On Fri, 2011-04-01 at 11:47 -0400, Rob Crittenden wrote:
> The hostname is passed in during the server installation. We should use 
> this hostname for the resulting server as well. It was being discarded 
> and we always used the system hostname value.
> 
> ticket 1052
> 
> rob

I have to NACK this again. I have a problem communicating with IPA on a
master machine. I reproduced in on 2 different machines. Please, correct
my steps if I am wrong, I do the following procedure

1) I prepare a fresh minimal F-15
2) Install freeipa-server (current master with your patches)
3) Add custom hostname to /etc/hosts
4) Install IPA server:
ipa-server-install -p secret123 -a secret123 --hostname 
ipa.idm.lab.bos.redhat.com --setup-dns --forwarder=10.16.255.2
5) # kinit admin
Password for ad...@idm.lab.bos.redhat.com: 
6) # ipa user-show admin
ipa: ERROR: cannot connect to 'any of the configured servers':
https://ipa.idm.lab.bos.redhat.com/ipa/xml,
https://ipa.idm.lab.bos.redhat.com/ipa/xml

# ping -c 1 ipa.idm.lab.bos.redhat.com
PING ipa.idm.lab.bos.redhat.com (10.16.78.140) 56(84) bytes of data.
64 bytes from ipa.idm.lab.bos.redhat.com (10.16.78.140): icmp_req=1
ttl=64 time=0.049 ms

Apache error_log shows relevant errors:

[Wed May 25 06:42:38 2011] [error] ipa: ERROR: Failed to start IPA: Unable to 
retrieve LDAP schema: Invalid credentials: SASL(-1): generic failure: GSSAPI 
Error: Unspecified GSS failure.  Minor code may provide more information 
(Permission denied)
[Wed May 25 06:42:38 2011] [error] ipa: ERROR: Failed to start IPA: Unable to 
retrieve LDAP schema: Invalid credentials: SASL(-1): generic failure: GSSAPI 
Error: Unspecified GSS failure.  Minor code may provide more information 
(Permission denied)
[Wed May 25 06:43:55 2011] [error] Exception KeyError: 
KeyError(140250828974112,) in <module 'threading' from 
'/usr/lib64/python2.7/threading.pyc'> ignored
[Wed May 25 06:43:55 2011] [error] Exception KeyError: 
KeyError(140250828974112,) in <module 'threading' from 
'/usr/lib64/python2.7/threading.pyc'> ignored
[Wed May 25 06:43:55 2011] [error] Exception KeyError: 
KeyError(140250828974112,) in <module 'threading' from 
'/usr/lib64/python2.7/threading.pyc'> ignored
[Wed May 25 06:43:55 2011] [error] Exception KeyError: 
KeyError(140250828974112,) in <module 'threading' from 
'/usr/lib64/python2.7/threading.pyc'> ignored
[Wed May 25 06:43:55 2011] [error] Exception KeyError: 
KeyError(140250828974112,) in <module 'threading' from 
'/usr/lib64/python2.7/threading.pyc'> ignored
[Wed May 25 06:43:55 2011] [error] Exception KeyError: 
KeyError(140250828974112,) in <module 'threading' from 
'/usr/lib64/python2.7/threading.pyc'> ignored
[Wed May 25 06:43:55 2011] [error] Exception KeyError: 
KeyError(140250828974112,) in <module 'threading' from 
'/usr/lib64/python2.7/threading.pyc'> ignored
[Wed May 25 06:43:55 2011] [error] Exception KeyError: 
KeyError(140250828974112,) in <module 'threading' from 
'/usr/lib64/python2.7/threading.pyc'> ignored
[Wed May 25 06:43:55 2011] [error] Exception KeyError: 
KeyError(140250828974112,) in <module 'threading' from 
'/usr/lib64/python2.7/threading.pyc'> ignored
[Wed May 25 06:43:55 2011] [error] Exception KeyError: 
KeyError(140250828974112,) in <module 'threading' from 
'/usr/lib64/python2.7/threading.pyc'> ignored
[Wed May 25 06:43:56 2011] [notice] caught SIGTERM, shutting down
[Wed May 25 06:43:56 2011] [notice] SELinux policy enabled; httpd running as 
context system_u:system_r:kernel_t:s0
[Wed May 25 06:43:57 2011] [notice] Digest: generating secret for digest 
authentication ...
[Wed May 25 06:43:57 2011] [notice] Digest: done
[Wed May 25 06:43:57 2011] [notice] Apache/2.2.17 (Unix) DAV/2 
mod_auth_kerb/5.4 mod_nss/2.2.17 NSS/3.12.9.0 mod_wsgi/3.2 Python/2.7.1 
configured -- resuming normal operations
[Wed May 25 06:44:04 2011] [error] ipa: INFO: *** PROCESS START ***
[Wed May 25 06:44:04 2011] [error] ipa: INFO: *** PROCESS START ***
[Wed May 25 06:45:25 2011] [error] [client 10.16.78.140] mod_wsgi (pid=5192): 
Exception occurred processing WSGI script '/usr/share/ipa/wsgi.py'.
[Wed May 25 06:45:25 2011] [error] [client 10.16.78.140] Traceback (most recent 
call last):
[Wed May 25 06:45:25 2011] [error] [client 10.16.78.140]   File 
"/usr/share/ipa/wsgi.py", line 48, in application
[Wed May 25 06:45:25 2011] [error] [client 10.16.78.140]     return 
api.Backend.session(environ, start_response)
[Wed May 25 06:45:25 2011] [error] [client 10.16.78.140]   File 
"/usr/lib/python2.7/site-packages/ipaserver/rpcserver.py", line 141, in __call__
[Wed May 25 06:45:25 2011] [error] [client 10.16.78.140]     
self.create_context(ccache=environ.get('KRB5CCNAME'))
[Wed May 25 06:45:25 2011] [error] [client 10.16.78.140]   File 
"/usr/lib/python2.7/site-packages/ipalib/backend.py", line 110, in 
create_context
[Wed May 25 06:45:25 2011] [error] [client 10.16.78.140]     
self.Backend.ldap2.connect(ccache=ccache)
[Wed May 25 06:45:25 2011] [error] [client 10.16.78.140]   File 
"/usr/lib/python2.7/site-packages/ipalib/backend.py", line 62, in connect
[Wed May 25 06:45:25 2011] [error] [client 10.16.78.140]     conn = 
self.create_connection(*args, **kw)
[Wed May 25 06:45:25 2011] [error] [client 10.16.78.140]   File 
"/usr/lib/python2.7/site-packages/ipalib/encoder.py", line 188, in new_f
[Wed May 25 06:45:25 2011] [error] [client 10.16.78.140]     return 
f(*new_args, **kwargs)
[Wed May 25 06:45:25 2011] [error] [client 10.16.78.140]   File 
"/usr/lib/python2.7/site-packages/ipaserver/plugins/ldap2.py", line 337, in 
create_connection
[Wed May 25 06:45:25 2011] [error] [client 10.16.78.140]     _handle_errors(e, 
**{})
[Wed May 25 06:45:25 2011] [error] [client 10.16.78.140]   File 
"/usr/lib/python2.7/site-packages/ipaserver/plugins/ldap2.py", line 118, in 
_handle_errors
[Wed May 25 06:45:25 2011] [error] [client 10.16.78.140]     raise 
errors.DatabaseError(desc=desc, info=info)
[Wed May 25 06:45:25 2011] [error] [client 10.16.78.140] DatabaseError: Local 
error: SASL(-1): generic failure: GSSAPI Error: An invalid name was supplied 
(Hostname cannot be canonicalized)
[Wed May 25 06:45:26 2011] [error] [client 10.16.78.140] mod_wsgi (pid=5193): 
Exception occurred processing WSGI script '/usr/share/ipa/wsgi.py'.


You can check the problem on vm-140.idm.lab.bos.redhat.com if you want to.

Martin

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to