[Freeipa-users] FreeIPA 4.3.1 ipa-replica-install wrong exit code?
Standa Laznicka
slaznick at redhat.com
Thu Feb 23 08:25:18 UTC 2017
On 02/23/2017 08:30 AM, Martin Basti wrote:
>
> On 23.02.2017 00:17, Diogenes S. Jesus wrote:
>> We are ansible-playbooking FreeIPA and we don't want to care about if
>> freeipa is installed, we just want to ignore errors if it already is
>> - but for that the exit code is relevant.
>> Either the return code is wrong in the code or in the manual -
>> according to the manual, it should be 3, but it's currently 1.
>>
>>
>> ubuntu at ipa02:~$ sudo -i
>> root at ipa02:~# http_proxy='' https_proxy='' ipa-replica-install
>> --dirsrv-cert-file=/etc/ssl/private/ipa02.dev.pfx
>> --http-cert-file=/etc/ssl/private/ipa02.dev.pfx --dirsrv-pin=export
>> --http-pin=export
>> ipa.ipapython.install.cli.install_tool(Replica): ERROR IPA server is
>> already configured on this system.
>> If you want to reinstall the IPA server, please uninstall it first
>> using 'ipa-server-install --uninstall'.
>> ipa.ipapython.install.cli.install_tool(Replica): ERROR The
>> ipa-replica-install command failed. See
>> /var/log/ipareplica-install.log for more information
>>
>> root at ipa02:~# echo $?
>> 1
>>
>> root at ipa02:~# cat /var/log/ipareplica-install.log
>> 2017-02-22T22:49:45Z DEBUG Logging to /var/log/ipareplica-install.log
>> 2017-02-22T22:49:45Z DEBUG ipa-replica-install was invoked with
>> arguments [] and options: {'no_dns_sshfp': None, 'skip_schema_check':
>> None, 'setup_kra': None, 'ip_addresses': None, 'mkhomedir': None,
>> 'no_pkinit': None, 'http_cert_files':
>> ['/etc/ssl/private/ipa02.dev.pfx'], 'no_ntp': None, 'verbose': False,
>> 'no_forwarders': None, 'keytab': None, 'ssh_trust_dns': None,
>> 'domain_name': None, 'http_cert_name': None, 'dirsrv_cert_files':
>> ['/etc/ssl/private/ipa02.dev.pfx'], 'no_dnssec_validation': None,
>> 'no_reverse': None, 'pkinit_cert_files': None, 'unattended': False,
>> 'auto_reverse': None, 'auto_forwarders': None, 'no_host_dns': None,
>> 'no_sshd': None, 'no_ui_redirect': None, 'dirsrv_config_file': None,
>> 'forwarders': None, 'pkinit_cert_name': None, 'setup_ca': None,
>> 'realm_name': None, 'skip_conncheck': None, 'no_ssh': None,
>> 'dirsrv_cert_name': None, 'quiet': False, 'server': None,
>> 'setup_dns': None, 'host_name': None, 'log_file': None,
>> 'reverse_zones': None, 'allow_zone_overlap': None}
>> 2017-02-22T22:49:45Z DEBUG IPA version 4.3.1
>> 2017-02-22T22:49:45Z DEBUG Loading StateFile from
>> '/var/lib/ipa/sysrestore/sysrestore.state'
>> 2017-02-22T22:49:45Z DEBUG Loading Index file from
>> '/var/lib/ipa/sysrestore/sysrestore.index'
>> 2017-02-22T22:49:45Z DEBUG httpd is configured
>> 2017-02-22T22:49:45Z DEBUG kadmin is configured
>> 2017-02-22T22:49:45Z DEBUG dirsrv is configured
>> 2017-02-22T22:49:45Z DEBUG pki-tomcatd is not configured
>> 2017-02-22T22:49:45Z DEBUG install is not configured
>> 2017-02-22T22:49:45Z DEBUG krb5kdc is configured
>> 2017-02-22T22:49:45Z DEBUG ntpd is configured
>> 2017-02-22T22:49:45Z DEBUG named is not configured
>> 2017-02-22T22:49:45Z DEBUG ipa_memcached is configured
>> 2017-02-22T22:49:45Z DEBUG filestore has files
>> 2017-02-22T22:49:45Z DEBUG File
>> "/usr/lib/python2.7/dist-packages/ipapython/admintool.py", line 171,
>> in execute
>> return_value = self.run()
>> File "/usr/lib/python2.7/dist-packages/ipapython/install/cli.py",
>> line 318, in run
>> cfgr.run()
>> File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py",
>> line 308, in run
>> self.validate()
>> File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py",
>> line 317, in validate
>> for nothing in self._validator():
>> File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py",
>> line 372, in __runner
>> self._handle_exception(exc_info)
>> File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py",
>> line 394, in _handle_exception
>> six.reraise(*exc_info)
>> File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py",
>> line 362, in __runner
>> step()
>> File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py",
>> line 359, in <lambda>
>> step = lambda: next(self.__gen)
>> File "/usr/lib/python2.7/dist-packages/ipapython/install/util.py",
>> line 81, in run_generator_with_yield_from
>> six.reraise(*exc_info)
>> File "/usr/lib/python2.7/dist-packages/ipapython/install/util.py",
>> line 59, in run_generator_with_yield_from
>> value = gen.send(prev_value)
>> File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py",
>> line 564, in _configure
>> next(validator)
>> File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py",
>> line 372, in __runner
>> self._handle_exception(exc_info)
>> File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py",
>> line 449, in _handle_exception
>> self.__parent._handle_exception(exc_info)
>> File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py",
>> line 394, in _handle_exception
>> six.reraise(*exc_info)
>> File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py",
>> line 446, in _handle_exception
>> super(ComponentBase, self)._handle_exception(exc_info)
>> File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py",
>> line 394, in _handle_exception
>> six.reraise(*exc_info)
>> File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py",
>> line 362, in __runner
>> step()
>> File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py",
>> line 359, in <lambda>
>> step = lambda: next(self.__gen)
>> File "/usr/lib/python2.7/dist-packages/ipapython/install/util.py",
>> line 81, in run_generator_with_yield_from
>> six.reraise(*exc_info)
>> File "/usr/lib/python2.7/dist-packages/ipapython/install/util.py",
>> line 59, in run_generator_with_yield_from
>> value = gen.send(prev_value)
>> File
>> "/usr/lib/python2.7/dist-packages/ipapython/install/common.py", line
>> 63, in _install
>> for nothing in self._installer(self.parent):
>> File
>> "/usr/lib/python2.7/dist-packages/ipaserver/install/server/replicainstall.py",
>> line 1650, in main
>> promote_check(self)
>> File
>> "/usr/lib/python2.7/dist-packages/ipaserver/install/server/replicainstall.py",
>> line 375, in decorated
>> func(installer)
>> File
>> "/usr/lib/python2.7/dist-packages/ipaserver/install/server/replicainstall.py",
>> line 397, in decorated
>> func(installer)
>> File
>> "/usr/lib/python2.7/dist-packages/ipaserver/install/server/replicainstall.py",
>> line 952, in promote_check
>> sys.exit("IPA server is already configured on this system.\n"
>>
>> 2017-02-22T22:49:45Z DEBUG The ipa-replica-install command failed,
>> exception: SystemExit: IPA server is already configured on this system.
>> If you want to reinstall the IPA server, please uninstall it first
>> using 'ipa-server-install --uninstall'.
>> 2017-02-22T22:49:45Z ERROR IPA server is already configured on this
>> system.
>> If you want to reinstall the IPA server, please uninstall it first
>> using 'ipa-server-install --uninstall'.
>> 2017-02-22T22:49:45Z ERROR The ipa-replica-install command failed.
>> See /var/log/ipareplica-install.log for more information
>>
>> ------
>>
>> For those looking for a workaround meanwhile do:
>>
>> python -c 'import sys; from ipaserver.install.installutils import
>> is_ipa_configured; sys.exit(is_ipa_configured())'
>>
>>
>> As proposed here: https://fedorahosted.org/freeipa/ticket/4884
>>
>>
>> Dio
>>
>>
>
>
> Hello,
>
> return code 1 is expected for already installed server. Return code 3
> on replica is somehow special it doesn't mean that replica is already
> installed but more or less issues that may happen during replica
> installation.
>
> If you think that we should return an extra return code for "IPA
> already installed", please file a RFE ticket.
> https://fedorahosted.org/freeipa/newticket
>
> Martin
>
>
>
>
Hello,
Thank you for raising your concern. The documentation there is quite
puzzling from what I see, it should say that 3 is returned when the host
with such a hostname already exists in the topology or when the remote
server has a replication agreement to this host (the doc is completely
wrong there). This does not imply replica is already installed on the
given server.
While I was going through the code, I found quite some more cases where
3 would be returned. So my advice is - check whether the returned value
is not 0. I believe we should deprecate rval 3 as it is bound to only
cause more confusion. If the installation failed, you need to go
checking the logs anyway, right?
HTH,
Standa
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20170223/d33d3b60/attachment.htm>
More information about the Freeipa-users
mailing list