freeipa team mailing list archive

Thread
Date

[Bug 1698309] Re: free-ipa-server install fails

To: freeipa@xxxxxxxxxxxxxxxxxxx
From: Aaron Thomas <1698309@xxxxxxxxxxxxxxxxxx>
Date: Fri, 16 Jun 2017 07:59:22 -0000
Reply-to: Bug 1698309 <1698309@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Also, if I touch /etc/pki/default.cfg, it still fails, because
/etc/pki/pki.conf doesn't exist and isn't created by anything. If pki is
supposed to be configured prior to installing ipa, as a stand alone
server separate from ipa, having that documented might be a good idea.
As it is it appears ipa needs to configure the service to manage it, and
it doesn't appear to actually be doing that.

-- 
You received this bug notification because you are a member of FreeIPA,
which is subscribed to freeipa in Ubuntu.
https://bugs.launchpad.net/bugs/1698309

Title:
  free-ipa-server install fails

Status in freeipa package in Ubuntu:
  New

Bug description:
  clean install ubuntu 16.04, kernel 4.4.0-79, running ipa-server-
  install after installing freeipa-server always fails. It successfully
  gets through all 46 previous steps, and fails on pki-tomcatd:

  Configuring certificate server (pki-tomcatd). Estimated time: 3 minutes 30 seconds
    [1/28]: creating certificate server user
    [2/28]: configuring certificate server instance
  ipa.ipaserver.install.cainstance.CAInstance: CRITICAL Failed to configure CA instance: Command '/usr/sbin/pkispawn -s CA -f /tmp/tmpIHv1S_' returned non-zero exit status 255
  ipa.ipaserver.install.cainstance.CAInstance: CRITICAL See the installation logs and the following files/directories for more information:
  ipa.ipaserver.install.cainstance.CAInstance: CRITICAL   /var/log/pki/pki-tomcat
    [error] RuntimeError: CA configuration failed.
  ipa.ipapython.install.cli.install_tool(Server): ERROR    CA configuration failed.
  ipa.ipapython.install.cli.install_tool(Server): ERROR    The ipa-server-install command failed. See /var/log/ipaserver-install.log for more information

  CA configuration failed. Something is certainly wrong when the
  software can't be installed on a newly installed ubuntu box.

  Namely, the script seems to choke when trying to write out the config
  file:

  2017-06-16T07:09:49Z DEBUG args=/usr/sbin/pkispawn -s CA -f /tmp/tmpIHv1S_
  2017-06-16T07:09:49Z DEBUG Process finished, return code=255
  2017-06-16T07:09:49Z DEBUG stdout=ERROR:  File '/etc/pki/default.cfg' is either missing or is NOT a regular file!

  usage: pkispawn [-s <subsystem>] [-h] [-v] [-p <prefix>] [-f <file>]

  PKI Instance Installation and Configuration

  There's nowhere in the documentation, in the script, in the packages,
  anywhere, that says I should first create a /etc/pki/default.cfg file,
  nor what that file should contain (it appears the script is trying to
  generate that file itself but doesn't). A fix would be appreciated.

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: freeipa-server 4.3.1-0ubuntu1
  ProcVersionSignature: Ubuntu 4.4.0-79.100-generic 4.4.67
  Uname: Linux 4.4.0-79-generic x86_64
  ApportVersion: 2.20.1-0ubuntu2.6
  Architecture: amd64
  Date: Fri Jun 16 00:12:29 2017
  InstallationDate: Installed on 2017-05-05 (41 days ago)
  InstallationMedia: Ubuntu-Server 16.04.2 LTS "Xenial Xerus" - Release amd64 (20170215.8)
  ProcEnviron:
   TERM=xterm-color
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=<set>
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  SourcePackage: freeipa
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/freeipa/+bug/1698309/+subscriptions

References

[Bug 1698309] [NEW] free-ipa-server install fails
From: Aaron Thomas, 2017-06-16