Hello everyone,
I have successfully set up the FreeIPA environment on Ubuntu when selinux is
disable. But when selinux is enable, there is a configuring ipa-otpd error
occurred.
The ipaserver-install.log shows following informations:
2016-11-08T01:55:18Z DEBUG [1/2]: starting ipa-otpd
2016-11-08T01:55:18Z DEBUG Starting external process
2016-11-08T01:55:18Z DEBUG args=/bin/systemctl is-active ipa-otpd.socket
2016-11-08T01:55:18Z DEBUG Process finished, return code=3
2016-11-08T01:55:18Z DEBUG stdout=inactive
2016-11-08T01:55:18Z DEBUG stderr=
2016-11-08T01:55:18Z DEBUG Loading StateFile from
'/var/lib/ipa/sysrestore/sysrestore.state'
2016-11-08T01:55:18Z DEBUG Saving StateFile to
'/var/lib/ipa/sysrestore/sysrestore.state'
2016-11-08T01:55:18Z DEBUG Starting external process
2016-11-08T01:55:18Z DEBUG args=/bin/systemctl restart ipa-otpd.socket
2016-11-08T01:55:18Z DEBUG Process finished, return code=1
2016-11-08T01:55:18Z DEBUG stdout=
2016-11-08T01:55:18Z DEBUG stderr=Job for ipa-otpd.socket failed. See
"systemctl status ipa-otpd.socket" and "journalctl -xe" for details.
2016-11-08T01:55:18Z DEBUG Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/ipaserver/install/service.py", line
447, in start_creation
run_step(full_msg, method)
File "/usr/lib/python2.7/dist-packages/ipaserver/install/service.py", line
437, in run_step
method()
File "/usr/lib/python2.7/dist-packages/ipaserver/install/service.py", line
585, in __start
self.restart()
File "/usr/lib/python2.7/dist-packages/ipaserver/install/service.py", line
347, in restart
self.service.restart(instance_name, capture_output=capture_output,
wait=wait)
File "/usr/lib/python2.7/dist-packages/ipaplatform/base/services.py", line
301, in restart
skip_output=not capture_output)
File "/usr/lib/python2.7/dist-packages/ipapython/ipautil.py", line 479, in run
raise CalledProcessError(p.returncode, arg_string, str(output))
CalledProcessError: Command '/bin/systemctl restart ipa-otpd.socket' returned
non-zero exit status 1
2016-11-08T01:55:18Z DEBUG [error] CalledProcessError: Command
'/bin/systemctl restart ipa-otpd.socket' returned non-zero exit status 1
2016-11-08T01:55:18Z DEBUG File
"/usr/lib/python2.7/dist-packages/ipapython/admintool.py", line 171, in execute
return_value = self.run()
File "/usr/lib/python2.7/dist-packages/ipapython/install/cli.py", line 318,
in run
cfgr.run()
File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py", line 310,
in run
self.execute()
File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py", line 332,
in execute
for nothing in self._executor():
File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py", line 372,
in __runner
self._handle_exception(exc_info)
File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py", line 394,
in _handle_exception
six.reraise(*exc_info)
File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py", line 362,
in __runner
step()
File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py", line 359,
in <lambda>
step = lambda: next(self.__gen)
File "/usr/lib/python2.7/dist-packages/ipapython/install/util.py", line 81,
in run_generator_with_yield_from
six.reraise(*exc_info)
File "/usr/lib/python2.7/dist-packages/ipapython/install/util.py", line 59,
in run_generator_with_yield_from
value = gen.send(prev_value)
File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py", line 586,
in _configure
next(executor)
File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py", line 372,
in __runner
self._handle_exception(exc_info)
File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py", line 449,
in _handle_exception
self.__parent._handle_exception(exc_info)
File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py", line 394,
in _handle_exception
six.reraise(*exc_info)
File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py", line 446,
in _handle_exception
super(ComponentBase, self)._handle_exception(exc_info)
File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py", line 394,
in _handle_exception
six.reraise(*exc_info)
File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py", line 362,
in __runner
step()
File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py", line 359,
in <lambda>
step = lambda: next(self.__gen)
File "/usr/lib/python2.7/dist-packages/ipapython/install/util.py", line 81,
in run_generator_with_yield_from
six.reraise(*exc_info)
File "/usr/lib/python2.7/dist-packages/ipapython/install/util.py", line 59,
in run_generator_with_yield_from
value = gen.send(prev_value)
File "/usr/lib/python2.7/dist-packages/ipapython/install/common.py", line 63,
in _install
for nothing in self._installer(self.parent):
File "/usr/lib/python2.7/dist-packages/ipaserver/install/server/install.py",
line 1513, in main
install(self)
File "/usr/lib/python2.7/dist-packages/ipaserver/install/server/install.py",
line 267, in decorated
func(installer)
File "/usr/lib/python2.7/dist-packages/ipaserver/install/server/install.py",
line 944, in install
ipautil.realm_to_suffix(realm_name))
File "/usr/lib/python2.7/dist-packages/ipaserver/install/service.py", line
579, in create_instance
self.start_creation("Configuring %s" % self.service_name)
File "/usr/lib/python2.7/dist-packages/ipaserver/install/service.py", line
447, in start_creation
run_step(full_msg, method)
File "/usr/lib/python2.7/dist-packages/ipaserver/install/service.py", line
437, in run_step
method()
File "/usr/lib/python2.7/dist-packages/ipaserver/install/service.py", line
585, in __start
self.restart()
File "/usr/lib/python2.7/dist-packages/ipaserver/install/service.py", line
347, in restart
self.service.restart(instance_name, capture_output=capture_output,
wait=wait)
File "/usr/lib/python2.7/dist-packages/ipaplatform/base/services.py", line
301, in restart
skip_output=not capture_output)
File "/usr/lib/python2.7/dist-packages/ipapython/ipautil.py", line 479, in run
raise CalledProcessError(p.returncode, arg_string, str(output))
2016-11-08T01:55:18Z DEBUG The ipa-server-install command failed, exception:
CalledProcessError: Command '/bin/systemctl restart ipa-otpd.socket' returned
non-zero exit status 1
2016-11-08T01:55:18Z ERROR Command '/bin/systemctl restart ipa-otpd.socket'
returned non-zero exit status 1
2016-11-08T01:55:18Z ERROR The ipa-server-install command failed. See
/var/log/ipaserver-install.log for more information
the ipa-otpd.socket status is as follows:
root@ipaserver:~# systemctl status ipa-otpd.socket
● ipa-otpd.socket - ipa-otpd socket
Loaded: loaded (/lib/systemd/system/ipa-otpd.socket; disabled; vendor
preset: enabled)
Active: failed (Result: exit-code) since 二 2016-11-08 09:55:18 CST; 26min ago
Listen: /var/run/krb5kdc/DEFAULT.socket (Stream)
Accepted: 0; Connected: 0
Process: 19864 ExecStopPre=/usr/bin/unlink /var/run/krb5kdc/DEFAULT.socket
(code=exited, status=1/FAILURE)
11月 08 09:55:18 ipaserver.test.com systemd[1]: Starting ipa-otpd socket.
11月 08 09:55:18 ipaserver.test.com unlink[19864]: /usr/bin/unlink: Unable to
remove '/var/run/krb5kdc/DEFAULT.socket' links: no such files or directories
11月 08 09:55:18 ipaserver.test.com systemd[1]: ipa-otpd.socket: Control process
exited, code=exited status=1
11月 08 09:55:18 ipaserver.test.com systemd[1]: Failed to listen on ipa-otpd
socket.
11月 08 09:55:18 ipaserver.test.com systemd[1]: ipa-otpd.socket: Unit entered
failed state.
I found that the file or directory is automatically created when
ipa-otpd.socket is started.
Is there anyone help me?
Thank you!
------------------
祝:
工作顺利!生活愉快!
--------------------------
长沙研发中心 郑磊
电话:18684703229
邮箱:zheng...@kylinos.cn
公司:天津麒麟信息技术有限公司
地址:湖南长沙市开福区三一大道工美大厦十四楼--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
