[Freeipa-users] Fresh Install of FreeIPA-Server - CentOS7

Martin Bašti mbasti at redhat.com
Fri May 12 07:17:07 UTC 2017 

That's weird, it should be super fast, anything in /var/log/httpd/error_log?


On 11.05.2017 22:23, Robert L. Harris wrote:
>
> Odd, must have clicked reply instead of reply-all.
>
> Anyway, I did the revert and re-install.  Actual install went through 
> fine then the "ipa-server-install" ran until this:
>
>   [8/9]: restoring configuration
>   [9/9]: starting directory server
> Done.
> Restarting the directory server
> Restarting the KDC
> Please add records in this file to your DNS system: 
> /tmp/ipa.system.records.v5Jwrt.db
> Restarting the web server
> Configuring client side components
> Using existing certificate '/etc/ipa/ca.crt'.
> Client hostname: ipa.rdlg.net <http://ipa.rdlg.net>
> Realm: RDLG.NET <http://RDLG.NET>
> DNS Domain: rdlg.net <http://rdlg.net>
> IPA Server: ipa.rdlg.net <http://ipa.rdlg.net>
> BaseDN: dc=rdlg,dc=net
>
> Skipping synchronizing time with NTP server.
> New SSSD config will be created
> Configured sudoers in /etc/nsswitch.conf
> Configured /etc/sssd/sssd.conf
> trying https://ipa.rdlg.net/ipa/json
> Forwarding 'schema' to json server 'https://ipa.rdlg.net/ipa/json'
>
>
> It's been sitting there for a while ( 4 hours? )  I don't see anyting 
> in the ipaserver-install.log, but it's here: https://pastebin.com/biK1Dmv7
>
>
>
> On Thu, May 11, 2017 at 8:12 AM Martin Bašti <mbasti at redhat.com 
> <mailto:mbasti at redhat.com>> wrote:
>
>     Please keep freeipa-users in CC
>
>     Snapshot is always better, so I suggest to use it. Otherwise there
>     is an option --ignore-last-of-role to unblock uninstallation.
>
>     Martin
>
>
>     On 11.05.2017 16:00, Robert L. Harris wrote:
>>
>>     Looks like you hit it, apache didn't have a group:
>>
>>     -- Logs begin at Wed 2017-05-10 19:56:27 MDT, end at Thu
>>     2017-05-11 07:48:27 MDT. --
>>     May 10 20:36:00 ipa.rdlg.net <http://ipa.rdlg.net> systemd[1]:
>>     Starting The Apache HTTP Server...
>>     May 10 20:36:00 ipa.rdlg.net <http://ipa.rdlg.net>
>>     ipa-httpd-kdcproxy[28808]: ipa         : INFO KDC proxy enabled
>>     May 10 20:36:00 ipa.rdlg.net <http://ipa.rdlg.net> httpd[28809]:
>>     AH00544: httpd: bad group name apache
>>     May 10 20:36:00 ipa.rdlg.net <http://ipa.rdlg.net> systemd[1]:
>>     httpd.service: main process exited, code=exited, status=1/FAILURE
>>     May 10 20:36:00 ipa.rdlg.net <http://ipa.rdlg.net> kill[28812]:
>>     kill: cannot find process ""
>>     May 10 20:36:00 ipa.rdlg.net <http://ipa.rdlg.net> systemd[1]:
>>     httpd.service: control process exited, code=exited status=1
>>     May 10 20:36:00 ipa.rdlg.net <http://ipa.rdlg.net> systemd[1]:
>>     Failed to start The Apache HTTP Server.
>>     May 10 20:36:00 ipa.rdlg.net <http://ipa.rdlg.net> systemd[1]:
>>     Unit httpd.service entered failed state.
>>     May 10 20:36:00 ipa.rdlg.net <http://ipa.rdlg.net> systemd[1]:
>>     httpd.service failed.
>>
>>     Thanks, didn't know that command.  I tried to continue the process:
>>
>>     {0}:/root>ipa-server-install
>>
>>     The log file for this installation can be found in
>>     /var/log/ipaserver-install.log
>>     ipa.ipapython.install.cli.install_tool(Server): ERROR    IPA
>>     server is already configured on this system.
>>     If you want to reinstall the IPA server, please uninstall it
>>     first using 'ipa-server-install --uninstall'.
>>     ipa.ipapython.install.cli.install_tool(Server): ERROR    The
>>     ipa-server-install command failed. See
>>     /var/log/ipaserver-install.log for more information
>>
>>     root at ipa
>>     {1}:/root>ipa-server-install  --uninstall
>>
>>     This is a NON REVERSIBLE operation and will delete all data and
>>     configuration!
>>
>>     Are you sure you want to continue with the uninstall procedure?
>>     [no]: yes
>>     ipa         : ERROR    Server removal aborted: Deleting this
>>     server is not allowed as it would leave your installation without
>>     a CA..
>>
>>
>>
>>     This is a VM and I took a snapshot right before I started the
>>     install, so I can revert, just make sure ti add the apache user
>>     before starting the install. Or if you have a better command to
>>     continue the clean-up/install.....
>>
>>
>>     On Thu, May 11, 2017 at 2:19 AM Martin Bašti <mbasti at redhat.com
>>     <mailto:mbasti at redhat.com>> wrote:
>>
>>         Hello,
>>
>>         comments inline
>>
>>
>>         On 11.05.2017 06:06, Robert L. Harris wrote:
>>>
>>>         Sigh... Sorry, it's been a long day, I thought I put that
>>>         log in the first pastebin.  It's in this one:
>>>         https://pastebin.com/18PAXXNS
>>
>>         Could you please provide journalctl -u httpd and
>>         /var/log/httpd/error_log ?
>>
>>
>>
>>>
>>>         Also,
>>>            Anyone else get the constant spam when mailing this
>>>         list?  Got an address to block for it?
>>
>>         Sorry for that, there is a bot mining public archives. We
>>         plan to resolve this issue but it may take time as we are not
>>         maintaining our mailman.
>>
>>         Martin
>>
>>
>>>
>>>         Robert
>>>
>>>
>>>
>>>
>>>         On Wed, May 10, 2017 at 9:56 PM Lachlan Musicman
>>>         <datakid at gmail.com <mailto:datakid at gmail.com>> wrote:
>>>
>>>             Robert, did you look in /var/log/ipaserver-install.log
>>>             as it says?
>>>
>>>             Was there any other information?
>>>
>>>             cheers
>>>             L.
>>>
>>>             ------
>>>             "Mission Statement: To provide hope and inspiration for
>>>             collective action, to build collective power, to achieve
>>>             collective transformation, rooted in grief and rage but
>>>             pointed towards vision and dreams."
>>>
>>>              - Patrice Cullors, /Black Lives Matter founder/
>>>
>>>             On 11 May 2017 at 13:24, Robert L. Harris
>>>             <robert.l.harris at gmail.com
>>>             <mailto:robert.l.harris at gmail.com>> wrote:
>>>
>>>                 Ok,  I gave up on Ubuntu.  I'm now trying the latest
>>>                 CentOS7.  I built out a "minimal server" with some
>>>                 normal base packages which did include the
>>>                 freeipa-client but otherwise, just standard tools. 
>>>                 Here's a pastebin of the output of the install:
>>>                 https://pastebin.com/zAWCgkUU
>>>
>>>                 Robert
>>>
>>>
>>>                 --
>>>                 Manage your subscription for the Freeipa-users
>>>                 mailing list:
>>>                 https://www.redhat.com/mailman/listinfo/freeipa-users
>>>                 Go to http://freeipa.org for more info on the project
>>>
>>>
>>>             --
>>>             Manage your subscription for the Freeipa-users mailing list:
>>>             https://www.redhat.com/mailman/listinfo/freeipa-users
>>>             Go to http://freeipa.org for more info on the project
>>>
>>>
>>>
>>
>>         -- 
>>         Martin Bašti
>>         Software Engineer
>>         Red Hat Czech
>>
>
>     -- 
>     Martin Bašti
>     Software Engineer
>     Red Hat Czech
>

-- 
Martin Bašti
Software Engineer
Red Hat Czech

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20170512/a55124b4/attachment.htm>

More information about the Freeipa-users mailing list