[Freeipa-users] Saltstack and ipa-install on Centos7 failing

Andrew Holway andrew.holway at gmail.com
Fri Mar 13 14:55:32 UTC 2015 

On 13 March 2015 at 15:33, Michael Lasevich <mlasevich at gmail.com> wrote:

> Is SELinux on?
>
Yes,

ipa-server-install is running in the initrc_t domain but I guess its set up
to run unconfined


ps -Z with ipa-server-install run from salt-stack :

system_u:system_r:init_t:s0     root   1568  0.0  1.4 231308 14652 ?
Ss   14:31   0:00 /bin/python2 /usr/bin/salt-minion

system_u:system_r:initrc_t:s0   root   3101  1.0  4.8 222004 49232 ?
S    14:47   0:01 /usr/bin/python -E /usr/sbin/ipa-server-install

ps -Z with ipa-server-install run from console :

unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 root 4503 23.7  4.8
323356 48860 pts/1 S+ 14:53   0:00 /usr/bin/python -E
/sbin/ipa-server-install


On Mar 13, 2015 7:46 AM, "Andrew Holway" <andrew.holway at gmail.com> wrote:
>
>> Hallo
>>
>> I have a quite odd situation. I am using saltstack to set up freeipa
>> servers on Centos 7 but I am getting the following error:
>>
>> failed to create ds instance Command '/usr/sbin/setup-ds.pl --silent
>> --logfile - -f /tmp/tmp5witgD' returned non-zero exit status 1
>>
>> Saltstack outputs the command it is trying to run:
>>
>> ipa-server-install -a password --realm CLOUD.DOMAIN.DE -P password -p
>> password -n cloud.domain.de --setup-dns --unattended --no-forwarders
>>
>> However if I run this command manually on a clean machine it works fine.
>>
>> It works on Centos 6.
>>
>>
>>
>> I see this in the slapd error log:
>>
>> [root at freeipa-2 slapd-CLOUD-NATIVE-INSTRUMENTS-DE]# cat errors
>> 389-Directory/1.3.1.6 B2014.219.1825
>> freeipa-2.cloud.native-instruments.de:389
>> (/etc/dirsrv/slapd-CLOUD-NATIVE-INSTRUMENTS-DE)
>>
>> [13/Mar/2015:10:45:59 +0000] - Error - Unable to create
>> /var/lock/dirsrv/slapd-CLOUD-NATIVE-INSTRUMENTS-DE/imports, Netscape
>> Portable Runtime error -5966 (Access Denied.)
>> [13/Mar/2015:10:45:59 +0000] - Shutting down due to possible conflicts
>> with other slapd processes
>> [13/Mar/2015:10:45:59 +0000] - Error - Unable to create
>> /var/lock/dirsrv/slapd-CLOUD-NATIVE-INSTRUMENTS-DE/imports, Netscape
>> Portable Runtime error -5966 (Access Denied.)
>> [13/Mar/2015:10:45:59 +0000] - Shutting down due to possible conflicts
>> with other slapd processes
>> [root at freeipa-2 slapd-CLOUD-NATIVE-INSTRUMENTS-DE]# cat errors | sed
>> s/NATIVE-INSTRUMENTS/DOMAIN/g
>> 389-Directory/1.3.1.6 B2014.219.1825
>> freeipa-2.cloud.native-instruments.de:389
>> (/etc/dirsrv/slapd-CLOUD-DOMAIN-DE)
>>
>> [13/Mar/2015:10:45:59 +0000] - Error - Unable to create
>> /var/lock/dirsrv/slapd-CLOUD-DOMAIN-DE/imports, Netscape Portable Runtime
>> error -5966 (Access Denied.)
>> [13/Mar/2015:10:45:59 +0000] - Shutting down due to possible conflicts
>> with other slapd processes
>> [13/Mar/2015:10:45:59 +0000] - Error - Unable to create
>> /var/lock/dirsrv/slapd-CLOUD-DOMAIN-DE/imports, Netscape Portable Runtime
>> error -5966 (Access Denied.)
>> [13/Mar/2015:10:45:59 +0000] - Shutting down due to possible conflicts
>> with other slapd processes
>>
>>
>>
>>
>>
>>
>>
>> ipaserver-install.log
>>
>> 015-03-13T10:45:57Z DEBUG Loading StateFile from
>> '/var/lib/ipa/sysrestore/sysrestore.state'
>> 2015-03-13T10:45:57Z DEBUG Loading Index file from
>> '/var/lib/ipa/sysrestore/sysrestore.index'
>> 2015-03-13T10:45:57Z DEBUG httpd is not configured
>> 2015-03-13T10:45:57Z DEBUG kadmin is not configured
>> 2015-03-13T10:45:57Z DEBUG dirsrv is not configured
>> 2015-03-13T10:45:57Z DEBUG pki-cad is not configured
>> 2015-03-13T10:45:57Z DEBUG pki-tomcatd is not configured
>> 2015-03-13T10:45:57Z DEBUG install is not configured
>> 2015-03-13T10:45:57Z DEBUG krb5kdc is not configured
>> 2015-03-13T10:45:57Z DEBUG ntpd is not configured
>> 2015-03-13T10:45:57Z DEBUG named is not configured
>> 2015-03-13T10:45:57Z DEBUG ipa_memcached is not configured
>> 2015-03-13T10:45:57Z DEBUG filestore is tracking no files
>> 2015-03-13T10:45:57Z DEBUG Loading Index file from
>> '/var/lib/ipa-client/sysrestore/sysrestore.index'
>> 2015-03-13T10:45:57Z DEBUG /usr/sbin/ipa-server-install was invoked with
>> options: {'reverse_zone': None, 'mkhomedir': False, 'create_sshfp': True,
>> 'conf_sshd': True, 'conf_ntp': True, 'subject': None, 'no_forwarders':
>> True, 'ui_redirect': True, 'domain_name': 'cloud.domain.de', 'idmax': 0,
>> 'hbac_allow': False, 'no_reverse': False, 'dirsrv_pkcs12': None,
>> 'unattended': True, 'trust_sshfp': False, 'external_ca_file': None,
>> 'no_host_dns': False, 'http_pkcs12': None, 'realm_name': 'CLOUD.DOMAIN.DE',
>> 'forwarders': None, 'idstart': 1544400000, 'external_ca': False,
>> 'ip_address': None, 'conf_ssh': True, 'zonemgr': None, 'root_ca_file':
>> None, 'setup_dns': True, 'host_name': None, 'debug': False,
>> 'external_cert_file': None, 'uninstall': False}
>> 2015-03-13T10:45:57Z DEBUG missing options might be asked for
>> interactively later
>>
>> 2015-03-13T10:45:57Z DEBUG Loading Index file from
>> '/var/lib/ipa/sysrestore/sysrestore.index'
>> 2015-03-13T10:45:57Z DEBUG Loading StateFile from
>> '/var/lib/ipa/sysrestore/sysrestore.state'
>> 2015-03-13T10:45:57Z DEBUG Starting external process
>> 2015-03-13T10:45:57Z DEBUG args=/bin/systemctl is-enabled chronyd.service
>> 2015-03-13T10:45:57Z DEBUG Process finished, return code=0
>> 2015-03-13T10:45:57Z DEBUG stdout=enabled
>>
>> 2015-03-13T10:45:57Z DEBUG stderr=
>> 2015-03-13T10:45:57Z DEBUG Starting external process
>> 2015-03-13T10:45:57Z DEBUG args=/usr/sbin/httpd -t -D DUMP_VHOSTS
>> 2015-03-13T10:45:57Z DEBUG Process finished, return code=0
>> 2015-03-13T10:45:57Z DEBUG stdout=VirtualHost configuration:
>> *:8443                 is a NameVirtualHost
>>          default server freeipa-2.cloud.domain.de
>> (/etc/httpd/conf.d/nss.conf:86)
>>          port 8443 namevhost freeipa-2.cloud.domain.de
>> (/etc/httpd/conf.d/nss.conf:86)
>>          port 8443 namevhost freeipa-2.cloud.domain.de
>> (/etc/httpd/conf.d/nss.conf:86)
>>
>> 2015-03-13T10:45:57Z DEBUG stderr=
>> 2015-03-13T10:45:57Z DEBUG Check if freeipa-2.cloud.domain.de is a
>> primary hostname for localhost
>> 2015-03-13T10:45:57Z DEBUG Primary hostname for localhost:
>> freeipa-2.cloud.domain.de
>> 2015-03-13T10:45:57Z DEBUG will use host_name: freeipa-2.cloud.domain.de
>>
>> 2015-03-13T10:45:57Z DEBUG Starting external process
>> 2015-03-13T10:45:57Z DEBUG args=/sbin/ip -family inet -oneline address
>> show
>> 2015-03-13T10:45:57Z DEBUG Process finished, return code=0
>> 2015-03-13T10:45:57Z DEBUG stdout=1: lo    inet 127.0.0.1/8 scope host
>> lo\       valid_lft forever preferred_lft forever
>> 2: eth0    inet 10.16.1.100/24 brd 10.16.1.255 scope global dynamic
>> eth0\       valid_lft 2770sec preferred_lft 2770sec
>>
>> 2015-03-13T10:45:57Z DEBUG stderr=
>> 2015-03-13T10:45:57Z DEBUG will use dns_forwarders: ()
>>
>> 2015-03-13T10:45:57Z DEBUG importing all plugin modules in
>> '/usr/lib/python2.7/site-packages/ipalib/plugins'...
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/aci.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/automember.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/automount.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/baseldap.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/batch.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/cert.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/config.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/delegation.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/dns.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/group.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/hbacrule.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/hbacsvc.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/hbacsvcgroup.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/hbactest.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/host.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/hostgroup.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/idrange.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/internal.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/kerberos.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/krbtpolicy.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/migration.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/misc.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/netgroup.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/passwd.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/permission.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/ping.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/pkinit.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/privilege.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/pwpolicy.py'
>> 2015-03-13T10:45:57Z DEBUG Starting external process
>> 2015-03-13T10:45:57Z DEBUG args=klist -V
>> 2015-03-13T10:45:57Z DEBUG Process finished, return code=0
>> 2015-03-13T10:45:57Z DEBUG stdout=Kerberos 5 version 1.11.3
>>
>> 2015-03-13T10:45:57Z DEBUG stderr=
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/realmdomains.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/role.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/selfservice.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/selinuxusermap.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/service.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/sudocmd.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/sudocmdgroup.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/sudorule.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/trust.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/user.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/virtual.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipalib/plugins/xmlclient.py'
>> 2015-03-13T10:45:57Z DEBUG importing all plugin modules in
>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins'...
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/adtrust.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/baseupdate.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/dns.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/fix_replica_agreements.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/rename_managed.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/update_anonymous_aci.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/update_idranges.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/update_pacs.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/update_services.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/updateclient.py'
>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/upload_cacrt.py'
>> 2015-03-13T10:45:58Z DEBUG Adding DS group dirsrv
>> 2015-03-13T10:45:58Z DEBUG Starting external process
>> 2015-03-13T10:45:58Z DEBUG args=/usr/sbin/groupadd -r dirsrv
>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0
>> 2015-03-13T10:45:58Z DEBUG stdout=
>> 2015-03-13T10:45:58Z DEBUG stderr=
>> 2015-03-13T10:45:58Z DEBUG Done adding DS group
>> 2015-03-13T10:45:58Z DEBUG Starting external process
>> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl is-enabled chronyd.service
>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0
>> 2015-03-13T10:45:58Z DEBUG stdout=enabled
>>
>> 2015-03-13T10:45:58Z DEBUG stderr=
>> 2015-03-13T10:45:58Z DEBUG Starting external process
>> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl is-active chronyd.service
>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0
>> 2015-03-13T10:45:58Z DEBUG stdout=active
>>
>> 2015-03-13T10:45:58Z DEBUG stderr=
>> 2015-03-13T10:45:58Z DEBUG Saving StateFile to
>> '/var/lib/ipa/sysrestore/sysrestore.state'
>> 2015-03-13T10:45:58Z DEBUG Saving StateFile to
>> '/var/lib/ipa/sysrestore/sysrestore.state'
>> 2015-03-13T10:45:58Z DEBUG Starting external process
>> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl stop chronyd.service
>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0
>> 2015-03-13T10:45:58Z DEBUG stdout=
>> 2015-03-13T10:45:58Z DEBUG stderr=
>> 2015-03-13T10:45:58Z DEBUG Starting external process
>> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl disable chronyd.service
>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0
>> 2015-03-13T10:45:58Z DEBUG stdout=
>> 2015-03-13T10:45:58Z DEBUG stderr=rm
>> '/etc/systemd/system/multi-user.target.wants/chronyd.service'
>>
>> 2015-03-13T10:45:58Z DEBUG Loading StateFile from
>> '/var/lib/ipa/sysrestore/sysrestore.state'
>> 2015-03-13T10:45:58Z DEBUG Configuring NTP daemon (ntpd)
>> 2015-03-13T10:45:58Z DEBUG   [1/4]: stopping ntpd
>> 2015-03-13T10:45:58Z DEBUG Starting external process
>> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl is-active ntpd.service
>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=3
>> 2015-03-13T10:45:58Z DEBUG stdout=unknown
>>
>> 2015-03-13T10:45:58Z DEBUG stderr=
>> 2015-03-13T10:45:58Z DEBUG Saving StateFile to
>> '/var/lib/ipa/sysrestore/sysrestore.state'
>> 2015-03-13T10:45:58Z DEBUG Starting external process
>> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl stop ntpd.service
>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0
>> 2015-03-13T10:45:58Z DEBUG stdout=
>> 2015-03-13T10:45:58Z DEBUG stderr=
>> 2015-03-13T10:45:58Z DEBUG   duration: 0 seconds
>> 2015-03-13T10:45:58Z DEBUG   [2/4]: writing configuration
>> 2015-03-13T10:45:58Z DEBUG Backing up system configuration file
>> '/etc/ntp.conf'
>> 2015-03-13T10:45:58Z DEBUG Saving Index File to
>> '/var/lib/ipa/sysrestore/sysrestore.index'
>> 2015-03-13T10:45:58Z DEBUG Backing up system configuration file
>> '/etc/sysconfig/ntpd'
>> 2015-03-13T10:45:58Z DEBUG Saving Index File to
>> '/var/lib/ipa/sysrestore/sysrestore.index'
>> 2015-03-13T10:45:58Z DEBUG   duration: 0 seconds
>> 2015-03-13T10:45:58Z DEBUG   [3/4]: configuring ntpd to start on boot
>> 2015-03-13T10:45:58Z DEBUG Starting external process
>> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl is-enabled ntpd.service
>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=1
>> 2015-03-13T10:45:58Z DEBUG stdout=disabled
>>
>> 2015-03-13T10:45:58Z DEBUG stderr=
>> 2015-03-13T10:45:58Z DEBUG Saving StateFile to
>> '/var/lib/ipa/sysrestore/sysrestore.state'
>> 2015-03-13T10:45:58Z DEBUG Starting external process
>> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl enable ntpd.service
>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0
>> 2015-03-13T10:45:58Z DEBUG stdout=
>> 2015-03-13T10:45:58Z DEBUG stderr=ln -s
>> '/usr/lib/systemd/system/ntpd.service'
>> '/etc/systemd/system/multi-user.target.wants/ntpd.service'
>>
>> 2015-03-13T10:45:58Z DEBUG   duration: 0 seconds
>> 2015-03-13T10:45:58Z DEBUG   [4/4]: starting ntpd
>> 2015-03-13T10:45:58Z DEBUG Starting external process
>> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl start ntpd.service
>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0
>> 2015-03-13T10:45:58Z DEBUG stdout=
>> 2015-03-13T10:45:58Z DEBUG stderr=
>> 2015-03-13T10:45:58Z DEBUG Starting external process
>> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl is-active ntpd.service
>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0
>> 2015-03-13T10:45:58Z DEBUG stdout=active
>>
>> 2015-03-13T10:45:58Z DEBUG stderr=
>> 2015-03-13T10:45:58Z DEBUG   duration: 0 seconds
>> 2015-03-13T10:45:58Z DEBUG Done configuring NTP daemon (ntpd).
>> 2015-03-13T10:45:58Z DEBUG Loading StateFile from
>> '/var/lib/ipa/sysrestore/sysrestore.state'
>> 2015-03-13T10:45:58Z DEBUG Configuring directory server (dirsrv):
>> Estimated time 1 minute
>> 2015-03-13T10:45:58Z DEBUG   [1/38]: creating directory server user
>> 2015-03-13T10:45:58Z DEBUG Adding DS user dirsrv
>> 2015-03-13T10:45:58Z DEBUG Starting external process
>> 2015-03-13T10:45:58Z DEBUG args=/usr/sbin/useradd -g dirsrv -c DS System
>> User -d /var/lib/dirsrv -s /sbin/nologin -M -r dirsrv
>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0
>> 2015-03-13T10:45:58Z DEBUG stdout=
>> 2015-03-13T10:45:58Z DEBUG stderr=
>> 2015-03-13T10:45:58Z DEBUG Done adding DS user
>> 2015-03-13T10:45:58Z DEBUG   duration: 0 seconds
>> 2015-03-13T10:45:58Z DEBUG   [2/38]: creating directory server instance
>> 2015-03-13T10:45:58Z DEBUG Saving StateFile to
>> '/var/lib/ipa/sysrestore/sysrestore.state'
>> 2015-03-13T10:45:58Z DEBUG Backing up system configuration file
>> '/etc/sysconfig/dirsrv'
>> 2015-03-13T10:45:58Z DEBUG Saving Index File to
>> '/var/lib/ipa/sysrestore/sysrestore.index'
>> 2015-03-13T10:45:58Z DEBUG
>> dn: dc=cloud,dc=domain,dc=de
>> objectClass: top
>> objectClass: domain
>> objectClass: pilotObject
>> dc: cloud
>> info: IPA V2.0
>>
>> 2015-03-13T10:45:58Z DEBUG writing inf template
>> 2015-03-13T10:45:58Z DEBUG
>> [General]
>> FullMachineName=   freeipa-2.cloud.domain.de
>> SuiteSpotUserID=   dirsrv
>> SuiteSpotGroup=    dirsrv
>> ServerRoot=    /usr/lib64/dirsrv
>> [slapd]
>> ServerPort=   389
>> ServerIdentifier=   CLOUD-DOMAIN-DE
>> Suffix=   dc=cloud,dc=domain,dc=de
>> RootDN=   cn=Directory Manager
>> InstallLdifFile= /var/lib/dirsrv/boot.ldif
>> inst_dir=   /var/lib/dirsrv/scripts-CLOUD-DOMAIN-DE
>>
>> 2015-03-13T10:45:58Z DEBUG calling setup-ds.pl
>> 2015-03-13T10:45:58Z DEBUG Starting external process
>> 2015-03-13T10:45:58Z DEBUG args=/usr/sbin/setup-ds.pl --silent --logfile
>> - -f /tmp/tmp5witgD
>> 2015-03-13T10:45:59Z DEBUG Process finished, return code=1
>> 2015-03-13T10:45:59Z DEBUG stdout=[15/03/13:10:45:59] - [Setup] Info
>> Could not import LDIF file '/var/lib/dirsrv/boot.ldif'.  Error: 256.
>> Output: importing data ...
>> [13/Mar/2015:10:45:59 +0000] - Error - Unable to create
>> /var/lock/dirsrv/slapd-CLOUD-DOMAIN-DE/imports, Netscape Portable Runtime
>> error -5966 (Access Denied.)
>> [13/Mar/2015:10:45:59 +0000] - Shutting down due to possible conflicts
>> with other slapd processes
>>
>> Could not import LDIF file '/var/lib/dirsrv/boot.ldif'.  Error: 256.
>> Output: importing data ...
>> [13/Mar/2015:10:45:59 +0000] - Error - Unable to create
>> /var/lock/dirsrv/slapd-CLOUD-DOMAIN-DE/imports, Netscape Portable Runtime
>> error -5966 (Access Denied.)
>> [13/Mar/2015:10:45:59 +0000] - Shutting down due to possible conflicts
>> with other slapd processes
>>
>> [15/03/13:10:45:59] - [Setup] Fatal Error: Could not create directory
>> server instance 'CLOUD-DOMAIN-DE'.
>> Error: Could not create directory server instance 'CLOUD-DOMAIN-DE'.
>> [15/03/13:10:45:59] - [Setup] Fatal Exiting . . .
>> Log file is '-'
>>
>> Exiting . . .
>> Log file is '-'
>>
>>
>> 2015-03-13T10:45:59Z DEBUG stderr=
>> 2015-03-13T10:45:59Z CRITICAL failed to create ds instance Command
>> '/usr/sbin/setup-ds.pl --silent --logfile - -f /tmp/tmp5witgD' returned
>> non-zero exit status 1
>> 2015-03-13T10:45:59Z DEBUG restarting ds instance
>> 2015-03-13T10:45:59Z DEBUG Starting external process
>> 2015-03-13T10:45:59Z DEBUG args=/bin/systemctl --system daemon-reload
>> 2015-03-13T10:45:59Z DEBUG Process finished, return code=0
>> 2015-03-13T10:45:59Z DEBUG stdout=
>> 2015-03-13T10:45:59Z DEBUG stderr=
>> 2015-03-13T10:45:59Z DEBUG Starting external process
>> 2015-03-13T10:45:59Z DEBUG args=/bin/systemctl restart
>> dirsrv at CLOUD-DOMAIN-DE.service
>> 2015-03-13T10:45:59Z DEBUG Process finished, return code=0
>> 2015-03-13T10:45:59Z DEBUG stdout=
>> 2015-03-13T10:45:59Z DEBUG stderr=
>> 2015-03-13T10:45:59Z DEBUG Starting external process
>> 2015-03-13T10:45:59Z DEBUG args=/bin/systemctl is-active
>> dirsrv at CLOUD-DOMAIN-DE.service
>> 2015-03-13T10:45:59Z DEBUG Process finished, return code=0
>> 2015-03-13T10:45:59Z DEBUG stdout=active
>>
>> 2015-03-13T10:45:59Z DEBUG stderr=
>> 2015-03-13T10:45:59Z DEBUG wait_for_open_ports: localhost [389] timeout
>> 300
>> 2015-03-13T10:50:59Z CRITICAL Failed to restart the directory server ().
>> See the installation log for details.
>> 2015-03-13T10:50:59Z DEBUG done restarting ds instance
>> 2015-03-13T10:50:59Z DEBUG   duration: 301 seconds
>> 2015-03-13T10:50:59Z DEBUG   [3/38]: adding default schema
>> 2015-03-13T10:50:59Z DEBUG   duration: 0 seconds
>> 2015-03-13T10:50:59Z DEBUG   [4/38]: enabling memberof plugin
>> 2015-03-13T10:50:59Z DEBUG wait_for_open_ports: freeipa-2.cloud.domain.de
>> [389] timeout 10
>> 2015-03-13T10:51:09Z DEBUG Could not connect to the Directory Server on
>> freeipa-2.cloud.domain.de:
>> 2015-03-13T10:51:09Z DEBUG   File
>> "/usr/lib/python2.7/site-packages/ipaserver/install/installutils.py", line
>> 638, in run_script
>>     return_value = main_function()
>>
>>   File "/usr/sbin/ipa-server-install", line 1059, in main
>>     hbac_allow=not options.hbac_allow)
>>
>>   File
>> "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py", line
>> 323, in create_instance
>>     self.start_creation(runtime=60)
>>
>>   File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
>> line 364, in start_creation
>>     method()
>>
>>   File
>> "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py", line
>> 501, in __add_memberof_module
>>     self._ldap_mod("memberof-conf.ldif")
>>
>>   File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
>> line 152, in _ldap_mod
>>     self.ldap_connect()
>>
>>   File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
>> line 99, in ldap_connect
>>     conn.do_simple_bind(bindpw=self.dm_password)
>>
>>   File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line
>> 1735, in do_simple_bind
>>     self.__bind_with_wait(self.conn.simple_bind_s, timeout, binddn,
>> bindpw)
>>
>>   File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line
>> 1730, in __bind_with_wait
>>     self.__wait_for_connection(timeout)
>>
>>   File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line
>> 1719, in __wait_for_connection
>>     wait_for_open_ports(host, int(port), timeout)
>>
>>   File "/usr/lib/python2.7/site-packages/ipapython/ipautil.py", line
>> 1096, in wait_for_open_ports
>>     raise socket.timeout()
>>
>> 2015-03-13T10:51:09Z DEBUG The ipa-server-install command failed,
>> exception: timeout:
>>
>> --
>> Manage your subscription for the Freeipa-users mailing list:
>> https://www.redhat.com/mailman/listinfo/freeipa-users
>> Go to http://freeipa.org for more info on the project
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150313/7e938579/attachment.htm>

More information about the Freeipa-users mailing list