On Срд, 29 мая 2024, Natxo Asenjo wrote:
hi,

indeed, sorry.

# cat
/etc/pki/pki.version
│
Configuration-Version: 11.5.0

# ipactl restart
Restarting Directory Service
Restarting krb5kdc Service
Restarting kadmin Service
Restarting named Service
Restarting httpd Service
Restarting ipa-custodia Service
Restarting pki-tomcatd Service
Restarting smb Service
Restarting winbind Service
Restarting ipa-otpd Service
Restarting ipa-dnskeysyncd Service
ipa: INFO: The ipactl command was successful

]# ipactl status
Directory Service: RUNNING
krb5kdc Service: RUNNING
kadmin Service: RUNNING
named Service: RUNNING
httpd Service: RUNNING
ipa-custodia Service: RUNNING
pki-tomcatd Service: STOPPED
smb Service: RUNNING
winbind Service: RUNNING
ipa-otpd Service: RUNNING
ipa-dnskeysyncd Service: RUNNING
1 service(s) are not running

May 29 12:12:34 kdc.sub.domain.tld systemd[1]: Starting PKI Tomcat Server
pki-tomcat...
May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]: ERROR: Unable to
parse version number: "11.5.0"
May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]: Traceback (most
recent call last):
May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]:   File
"/usr/lib/python3.9/site-packages/pki/server/pkiserver.py", line 41, in
<module>
May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]:
cli.execute(sys.argv)
May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]:   File
"/usr/lib/python3.9/site-packages/pki/server/cli/__init__.py", line 145, in
execute
May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]:
super().execute(args)
May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]:   File
"/usr/lib/python3.9/site-packages/pki/cli/__init__.py", line 217, in execute
May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]:
module.execute(module_args)
May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]:   File
"/usr/lib/python3.9/site-packages/pki/server/cli/upgrade.py", line 144, in
execute
May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]:     self.upgrade(
May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]:   File
"/usr/lib/python3.9/site-packages/pki/server/cli/upgrade.py", line 178, in
upgrade
May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]:     upgrader.upgrade()
May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]:   File
"/usr/lib/python3.9/site-packages/pki/upgrade.py", line 481, in upgrade
May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]:     versions =
self.versions()
May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]:   File
"/usr/lib/python3.9/site-packages/pki/upgrade.py", line 238, in versions
May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]:     current_version =
self.get_current_version()
May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]:   File
"/usr/lib/python3.9/site-packages/pki/upgrade.py", line 341, in
get_current_version
May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]:     current_version =
self.get_tracker().get_version()
May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]:   File
"/usr/lib/python3.9/site-packages/pki/upgrade.py", line 141, in get_version
May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]:     return
pki.util.Version(version)
May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]:   File
"/usr/lib/python3.9/site-packages/pki/util.py", line 613, in __init__
May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]:     raise
Exception('Unable to parse version number: %s' % obj)
May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]: Exception: Unable to
parse version number: "11.5.0"

The only way to get this string in double quotes is if it was in double
quotes in the original file:

-----------------------------------------------------------------
obj = "11.5.0"
m = re.match(r'^(\d+)\.(\d+)\.(\d+)', obj)
m.group(2)
'5'
raise Exception('Unable to parse version number: %s' % obj)
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
Exception: Unable to parse version number: 11.5.0
obj = '"11.5.0"'
m = re.match(r'^(\d+)\.(\d+)\.(\d+)', obj)
m.group(2)
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
AttributeError: 'NoneType' object has no attribute 'group'
raise Exception('Unable to parse version number: %s' % obj)
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
Exception: Unable to parse version number: "11.5.0"
-----------------------------------------------------------------

So I still think there is something wrong with the file it reads...


If I revert it to 11.4.2, so it looks as though it is not reading this file
for getting this information.

# cat /etc/pki/pki.version
Configuration-Version: 11.4.2

# ipactl restart
Restarting Directory Service
Restarting krb5kdc Service
Restarting kadmin Service
Restarting named Service
Restarting httpd Service
Restarting ipa-custodia Service
Restarting pki-tomcatd Service
Restarting smb Service
Restarting winbind Service
Restarting ipa-otpd Service
Restarting ipa-dnskeysyncd Service
ipa: INFO: The ipactl command was successful

# ipactl status
Directory Service: RUNNING
krb5kdc Service: RUNNING
kadmin Service: RUNNING
named Service: RUNNING
httpd Service: RUNNING
ipa-custodia Service: RUNNING
pki-tomcatd Service: STOPPED
smb Service: RUNNING
winbind Service: RUNNING
ipa-otpd Service: RUNNING
ipa-dnskeysyncd Service: RUNNING
1 service(s) are not running

May 29 12:17:08 kdc.sub.domain.tld systemd[1]: Starting PKI Tomcat Server
pki-tomcat...
May 29 12:17:08 kdc.sub.domain.tld pki-server[37297]: ERROR: Unable to
parse version number: "11.5.0"

Strange.


On Tue, May 28, 2024 at 7:35 PM Rob Crittenden <[email protected]> wrote:

Natxo Asenjo via FreeIPA-users wrote:
> hi,
>
> no, it's without quotes but the rolledback version:
>
> Configuration-Version: 11.4.2
>
> I tried modifiying it to 11.5.0 and ipactl restart, but it does not help
> (reset it to the proper value 11.4.2 now)

Did the error change when you switched to 11.4.2? You didn't include a
new traceback.

rob

>
>
>
> On Fri, May 24, 2024 at 5:14 PM Alexander Bokovoy <[email protected]
> <mailto:[email protected]>> wrote:
>
>     On Fri, 24 May 2024, Natxo Asenjo via FreeIPA-users wrote:
>     >hi,
>     >
>     >after a botched update
>     (https://access.redhat.com/solutions/7065748) and
>     >rolling back the changes, this service will not start:
>     >
>     ># ipactl status
>     >Directory Service: RUNNING
>     >krb5kdc Service: RUNNING
>     >kadmin Service: RUNNING
>     >named Service: RUNNING
>     >httpd Service: RUNNING
>     >ipa-custodia Service: RUNNING
>     >pki-tomcatd Service: STOPPED
>     >smb Service: RUNNING
>     >winbind Service: RUNNING
>     >ipa-otpd Service: RUNNING
>     >ipa-dnskeysyncd Service: RUNNING
>     >1 service(s) are not running
>     >
>     >in journalctl I found this stdout/stderr messages:
>     >
>     >
>     >May 24 11:40:35 kdc1.sub.domain.tld named[27437]: zone
>     sub.domain.tld/IN:
>     >sending notifies (serial 1716543629)
>     >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: ERROR:
Unable to
>     >parse version number: "11.5.0"
>     >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: Traceback
(most
>     >recent call last):
>     >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]:   File
>     >"/usr/lib/python3.9/site-packages/pki/server/pkiserver.py", line
41, in
>     ><module>
>     >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]:
>     >cli.execute(sys.argv)
>     >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]:   File
>     >"/usr/lib/python3.9/site-packages/pki/server/cli/__init__.py", line
>     145, in
>     >execute
>     >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]:
>     >super().execute(args)
>     >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]:   File
>     >"/usr/lib/python3.9/site-packages/pki/cli/__init__.py", line 217,
>     in execute
>     >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]:
>     >module.execute(module_args)
>     >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]:   File
>     >"/usr/lib/python3.9/site-packages/pki/server/cli/upgrade.py", line
>     144, in
>     >execute
>     >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]:
>      self.upgrade(
>     >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]:   File
>     >"/usr/lib/python3.9/site-packages/pki/server/cli/upgrade.py", line
>     178, in
>     >upgrade
>     >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]:
>     >upgrader.upgrade()
>     >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]:   File
>     >"/usr/lib/python3.9/site-packages/pki/upgrade.py", line 481, in
upgrade
>     >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]:     versions
=
>     >self.versions()
>     >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]:   File
>     >"/usr/lib/python3.9/site-packages/pki/upgrade.py", line 238, in
>     versions
>     >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]:
>      current_version
>     >= self.get_current_version()
>     >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]:   File
>     >"/usr/lib/python3.9/site-packages/pki/upgrade.py", line 341, in
>     >get_current_version
>     >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]:
>      current_version
>     >= self.get_tracker().get_version()
>     >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]:   File
>     >"/usr/lib/python3.9/site-packages/pki/upgrade.py", line 141, in
>     get_version
>     >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]:     return
>     >pki.util.Version(version)
>     >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]:   File
>     >"/usr/lib/python3.9/site-packages/pki/util.py", line 613, in
__init__
>     >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]:     raise
>     >Exception('Unable to parse version number: %s' % obj)
>     >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: Exception:
>     Unable to
>     >parse version number: "11.5.0"
>
>     What do you have in /etc/pki/pki.version file? Is it literally
>
>     # cat /etc/pki/pki.version
>     Configuration-Version: "11.5.0"
>
>     ? If so, then remove quotes around 11.5.0, they are not expected.
>
>     >May 24 11:40:35 kdc1.sub.domain.tld systemd[1]:
>     >[email protected]: Control process exited,
code=exited,
>     >status=1/FAILURE
>     >May 24 11:40:35 kdc1.sub.domain.tld systemd[1]:
>     >[email protected]: Failed with result 'exit-code'.
>     >May 24 11:40:35 kdc1.sub.domain.tld systemd[1]: Failed to start PKI
>     Tomcat
>     >Server pki-tomcat.
>     >
>     >So it seems something is broken on this upgrade script. This is in
in
>     >almalinux 9.3
>     >ipa-server-4.10.2-5.el9_3.alma.1.x86_64
>     >
>     >I cannot upgrade because I get bitten by the named ldap thing, even
>     though
>     >the versions are newer.
>     >
>     >I will create a replicat to a rhel host but first I need to get the
>     CA up
>     >and running obviously :-).
>     >
>     >Any ideas?
>     >
>     >Thanks!
>     >
>     >--
>     >regards,
>     >
>     >natxo
>     >
>     >--
>     >--
>     >Groeten,
>     >natxo
>
>
>
>
>     --
>     / Alexander Bokovoy
>     Sr. Principal Software Engineer
>     Security / Identity Management Engineering
>     Red Hat Limited, Finland
>
>
>
> --
> --
> Groeten,
> natxo
>
> --
> _______________________________________________
> FreeIPA-users mailing list -- [email protected]
> To unsubscribe send an email to
[email protected]
> Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
> Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
>



--
--
Groeten,
natxo




--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
--
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Reply via email to