[Freeipa-users] FreeIPA upgrade from ipa-server-4.2.0-15.0.1.el7.centos.18 to ipa-server-4.2.0-15.0.1.el7.centos.19 (went sideways)
Ludwig Krispenz
lkrispen at redhat.com
Fri Sep 23 14:55:57 UTC 2016
On 09/23/2016 04:42 PM, Devin Acosta wrote:
>
> Ludwig,
>
> Thanks for that, for some reason I had to re-create the
> /var/lock/dirsrv/slapd-RSINC-LOCAL/server directory tree, it did not
> exist. Once I re-created it now the server starts. Should it have
> disappeared like that?
no. I don't know what was going during update and reboot. There have
been cases when a dse.ldif was lost after crashing/rebooting a VM, but
the missing lock directory is new to me.
>
>
>
> On Fri, Sep 23, 2016 at 12:18 AM, Ludwig Krispenz <lkrispen at redhat.com
> <mailto:lkrispen at redhat.com>> wrote:
>
> can you check if you have
> /var/lock/dirsrv/slapd-RSINC-LOCAL
>
> if the server user has permissions to write into this directory
> and its subdirs or if any pid file still exists in
> /var/lock/dirsrv/slapd-RSINC-LOCAL/server
>
>
> On 09/23/2016 07:29 AM, Devin Acosta wrote:
>>
>> Tonight,
>>
>> I noticed there was like 30 packages to be applied on my IPA
>> server. I did the normal 'yum update' process and it completed. I
>> then rebooted the box for the new kernel to take affect and then
>> that is when IPA stopped working completely.
>>
>> When I try to start the dirsrv at RSINC-LOCAL.service
>> <mailto:dirsrv at RSINC-LOCAL.service>, it throws up with:
>>
>> [23/Sep/2016:05:19:38 +0000] - SSL alert: Configured NSS Ciphers
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_DHE_RSA_WITH_AES_256_GCM_SHA384: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_DHE_DSS_WITH_AES_256_GCM_SHA384: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_DHE_RSA_WITH_AES_256_CBC_SHA: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_DHE_DSS_WITH_AES_256_CBC_SHA: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_DHE_DSS_WITH_AES_256_CBC_SHA256: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_DHE_DSS_WITH_AES_128_GCM_SHA256: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_DHE_RSA_WITH_AES_128_CBC_SHA: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_DHE_DSS_WITH_AES_128_CBC_SHA: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_DHE_DSS_WITH_AES_128_CBC_SHA256: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_ECDH_RSA_WITH_AES_128_CBC_SHA: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_ECDH_RSA_WITH_AES_256_CBC_SHA: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_RSA_WITH_AES_256_GCM_SHA384: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_RSA_WITH_AES_256_CBC_SHA: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_RSA_WITH_AES_256_CBC_SHA256: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_RSA_WITH_CAMELLIA_256_CBC_SHA: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_RSA_WITH_AES_128_GCM_SHA256: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_RSA_WITH_AES_128_CBC_SHA: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_RSA_WITH_AES_128_CBC_SHA256: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_RSA_WITH_CAMELLIA_128_CBC_SHA: enabled
>> [23/Sep/2016:05:19:38 +0000] - SSL alert:
>> TLS_RSA_WITH_SEED_CBC_SHA: enabled
>> [23/Sep/2016:05:19:38 +0000] SSL Initialization - Configured SSL
>> version range: min: TLS1.0, max: TLS1.2
>> [23/Sep/2016:05:19:38 +0000] - Shutting down due to possible
>> conflicts with other slapd processes
>>
>> *I am not sure what to do about the error "Shutting down due to
>> possible conflicts with other slapd processes"??*
>> The dirserv won't start, and therefore IPA won't start either. Is
>> there some way to do some cleanup or to have it repair the issue?
>>
>> Any help is greatly appreciated!!!
>>
>> Devin.
>>
>>
>>
>>
>>
>
> --
> Red Hat GmbH,http://www.de.redhat.com/, Registered seat: Grasbrunn,
> Commercial register: Amtsgericht Muenchen, HRB 153243,
> Managing Directors: Charles Cachera, Michael Cunningham, Michael O'Neill, Eric Shander
>
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> <https://www.redhat.com/mailman/listinfo/freeipa-users>
> Go to http://freeipa.org for more info on the project
>
>
--
Red Hat GmbH, http://www.de.redhat.com/, Registered seat: Grasbrunn,
Commercial register: Amtsgericht Muenchen, HRB 153243,
Managing Directors: Charles Cachera, Michael Cunningham, Michael O'Neill, Eric Shander
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160923/4517b37a/attachment.htm>
More information about the Freeipa-users
mailing list