← Back to team overview

freeipa team mailing list archive

  1. freeipa team
  2. Mailing list archive
  3. Message #00793

[Bug 1768865] Re: freeipa server installation fails on Bionic due to tomcat conflict

  Thread PreviousDate PreviousThread Next 
*** This bug is a duplicate of bug 1765616 ***
    https://bugs.launchpad.net/bugs/1765616

Status changed to 'Confirmed' because the bug affects multiple users.

** Changed in: freeipa (Ubuntu)
       Status: New => Confirmed

-- 
You received this bug notification because you are a member of FreeIPA,
which is subscribed to freeipa in Ubuntu.
https://bugs.launchpad.net/bugs/1768865

Title:
  freeipa server installation fails on Bionic due to tomcat conflict

Status in freeipa package in Ubuntu:
  Confirmed

Bug description:
  Installing freeipa server fails at configuring certificate server
  (pki-tomcatd).

  ...
  Configuring kadmin
    [1/2]: starting kadmin 
    [2/2]: configuring kadmin to start on boot
  Done configuring kadmin.
  Configuring certificate server (pki-tomcatd). Estimated time: 3 minutes
    [1/28]: configuring certificate server instance
  ipaserver.install.dogtaginstance: CRITICAL Failed to configure CA instance: CalledProcessError(Command ['/usr/sbin/pkispawn', '-s', 'CA', '-f', '/tmp/tmpGu_KPq'] returned non-zero exit status 1: u"pkispawn    : ERROR    ....... subprocess.CalledProcessError:  Command '['sysctl', 'crypto.fips_enabled', '-bn']' returned non-zero exit status 255!\npkispawn    : ERROR    ........... server did not start after 300s\npkispawn    : ERROR    ....... server failed to restart\n")
  ipaserver.install.dogtaginstance: CRITICAL See the installation logs and the following files/directories for more information:
  ipaserver.install.dogtaginstance: CRITICAL   /var/log/pki/pki-tomcat
    [error] RuntimeError: CA configuration failed.
  ipapython.admintool: ERROR    CA configuration failed.
  ipapython.admintool: ERROR    The ipa-server-install command failed. See /var/log/ipaserver-install.log for more information

  Looking more closely in /var/log/pki/pki-tomcat/catalina.out there are
  a bunch of java.io.FileNotFoundException

  root@usrv1:~# grep java.io.FileNotFoundException /var/log/pki/pki-tomcat/catalina.out
  java.io.FileNotFoundException: /usr/share/java/tomcat-annotations-api.jar (No such file or directory)
  java.io.FileNotFoundException: /usr/share/java/el-api-2.1.jar (No such file or directory)
  java.io.FileNotFoundException: /usr/share/java/oscache.jar (No such file or directory)
  java.io.FileNotFoundException: /usr/share/java/tomcat-annotations-api.jar (No such file or directory)
  java.io.FileNotFoundException: /usr/share/java/el-api-2.1.jar (No such file or directory)
  java.io.FileNotFoundException: /usr/share/java/oscache.jar (No such file or directory)

  This have been discussed on the FreeIPA users list, and the conclusion
  was:

  "If Ubuntu 18.04 has Tomcat 8.5, you are not going to get it working with
   the current release of FreeIPA.

   We have been working on FreeIPA 4.7 for about a half a year now and only
   recently dogtag got support for tomcat 8.5. There are still bits and
   pieces which being fixed in dogtag to support FreeIPA 4.7.

   I guess currently you aren't going to get any luck with Ubuntu/Debian
   builds."

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/freeipa/+bug/1768865/+subscriptions

References

  Thread PreviousDate PreviousThread Next