[Freeipa-users] Saltstack and ipa-install on Centos7 failing
Martin Kosek
mkosek at redhat.com
Tue Mar 17 07:31:14 UTC 2015
Looks like a bug, yes. I am just not sure whether in missing Saltstack SELinux
module or the actual SELinux policy. You can try filing a bug to SELinux policy.
Looking at SaltStack Troubleshooting guide, would switching to rpm_script_t help?
http://docs.saltstack.com/en/latest/topics/troubleshooting/#salt-and-selinux
On 03/16/2015 05:21 PM, Andrew Holway wrote:
> Hi,
>
> I think this is perhaps a bug?
>
> Thanks,
>
> Andrew
>
> On 13 March 2015 at 15:55, Andrew Holway <andrew.holway at gmail.com> wrote:
>
>>
>>
>> On 13 March 2015 at 15:33, Michael Lasevich <mlasevich at gmail.com> wrote:
>>
>>> Is SELinux on?
>>>
>> Yes,
>>
>> ipa-server-install is running in the initrc_t domain but I guess its set
>> up to run unconfined
>>
>>
>> ps -Z with ipa-server-install run from salt-stack :
>>
>> system_u:system_r:init_t:s0 root 1568 0.0 1.4 231308 14652 ?
>> Ss 14:31 0:00 /bin/python2 /usr/bin/salt-minion
>>
>> system_u:system_r:initrc_t:s0 root 3101 1.0 4.8 222004 49232 ?
>> S 14:47 0:01 /usr/bin/python -E /usr/sbin/ipa-server-install
>>
>> ps -Z with ipa-server-install run from console :
>>
>> unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 root 4503 23.7 4.8
>> 323356 48860 pts/1 S+ 14:53 0:00 /usr/bin/python -E
>> /sbin/ipa-server-install
>>
>>
>> On Mar 13, 2015 7:46 AM, "Andrew Holway" <andrew.holway at gmail.com> wrote:
>>>
>>>> Hallo
>>>>
>>>> I have a quite odd situation. I am using saltstack to set up freeipa
>>>> servers on Centos 7 but I am getting the following error:
>>>>
>>>> failed to create ds instance Command '/usr/sbin/setup-ds.pl --silent
>>>> --logfile - -f /tmp/tmp5witgD' returned non-zero exit status 1
>>>>
>>>> Saltstack outputs the command it is trying to run:
>>>>
>>>> ipa-server-install -a password --realm CLOUD.DOMAIN.DE -P password -p
>>>> password -n cloud.domain.de --setup-dns --unattended --no-forwarders
>>>>
>>>> However if I run this command manually on a clean machine it works fine.
>>>>
>>>> It works on Centos 6.
>>>>
>>>>
>>>>
>>>> I see this in the slapd error log:
>>>>
>>>> [root at freeipa-2 slapd-CLOUD-NATIVE-INSTRUMENTS-DE]# cat errors
>>>> 389-Directory/1.3.1.6 B2014.219.1825
>>>> freeipa-2.cloud.native-instruments.de:389
>>>> (/etc/dirsrv/slapd-CLOUD-NATIVE-INSTRUMENTS-DE)
>>>>
>>>> [13/Mar/2015:10:45:59 +0000] - Error - Unable to create
>>>> /var/lock/dirsrv/slapd-CLOUD-NATIVE-INSTRUMENTS-DE/imports, Netscape
>>>> Portable Runtime error -5966 (Access Denied.)
>>>> [13/Mar/2015:10:45:59 +0000] - Shutting down due to possible conflicts
>>>> with other slapd processes
>>>> [13/Mar/2015:10:45:59 +0000] - Error - Unable to create
>>>> /var/lock/dirsrv/slapd-CLOUD-NATIVE-INSTRUMENTS-DE/imports, Netscape
>>>> Portable Runtime error -5966 (Access Denied.)
>>>> [13/Mar/2015:10:45:59 +0000] - Shutting down due to possible conflicts
>>>> with other slapd processes
>>>> [root at freeipa-2 slapd-CLOUD-NATIVE-INSTRUMENTS-DE]# cat errors | sed
>>>> s/NATIVE-INSTRUMENTS/DOMAIN/g
>>>> 389-Directory/1.3.1.6 B2014.219.1825
>>>> freeipa-2.cloud.native-instruments.de:389
>>>> (/etc/dirsrv/slapd-CLOUD-DOMAIN-DE)
>>>>
>>>> [13/Mar/2015:10:45:59 +0000] - Error - Unable to create
>>>> /var/lock/dirsrv/slapd-CLOUD-DOMAIN-DE/imports, Netscape Portable Runtime
>>>> error -5966 (Access Denied.)
>>>> [13/Mar/2015:10:45:59 +0000] - Shutting down due to possible conflicts
>>>> with other slapd processes
>>>> [13/Mar/2015:10:45:59 +0000] - Error - Unable to create
>>>> /var/lock/dirsrv/slapd-CLOUD-DOMAIN-DE/imports, Netscape Portable Runtime
>>>> error -5966 (Access Denied.)
>>>> [13/Mar/2015:10:45:59 +0000] - Shutting down due to possible conflicts
>>>> with other slapd processes
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> ipaserver-install.log
>>>>
>>>> 015-03-13T10:45:57Z DEBUG Loading StateFile from
>>>> '/var/lib/ipa/sysrestore/sysrestore.state'
>>>> 2015-03-13T10:45:57Z DEBUG Loading Index file from
>>>> '/var/lib/ipa/sysrestore/sysrestore.index'
>>>> 2015-03-13T10:45:57Z DEBUG httpd is not configured
>>>> 2015-03-13T10:45:57Z DEBUG kadmin is not configured
>>>> 2015-03-13T10:45:57Z DEBUG dirsrv is not configured
>>>> 2015-03-13T10:45:57Z DEBUG pki-cad is not configured
>>>> 2015-03-13T10:45:57Z DEBUG pki-tomcatd is not configured
>>>> 2015-03-13T10:45:57Z DEBUG install is not configured
>>>> 2015-03-13T10:45:57Z DEBUG krb5kdc is not configured
>>>> 2015-03-13T10:45:57Z DEBUG ntpd is not configured
>>>> 2015-03-13T10:45:57Z DEBUG named is not configured
>>>> 2015-03-13T10:45:57Z DEBUG ipa_memcached is not configured
>>>> 2015-03-13T10:45:57Z DEBUG filestore is tracking no files
>>>> 2015-03-13T10:45:57Z DEBUG Loading Index file from
>>>> '/var/lib/ipa-client/sysrestore/sysrestore.index'
>>>> 2015-03-13T10:45:57Z DEBUG /usr/sbin/ipa-server-install was invoked with
>>>> options: {'reverse_zone': None, 'mkhomedir': False, 'create_sshfp': True,
>>>> 'conf_sshd': True, 'conf_ntp': True, 'subject': None, 'no_forwarders':
>>>> True, 'ui_redirect': True, 'domain_name': 'cloud.domain.de', 'idmax':
>>>> 0, 'hbac_allow': False, 'no_reverse': False, 'dirsrv_pkcs12': None,
>>>> 'unattended': True, 'trust_sshfp': False, 'external_ca_file': None,
>>>> 'no_host_dns': False, 'http_pkcs12': None, 'realm_name': '
>>>> CLOUD.DOMAIN.DE', 'forwarders': None, 'idstart': 1544400000,
>>>> 'external_ca': False, 'ip_address': None, 'conf_ssh': True, 'zonemgr':
>>>> None, 'root_ca_file': None, 'setup_dns': True, 'host_name': None, 'debug':
>>>> False, 'external_cert_file': None, 'uninstall': False}
>>>> 2015-03-13T10:45:57Z DEBUG missing options might be asked for
>>>> interactively later
>>>>
>>>> 2015-03-13T10:45:57Z DEBUG Loading Index file from
>>>> '/var/lib/ipa/sysrestore/sysrestore.index'
>>>> 2015-03-13T10:45:57Z DEBUG Loading StateFile from
>>>> '/var/lib/ipa/sysrestore/sysrestore.state'
>>>> 2015-03-13T10:45:57Z DEBUG Starting external process
>>>> 2015-03-13T10:45:57Z DEBUG args=/bin/systemctl is-enabled chronyd.service
>>>> 2015-03-13T10:45:57Z DEBUG Process finished, return code=0
>>>> 2015-03-13T10:45:57Z DEBUG stdout=enabled
>>>>
>>>> 2015-03-13T10:45:57Z DEBUG stderr=
>>>> 2015-03-13T10:45:57Z DEBUG Starting external process
>>>> 2015-03-13T10:45:57Z DEBUG args=/usr/sbin/httpd -t -D DUMP_VHOSTS
>>>> 2015-03-13T10:45:57Z DEBUG Process finished, return code=0
>>>> 2015-03-13T10:45:57Z DEBUG stdout=VirtualHost configuration:
>>>> *:8443 is a NameVirtualHost
>>>> default server freeipa-2.cloud.domain.de
>>>> (/etc/httpd/conf.d/nss.conf:86)
>>>> port 8443 namevhost freeipa-2.cloud.domain.de
>>>> (/etc/httpd/conf.d/nss.conf:86)
>>>> port 8443 namevhost freeipa-2.cloud.domain.de
>>>> (/etc/httpd/conf.d/nss.conf:86)
>>>>
>>>> 2015-03-13T10:45:57Z DEBUG stderr=
>>>> 2015-03-13T10:45:57Z DEBUG Check if freeipa-2.cloud.domain.de is a
>>>> primary hostname for localhost
>>>> 2015-03-13T10:45:57Z DEBUG Primary hostname for localhost:
>>>> freeipa-2.cloud.domain.de
>>>> 2015-03-13T10:45:57Z DEBUG will use host_name: freeipa-2.cloud.domain.de
>>>>
>>>> 2015-03-13T10:45:57Z DEBUG Starting external process
>>>> 2015-03-13T10:45:57Z DEBUG args=/sbin/ip -family inet -oneline address
>>>> show
>>>> 2015-03-13T10:45:57Z DEBUG Process finished, return code=0
>>>> 2015-03-13T10:45:57Z DEBUG stdout=1: lo inet 127.0.0.1/8 scope host
>>>> lo\ valid_lft forever preferred_lft forever
>>>> 2: eth0 inet 10.16.1.100/24 brd 10.16.1.255 scope global dynamic
>>>> eth0\ valid_lft 2770sec preferred_lft 2770sec
>>>>
>>>> 2015-03-13T10:45:57Z DEBUG stderr=
>>>> 2015-03-13T10:45:57Z DEBUG will use dns_forwarders: ()
>>>>
>>>> 2015-03-13T10:45:57Z DEBUG importing all plugin modules in
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins'...
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/aci.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/automember.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/automount.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/baseldap.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/batch.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/cert.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/config.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/delegation.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/dns.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/group.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/hbacrule.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/hbacsvc.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/hbacsvcgroup.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/hbactest.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/host.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/hostgroup.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/idrange.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/internal.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/kerberos.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/krbtpolicy.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/migration.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/misc.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/netgroup.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/passwd.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/permission.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/ping.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/pkinit.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/privilege.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/pwpolicy.py'
>>>> 2015-03-13T10:45:57Z DEBUG Starting external process
>>>> 2015-03-13T10:45:57Z DEBUG args=klist -V
>>>> 2015-03-13T10:45:57Z DEBUG Process finished, return code=0
>>>> 2015-03-13T10:45:57Z DEBUG stdout=Kerberos 5 version 1.11.3
>>>>
>>>> 2015-03-13T10:45:57Z DEBUG stderr=
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/realmdomains.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/role.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/selfservice.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/selinuxusermap.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/service.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/sudocmd.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/sudocmdgroup.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/sudorule.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/trust.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/user.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/virtual.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/xmlclient.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing all plugin modules in
>>>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins'...
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/adtrust.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/baseupdate.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/dns.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/fix_replica_agreements.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/rename_managed.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/update_anonymous_aci.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/update_idranges.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/update_pacs.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/update_services.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/updateclient.py'
>>>> 2015-03-13T10:45:57Z DEBUG importing plugin module
>>>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/upload_cacrt.py'
>>>> 2015-03-13T10:45:58Z DEBUG Adding DS group dirsrv
>>>> 2015-03-13T10:45:58Z DEBUG Starting external process
>>>> 2015-03-13T10:45:58Z DEBUG args=/usr/sbin/groupadd -r dirsrv
>>>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0
>>>> 2015-03-13T10:45:58Z DEBUG stdout=
>>>> 2015-03-13T10:45:58Z DEBUG stderr=
>>>> 2015-03-13T10:45:58Z DEBUG Done adding DS group
>>>> 2015-03-13T10:45:58Z DEBUG Starting external process
>>>> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl is-enabled chronyd.service
>>>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0
>>>> 2015-03-13T10:45:58Z DEBUG stdout=enabled
>>>>
>>>> 2015-03-13T10:45:58Z DEBUG stderr=
>>>> 2015-03-13T10:45:58Z DEBUG Starting external process
>>>> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl is-active chronyd.service
>>>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0
>>>> 2015-03-13T10:45:58Z DEBUG stdout=active
>>>>
>>>> 2015-03-13T10:45:58Z DEBUG stderr=
>>>> 2015-03-13T10:45:58Z DEBUG Saving StateFile to
>>>> '/var/lib/ipa/sysrestore/sysrestore.state'
>>>> 2015-03-13T10:45:58Z DEBUG Saving StateFile to
>>>> '/var/lib/ipa/sysrestore/sysrestore.state'
>>>> 2015-03-13T10:45:58Z DEBUG Starting external process
>>>> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl stop chronyd.service
>>>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0
>>>> 2015-03-13T10:45:58Z DEBUG stdout=
>>>> 2015-03-13T10:45:58Z DEBUG stderr=
>>>> 2015-03-13T10:45:58Z DEBUG Starting external process
>>>> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl disable chronyd.service
>>>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0
>>>> 2015-03-13T10:45:58Z DEBUG stdout=
>>>> 2015-03-13T10:45:58Z DEBUG stderr=rm
>>>> '/etc/systemd/system/multi-user.target.wants/chronyd.service'
>>>>
>>>> 2015-03-13T10:45:58Z DEBUG Loading StateFile from
>>>> '/var/lib/ipa/sysrestore/sysrestore.state'
>>>> 2015-03-13T10:45:58Z DEBUG Configuring NTP daemon (ntpd)
>>>> 2015-03-13T10:45:58Z DEBUG [1/4]: stopping ntpd
>>>> 2015-03-13T10:45:58Z DEBUG Starting external process
>>>> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl is-active ntpd.service
>>>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=3
>>>> 2015-03-13T10:45:58Z DEBUG stdout=unknown
>>>>
>>>> 2015-03-13T10:45:58Z DEBUG stderr=
>>>> 2015-03-13T10:45:58Z DEBUG Saving StateFile to
>>>> '/var/lib/ipa/sysrestore/sysrestore.state'
>>>> 2015-03-13T10:45:58Z DEBUG Starting external process
>>>> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl stop ntpd.service
>>>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0
>>>> 2015-03-13T10:45:58Z DEBUG stdout=
>>>> 2015-03-13T10:45:58Z DEBUG stderr=
>>>> 2015-03-13T10:45:58Z DEBUG duration: 0 seconds
>>>> 2015-03-13T10:45:58Z DEBUG [2/4]: writing configuration
>>>> 2015-03-13T10:45:58Z DEBUG Backing up system configuration file
>>>> '/etc/ntp.conf'
>>>> 2015-03-13T10:45:58Z DEBUG Saving Index File to
>>>> '/var/lib/ipa/sysrestore/sysrestore.index'
>>>> 2015-03-13T10:45:58Z DEBUG Backing up system configuration file
>>>> '/etc/sysconfig/ntpd'
>>>> 2015-03-13T10:45:58Z DEBUG Saving Index File to
>>>> '/var/lib/ipa/sysrestore/sysrestore.index'
>>>> 2015-03-13T10:45:58Z DEBUG duration: 0 seconds
>>>> 2015-03-13T10:45:58Z DEBUG [3/4]: configuring ntpd to start on boot
>>>> 2015-03-13T10:45:58Z DEBUG Starting external process
>>>> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl is-enabled ntpd.service
>>>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=1
>>>> 2015-03-13T10:45:58Z DEBUG stdout=disabled
>>>>
>>>> 2015-03-13T10:45:58Z DEBUG stderr=
>>>> 2015-03-13T10:45:58Z DEBUG Saving StateFile to
>>>> '/var/lib/ipa/sysrestore/sysrestore.state'
>>>> 2015-03-13T10:45:58Z DEBUG Starting external process
>>>> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl enable ntpd.service
>>>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0
>>>> 2015-03-13T10:45:58Z DEBUG stdout=
>>>> 2015-03-13T10:45:58Z DEBUG stderr=ln -s
>>>> '/usr/lib/systemd/system/ntpd.service'
>>>> '/etc/systemd/system/multi-user.target.wants/ntpd.service'
>>>>
>>>> 2015-03-13T10:45:58Z DEBUG duration: 0 seconds
>>>> 2015-03-13T10:45:58Z DEBUG [4/4]: starting ntpd
>>>> 2015-03-13T10:45:58Z DEBUG Starting external process
>>>> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl start ntpd.service
>>>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0
>>>> 2015-03-13T10:45:58Z DEBUG stdout=
>>>> 2015-03-13T10:45:58Z DEBUG stderr=
>>>> 2015-03-13T10:45:58Z DEBUG Starting external process
>>>> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl is-active ntpd.service
>>>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0
>>>> 2015-03-13T10:45:58Z DEBUG stdout=active
>>>>
>>>> 2015-03-13T10:45:58Z DEBUG stderr=
>>>> 2015-03-13T10:45:58Z DEBUG duration: 0 seconds
>>>> 2015-03-13T10:45:58Z DEBUG Done configuring NTP daemon (ntpd).
>>>> 2015-03-13T10:45:58Z DEBUG Loading StateFile from
>>>> '/var/lib/ipa/sysrestore/sysrestore.state'
>>>> 2015-03-13T10:45:58Z DEBUG Configuring directory server (dirsrv):
>>>> Estimated time 1 minute
>>>> 2015-03-13T10:45:58Z DEBUG [1/38]: creating directory server user
>>>> 2015-03-13T10:45:58Z DEBUG Adding DS user dirsrv
>>>> 2015-03-13T10:45:58Z DEBUG Starting external process
>>>> 2015-03-13T10:45:58Z DEBUG args=/usr/sbin/useradd -g dirsrv -c DS System
>>>> User -d /var/lib/dirsrv -s /sbin/nologin -M -r dirsrv
>>>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0
>>>> 2015-03-13T10:45:58Z DEBUG stdout=
>>>> 2015-03-13T10:45:58Z DEBUG stderr=
>>>> 2015-03-13T10:45:58Z DEBUG Done adding DS user
>>>> 2015-03-13T10:45:58Z DEBUG duration: 0 seconds
>>>> 2015-03-13T10:45:58Z DEBUG [2/38]: creating directory server instance
>>>> 2015-03-13T10:45:58Z DEBUG Saving StateFile to
>>>> '/var/lib/ipa/sysrestore/sysrestore.state'
>>>> 2015-03-13T10:45:58Z DEBUG Backing up system configuration file
>>>> '/etc/sysconfig/dirsrv'
>>>> 2015-03-13T10:45:58Z DEBUG Saving Index File to
>>>> '/var/lib/ipa/sysrestore/sysrestore.index'
>>>> 2015-03-13T10:45:58Z DEBUG
>>>> dn: dc=cloud,dc=domain,dc=de
>>>> objectClass: top
>>>> objectClass: domain
>>>> objectClass: pilotObject
>>>> dc: cloud
>>>> info: IPA V2.0
>>>>
>>>> 2015-03-13T10:45:58Z DEBUG writing inf template
>>>> 2015-03-13T10:45:58Z DEBUG
>>>> [General]
>>>> FullMachineName= freeipa-2.cloud.domain.de
>>>> SuiteSpotUserID= dirsrv
>>>> SuiteSpotGroup= dirsrv
>>>> ServerRoot= /usr/lib64/dirsrv
>>>> [slapd]
>>>> ServerPort= 389
>>>> ServerIdentifier= CLOUD-DOMAIN-DE
>>>> Suffix= dc=cloud,dc=domain,dc=de
>>>> RootDN= cn=Directory Manager
>>>> InstallLdifFile= /var/lib/dirsrv/boot.ldif
>>>> inst_dir= /var/lib/dirsrv/scripts-CLOUD-DOMAIN-DE
>>>>
>>>> 2015-03-13T10:45:58Z DEBUG calling setup-ds.pl
>>>> 2015-03-13T10:45:58Z DEBUG Starting external process
>>>> 2015-03-13T10:45:58Z DEBUG args=/usr/sbin/setup-ds.pl --silent
>>>> --logfile - -f /tmp/tmp5witgD
>>>> 2015-03-13T10:45:59Z DEBUG Process finished, return code=1
>>>> 2015-03-13T10:45:59Z DEBUG stdout=[15/03/13:10:45:59] - [Setup] Info
>>>> Could not import LDIF file '/var/lib/dirsrv/boot.ldif'. Error: 256.
>>>> Output: importing data ...
>>>> [13/Mar/2015:10:45:59 +0000] - Error - Unable to create
>>>> /var/lock/dirsrv/slapd-CLOUD-DOMAIN-DE/imports, Netscape Portable Runtime
>>>> error -5966 (Access Denied.)
>>>> [13/Mar/2015:10:45:59 +0000] - Shutting down due to possible conflicts
>>>> with other slapd processes
>>>>
>>>> Could not import LDIF file '/var/lib/dirsrv/boot.ldif'. Error: 256.
>>>> Output: importing data ...
>>>> [13/Mar/2015:10:45:59 +0000] - Error - Unable to create
>>>> /var/lock/dirsrv/slapd-CLOUD-DOMAIN-DE/imports, Netscape Portable Runtime
>>>> error -5966 (Access Denied.)
>>>> [13/Mar/2015:10:45:59 +0000] - Shutting down due to possible conflicts
>>>> with other slapd processes
>>>>
>>>> [15/03/13:10:45:59] - [Setup] Fatal Error: Could not create directory
>>>> server instance 'CLOUD-DOMAIN-DE'.
>>>> Error: Could not create directory server instance 'CLOUD-DOMAIN-DE'.
>>>> [15/03/13:10:45:59] - [Setup] Fatal Exiting . . .
>>>> Log file is '-'
>>>>
>>>> Exiting . . .
>>>> Log file is '-'
>>>>
>>>>
>>>> 2015-03-13T10:45:59Z DEBUG stderr=
>>>> 2015-03-13T10:45:59Z CRITICAL failed to create ds instance Command
>>>> '/usr/sbin/setup-ds.pl --silent --logfile - -f /tmp/tmp5witgD' returned
>>>> non-zero exit status 1
>>>> 2015-03-13T10:45:59Z DEBUG restarting ds instance
>>>> 2015-03-13T10:45:59Z DEBUG Starting external process
>>>> 2015-03-13T10:45:59Z DEBUG args=/bin/systemctl --system daemon-reload
>>>> 2015-03-13T10:45:59Z DEBUG Process finished, return code=0
>>>> 2015-03-13T10:45:59Z DEBUG stdout=
>>>> 2015-03-13T10:45:59Z DEBUG stderr=
>>>> 2015-03-13T10:45:59Z DEBUG Starting external process
>>>> 2015-03-13T10:45:59Z DEBUG args=/bin/systemctl restart
>>>> dirsrv at CLOUD-DOMAIN-DE.service
>>>> 2015-03-13T10:45:59Z DEBUG Process finished, return code=0
>>>> 2015-03-13T10:45:59Z DEBUG stdout=
>>>> 2015-03-13T10:45:59Z DEBUG stderr=
>>>> 2015-03-13T10:45:59Z DEBUG Starting external process
>>>> 2015-03-13T10:45:59Z DEBUG args=/bin/systemctl is-active
>>>> dirsrv at CLOUD-DOMAIN-DE.service
>>>> 2015-03-13T10:45:59Z DEBUG Process finished, return code=0
>>>> 2015-03-13T10:45:59Z DEBUG stdout=active
>>>>
>>>> 2015-03-13T10:45:59Z DEBUG stderr=
>>>> 2015-03-13T10:45:59Z DEBUG wait_for_open_ports: localhost [389] timeout
>>>> 300
>>>> 2015-03-13T10:50:59Z CRITICAL Failed to restart the directory server ().
>>>> See the installation log for details.
>>>> 2015-03-13T10:50:59Z DEBUG done restarting ds instance
>>>> 2015-03-13T10:50:59Z DEBUG duration: 301 seconds
>>>> 2015-03-13T10:50:59Z DEBUG [3/38]: adding default schema
>>>> 2015-03-13T10:50:59Z DEBUG duration: 0 seconds
>>>> 2015-03-13T10:50:59Z DEBUG [4/38]: enabling memberof plugin
>>>> 2015-03-13T10:50:59Z DEBUG wait_for_open_ports:
>>>> freeipa-2.cloud.domain.de [389] timeout 10
>>>> 2015-03-13T10:51:09Z DEBUG Could not connect to the Directory Server on
>>>> freeipa-2.cloud.domain.de:
>>>> 2015-03-13T10:51:09Z DEBUG File
>>>> "/usr/lib/python2.7/site-packages/ipaserver/install/installutils.py", line
>>>> 638, in run_script
>>>> return_value = main_function()
>>>>
>>>> File "/usr/sbin/ipa-server-install", line 1059, in main
>>>> hbac_allow=not options.hbac_allow)
>>>>
>>>> File
>>>> "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py", line
>>>> 323, in create_instance
>>>> self.start_creation(runtime=60)
>>>>
>>>> File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
>>>> line 364, in start_creation
>>>> method()
>>>>
>>>> File
>>>> "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py", line
>>>> 501, in __add_memberof_module
>>>> self._ldap_mod("memberof-conf.ldif")
>>>>
>>>> File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
>>>> line 152, in _ldap_mod
>>>> self.ldap_connect()
>>>>
>>>> File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
>>>> line 99, in ldap_connect
>>>> conn.do_simple_bind(bindpw=self.dm_password)
>>>>
>>>> File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line
>>>> 1735, in do_simple_bind
>>>> self.__bind_with_wait(self.conn.simple_bind_s, timeout, binddn,
>>>> bindpw)
>>>>
>>>> File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line
>>>> 1730, in __bind_with_wait
>>>> self.__wait_for_connection(timeout)
>>>>
>>>> File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line
>>>> 1719, in __wait_for_connection
>>>> wait_for_open_ports(host, int(port), timeout)
>>>>
>>>> File "/usr/lib/python2.7/site-packages/ipapython/ipautil.py", line
>>>> 1096, in wait_for_open_ports
>>>> raise socket.timeout()
>>>>
>>>> 2015-03-13T10:51:09Z DEBUG The ipa-server-install command failed,
>>>> exception: timeout:
>>>>
>>>> --
>>>> Manage your subscription for the Freeipa-users mailing list:
>>>> https://www.redhat.com/mailman/listinfo/freeipa-users
>>>> Go to http://freeipa.org for more info on the project
>>>>
>>>
>>
>
>
>
More information about the Freeipa-users
mailing list