Rob Crittenden wrote:
Jakub Hrozek wrote:On Tue, Feb 08, 2011 at 10:12:27AM -0500, Rob Crittenden wrote:If /etc/krb5.conf doesn't exist or contains no default kerberos realm then 389-ds won't start at all. This is a problem during installation because we configure 389 first.This patch will let the server come up, you just won't be able to do any joins or password changes until you configure kerberos. ticket 606 robI wasn't able to install with this patch when I had no /etc/krb5.conf at all. Here's what the DS error log said: --- 10/Feb/2011:07:30:35 -0500] ipaenrollment_start - [file ipa_enrollment.c, line 389]: Failed to get default realm?! [10/Feb/2011:07:30:35 -0500] - Failed to start extendedop plugin ipa_enrollment_extop [10/Feb/2011:07:30:35 -0500] ipaenrollment_start - [file ipa_enrollment.c, line 389]: Failed to get default realm?! [10/Feb/2011:07:30:35 -0500] - Failed to start extendedop plugin ipa_enrollment_extop [10/Feb/2011:07:30:36 -0500] ipaenrollment_start - [file ipa_enrollment.c, line 389]: Failed to get default realm?! [10/Feb/2011:07:30:36 -0500] - Failed to start extendedop plugin ipa_enrollment_extop --- Looking at ipaenrollment_start(), it looks like the culprit is that when krb5_get_default_realm() fails, ret is set to an error code and returned. It should be either reset to LDAP_SUCCESS or maybe rc should be used instead. Also one nitpick. This: -static char *realm; -static const char *ipa_realm_dn; +static char *realm = NULL; +static const char *ipa_realm_dn = NULL; Is not neccessary, global variables are initialized to NULL automatically.Updated patch attached. I was able to do full install with this one. rob
Found another problem, new patch. rob
freeipa-rcrit-703-3-startup.patch
Description: application/mbox
_______________________________________________ Freeipa-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-devel
