[Freeipa-users] Problem to install FreeIPA Server 3.0 on a RedHat 6.4

bahan w bahanw042014 at gmail.com
Fri May 29 16:56:10 UTC 2015 

Hm.

@Jakub :
I cannot upgrade, because I am not the hosting provider managing this VM
unfortunately.
I need to make it work with RHEL 6.4.

@Sam :
Selinux is deactivated :

cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX=disabled
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
#       targeted - Only targeted network daemons are protected.
#       strict - Full SELinux protection.
SELINUXTYPE=targeted

Best regards.

Bahan


On Fri, May 29, 2015 at 6:39 PM, <sam at zy.io> wrote:

> Seem to be a fair few things implicating selinux there.
>
> Have you got it set to enforcing mode? If so, have you set any particular
> policy that may be angered by this?
>
> Sam
>
>
> May 29 2015 5:37 PM, "bahan w" <bahanw042014 at gmail.com
> <%22bahan%20w%22%20%3Cbahanw042014 at gmail.com%3E>> wrote:
>
> Hello everyone.
>
> I send you this mail because I have a problem with the installation of
> FreeIPA Server 3.0 on a VM running on RHEL 6.4.
>
> First, when I performed the yum install ipa-server, I got an error but the
> installation finished finally with a complete.
> Here it is :
>
> ############################
>
> ===========================================================================================================================================================================================================
> Install 4 Package(s)
>
> Total download size: 1.4 M
> Installed size: 4.6 M
> Is this ok [y/N]: y
> Downloading Packages:
> (1/4): ipa-admintools-3.0.0-42.el6.x86_64.rpm | 67 kB 00:00
> (2/4): ipa-client-3.0.0-42.el6.x86_64.rpm | 145 kB 00:00
> (3/4): ipa-server-3.0.0-42.el6.x86_64.rpm | 1.1 MB 00:00
> (4/4): ipa-server-selinux-3.0.0-42.el6.x86_64.rpm | 66 kB 00:00
>
> -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
> Total 7.3 MB/s | 1.4 MB 00:00
> Total 7.3 MB/s | 1.4 MB 00:00
> Running rpm_check_debug
> Running Transaction Test
> Transaction Test Succeeded
> Running Transaction
> Installing : ipa-client-3.0.0-42.el6.x86_64 1/4
> Installing : ipa-admintools-3.0.0-42.el6.x86_64 2/4
> Installing : ipa-server-3.0.0-42.el6.x86_64 3/4
> Installing : ipa-server-selinux-3.0.0-42.el6.x86_64 4/4
> libsepol.print_missing_requirements: ipa_dogtag's global requirements were
> not met: type/attribute pki_ca_t (No such file or directory).
> libsemanage.semanage_link_sandbox: Link packages failed (No such file or
> directory).
> semodule: Failed!
> Verifying : ipa-server-3.0.0-42.el6.x86_64 1/4
> Verifying : ipa-server-selinux-3.0.0-42.el6.x86_64 2/4
> Verifying : ipa-client-3.0.0-42.el6.x86_64 3/4
> Verifying : ipa-admintools-3.0.0-42.el6.x86_64
>
> Installed:
> ipa-server.x86_64 0:3.0.0-42.el6
>
> Dependency Installed:
> ipa-admintools.x86_64 0:3.0.0-42.el6 ipa-client.x86_64 0:3.0.0-42.el6
> ipa-server-selinux.x86_64 0:3.0.0-42.el6
>
> Complete!
> ############################
> Are these two errors blocking in order to use FreeIPA Server ? Or is it
> fine ?
> libsepol.print_missing_requirements: ipa_dogtag's global requirements were
> not met: type/attribute pki_ca_t (No such file or directory).
> libsemanage.semanage_link_sandbox: Link packages failed (No such file or
> directory).
> semodule: Failed!
>
> Furthermore, when I try a ipa-server-install, I got also an error message
> during step
>
> ############################
> Configuring directory server (dirsrv): Estimated time 1 minute
>   [1/38]: creating directory server user
>   [2/38]: creating directory server instance
> ipa         : CRITICAL failed to create ds instance Command '/usr/sbin/
> setup-ds.pl --silent --logfile - -f /tmp/tmpPamNs8' returned non-zero
> exit status 1
> ############################
>
> And when I checked in the log, here is what I see
>
> Here is the message I see :
> ############################
> 2015-05-29T15:56:49Z DEBUG calling setup-ds.pl
> 4944 2015-05-29T15:56:49Z DEBUG args=/usr/sbin/setup-ds.pl --silent
> --logfile - -f /tmp/tmpkCAtzh
> 4945 2015-05-29T15:56:49Z DEBUG stdout=[15/05/29:17:56:49] - [Setup] Info
> Could not import LDIF file '/var/lib/dirsrv/boot.ldif'.  Error: 32256.
> Output: sh: /var/lib/dirsrv/scripts-MyRealm/ldif2db:         Permission
> denied
> 4946
> 4947 Could not import LDIF file '/var/lib/dirsrv/boot.ldif'.  Error:
> 32256.  Output: sh: /var/lib/dirsrv/scripts-MyRealm/ldif2db: Permission
> denied
> 4948
> 4949 [15/05/29:17:56:49] - [Setup] Fatal Error: Could not create directory
> server instance 'MyRealm'.
> 4950 Error: Could not create directory server instance 'MyRealm'.
> 4951 [15/05/29:17:56:49] - [Setup] Fatal Exiting . . .
> ############################
>
> When I check the perm on the folders, everything is fine :
>
> ############################
> ls -ld /var/lib/dirsrv/
> drwxrwxr-x 5 root dirsrv 4096 May 29 18:19 /var/lib/dirsrv/
>
> ls -l /var/lib/dirsrv/
> drwxrwx--- 2 dirsrv dirsrv 4096 May 29 18:19 scripts-MYREALM
> drwxrwx--- 5 dirsrv dirsrv 4096 May 29 18:19 slapd-MYREALM
> drwxrwx--- 5 pkisrv dirsrv 4096 May 29 18:18 slapd-PKI-IPA
>
> ls -l /var/lib/dirsrv/scripts-MYREALM/
> -r-xr-x--- 1 dirsrv dirsrv  1212 May 29 18:19 bak2db
> -r-xr-x--- 1 dirsrv dirsrv  5661 May 29 18:19 bak2db.pl
> -r-xr-x--- 1 dirsrv dirsrv  6018 May 29 18:19 cleanallruv.pl
> -r-xr-x--- 1 dirsrv dirsrv  1134 May 29 18:19 db2bak
> -r-xr-x--- 1 dirsrv dirsrv  5397 May 29 18:19 db2bak.pl
> -r-xr-x--- 1 dirsrv dirsrv   759 May 29 18:19 db2index
> -r-xr-x--- 1 dirsrv dirsrv  8129 May 29 18:19 db2index.pl
> -r-xr-x--- 1 dirsrv dirsrv  2053 May 29 18:19 db2ldif
> -r-xr-x--- 1 dirsrv dirsrv 10093 May 29 18:19 db2ldif.pl
> -r-xr-x--- 1 dirsrv dirsrv   932 May 29 18:19 dbverify
> -r-xr-x--- 1 dirsrv dirsrv   499 May 29 18:19 dn2rdn
> -r-xr-x--- 1 dirsrv dirsrv  5560 May 29 18:19 fixup-linkedattrs.pl
> -r-xr-x--- 1 dirsrv dirsrv  5896 May 29 18:19 fixup-memberof.pl
> -r-xr-x--- 1 dirsrv dirsrv   729 May 29 18:19 ldif2db
> -r-xr-x--- 1 dirsrv dirsrv  8826 May 29 18:19 ldif2db.pl
> -r-xr-x--- 1 dirsrv dirsrv   412 May 29 18:19 ldif2ldap
> -r-xr-x--- 1 dirsrv dirsrv   426 May 29 18:19 monitor
> -r-xr-x--- 1 dirsrv dirsrv 21524 May 29 18:19 ns-accountstatus.pl
> -r-xr-x--- 1 dirsrv dirsrv 21524 May 29 18:19 ns-activate.pl
> -r-xr-x--- 1 dirsrv dirsrv 21524 May 29 18:19 ns-inactivate.pl
> -r-xr-x--- 1 dirsrv dirsrv 10237 May 29 18:19 ns-newpwpolicy.pl
> -r-xr-x--- 1 dirsrv dirsrv   318 May 29 18:19 restart-slapd
> -r-xr-x--- 1 dirsrv dirsrv   650 May 29 18:19 restoreconfig
> -r-xr-x--- 1 dirsrv dirsrv   654 May 29 18:19 saveconfig
> -r-xr-x--- 1 dirsrv dirsrv  5405 May 29 18:19 schema-reload.pl
> -r-xr-x--- 1 dirsrv dirsrv   269 May 29 18:19 start-slapd
> -r-xr-x--- 1 dirsrv dirsrv   248 May 29 18:19 stop-slapd
> -r-xr-x--- 1 dirsrv dirsrv   489 May 29 18:19 suffix2instance
> -r-xr-x--- 1 dirsrv dirsrv  5905 May 29 18:19 syntax-validate.pl
> -r-xr-x--- 1 dirsrv dirsrv  1497 May 29 18:19 upgradednformat
> -r-xr-x--- 1 dirsrv dirsrv  6143 May 29 18:19 usn-tombstone-cleanup.pl
> -r-xr-x--- 1 dirsrv dirsrv  7588 May 29 18:19 verify-db.pl
> -r-xr-x--- 1 dirsrv dirsrv   588 May 29 18:19 vlvindex
> ###############################
>
> I don't really understand from where the problem is coming.
> Any help please ?
>
> Best regards.
>
> Bahan
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150529/9d2bca03/attachment.htm>

More information about the Freeipa-users mailing list