[Freeipa-users] FreeIPA upgrade from ipa-server-4.2.0-15.0.1.el7.centos.18 to ipa-server-4.2.0-15.0.1.el7.centos.19 (went sideways)

Devin Acosta linuxguru.co at gmail.com
Fri Sep 23 14:42:36 UTC 2016 

Ludwig,

Thanks for that, for some reason I had to re-create the /var/lock/
dirsrv/slapd-RSINC-LOCAL/server directory tree, it did not exist. Once I
re-created it now the server starts. Should it have disappeared like that?



On Fri, Sep 23, 2016 at 12:18 AM, Ludwig Krispenz <lkrispen at redhat.com>
wrote:

> can you check if you have
> /var/lock/dirsrv/slapd-RSINC-LOCAL
>
> if the server user has permissions to write into this directory and its
> subdirs or if any pid file still exists in /var/lock/dirsrv/slapd-RSINC-
> LOCAL/server
>
>
> On 09/23/2016 07:29 AM, Devin Acosta wrote:
>
>
> Tonight,
>
> I noticed there was like 30 packages to be applied on my IPA server. I did
> the normal 'yum update' process and it completed. I then rebooted the box
> for the new kernel to take affect and then that is when IPA stopped working
> completely.
>
> When I try to start the dirsrv at RSINC-LOCAL.service, it throws up with:
>
> [23/Sep/2016:05:19:38 +0000] - SSL alert: Configured NSS Ciphers
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_DHE_DSS_WITH_AES_256_CBC_SHA:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_DHE_DSS_WITH_AES_128_GCM_SHA256:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_DHE_DSS_WITH_AES_128_CBC_SHA:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_RSA_WITH_AES_256_GCM_SHA384:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_RSA_WITH_AES_256_CBC_SHA:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_RSA_WITH_AES_256_CBC_SHA256:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_RSA_WITH_AES_128_GCM_SHA256:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_RSA_WITH_AES_128_CBC_SHA:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_RSA_WITH_AES_128_CBC_SHA256:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_RSA_WITH_CAMELLIA_128_CBC_SHA:
> enabled
> [23/Sep/2016:05:19:38 +0000] - SSL alert: TLS_RSA_WITH_SEED_CBC_SHA:
> enabled
> [23/Sep/2016:05:19:38 +0000] SSL Initialization - Configured SSL version
> range: min: TLS1.0, max: TLS1.2
> [23/Sep/2016:05:19:38 +0000] - Shutting down due to possible conflicts
> with other slapd processes
>
> *I am not sure what to do about the error "Shutting down due to possible
> conflicts with other slapd processes"??*
> The dirserv won't start, and therefore IPA won't start either. Is there
> some way to do some cleanup or to have it repair the issue?
>
> Any help is greatly appreciated!!!
>
> Devin.
>
>
>
>
>
>
> --
> Red Hat GmbH, http://www.de.redhat.com/, Registered seat: Grasbrunn,
> Commercial register: Amtsgericht Muenchen, HRB 153243,
> Managing Directors: Charles Cachera, Michael Cunningham, Michael O'Neill, Eric Shander
>
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160923/238c7810/attachment.htm>

More information about the Freeipa-users mailing list