slapd processes
>
> [15/03/13:10:45:59] - [Setup] Fatal Error: Could not create directory
> server instance 'CLOUD-DOMAIN-DE'.
> Error: Could not create directory server instance 'CLOUD-DOMAIN-DE'.
> [15/03/13:10:45:59] - [Setup] Fatal Exiting . . .
> Log file is '-'
>
> Exiting . . .
> Log file is '-'
>
>
> 2015-03-13T10:45:59Z DEBUG stderr=
> 2015-03-13T10:45:59Z CRITICAL failed to create ds instance Command
> '/usr/sbin/setup-ds.pl <http://setup-ds.pl> --silent --logfile - -f
> /tmp/tmp5witgD' returned non-zero exit status 1
> 2015-03-13T10:45:59Z DEBUG restarting ds instance
> 2015-03-13T10:45:59Z DEBUG Starting external process
> 2015-03-13T10:45:59Z DEBUG args=/bin/systemctl --system daemon-reload
> 2015-03-13T10:45:59Z DEBUG Process finished, return code=0
> 2015-03-13T10:45:59Z DEBUG stdout=
> 2015-03-13T10:45:59Z DEBUG stderr=
> 2015-03-13T10:45:59Z DEBUG Starting external process
> 2015-03-13T10:45:59Z DEBUG args=/bin/systemctl restart
> dirsrv at CLOUD-DOMAIN-DE.service
> 2015-03-13T10:45:59Z DEBUG Process finished, return code=0
> 2015-03-13T10:45:59Z DEBUG stdout=
> 2015-03-13T10:45:59Z DEBUG stderr=
> 2015-03-13T10:45:59Z DEBUG Starting external process
> 2015-03-13T10:45:59Z DEBUG args=/bin/systemctl is-active
> dirsrv at CLOUD-DOMAIN-DE.service
> 2015-03-13T10:45:59Z DEBUG Process finished, return code=0
> 2015-03-13T10:45:59Z DEBUG stdout=active
>
> 2015-03-13T10:45:59Z DEBUG stderr=
> 2015-03-13T10:45:59Z DEBUG wait_for_open_ports: localhost [389]
> timeout 300
> 2015-03-13T10:50:59Z CRITICAL Failed to restart the directory server
> (). See the installation log for details.
> 2015-03-13T10:50:59Z DEBUG done restarting ds instance
> 2015-03-13T10:50:59Z DEBUG duration: 301 seconds
> 2015-03-13T10:50:59Z DEBUG [3/38]: adding default schema
> 2015-03-13T10:50:59Z DEBUG duration: 0 seconds
> 2015-03-13T10:50:59Z DEBUG [4/38]: enabling memberof plugin
> 2015-03-13T10:50:59Z DEBUG wait_for_open_ports:
> freeipa-2.cloud.domain.de <http://freeipa-2.cloud.domain.de> [389]
> timeout 10
> 2015-03-13T10:51:09Z DEBUG Could not connect to the Directory Server
> on freeipa-2.cloud.domain.de <http://freeipa-2.cloud.domain.de>:
> 2015-03-13T10:51:09Z DEBUG File
> "/usr/lib/python2.7/site-packages/ipaserver/install/installutils.py",
> line 638, in run_script
> return_value = main_function()
>
> File "/usr/sbin/ipa-server-install", line 1059, in main
> hbac_allow=not options.hbac_allow)
>
> File
> "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py",
> line 323, in create_instance
> self.start_creation(runtime=60)
>
> File
> "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line
> 364, in start_creation
> method()
>
> File
> "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py",
> line 501, in __add_memberof_module
> self._ldap_mod("memberof-conf.ldif")
>
> File
> "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line
> 152, in _ldap_mod
> self.ldap_connect()
>
> File
> "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line
> 99, in ldap_connect
> conn.do_simple_bind(bindpw=self.dm_password)
>
> File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line
> 1735, in do_simple_bind
> self.__bind_with_wait(self.conn.simple_bind_s, timeout, binddn,
> bindpw)
>
> File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line
> 1730, in __bind_with_wait
> self.__wait_for_connection(timeout)
>
> File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line
> 1719, in __wait_for_connection
> wait_for_open_ports(host, int(port), timeout)
>
> File "/usr/lib/python2.7/site-packages/ipapython/ipautil.py", line
> 1096, in wait_for_open_ports
> raise socket.timeout()
>
> 2015-03-13T10:51:09Z DEBUG The ipa-server-install command failed,
> exception: timeout:
>
>
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150313/3675191c/attachment.htm>
More information about the Freeipa-users
mailing list