Hi all Really seeking for some help. My IPA servers (CentOS 7.9, VERSION: 4.6.8, API_VERSION: 2.237) both have their named-pkcs11 service stop working, and they create core files when restart is attempted. Ive been able to partially mitigate the issue by manually standing up a bind9 service on a Debian 12 vm for now.
Please, how can I fix this, or if not possible, I would like to know if there are steps to follow to setup IPA on another Debian 12 Vm and hopefully migrate services and settings there. Typical logs from a named-pkcs11 restart attempt: journalctl -xeu named-pkcs11 Sep 04 21:24:55 ipa0.qriospay.local named-pkcs11[30894]: #6 0x7f7422325b89 in ?? Sep 04 21:24:55 ipa0.qriospay.local named-pkcs11[30894]: #7 0x7f742232f528 in ?? Sep 04 21:24:55 ipa0.qriospay.local named-pkcs11[30894]: #8 0x7f742b286713 in ?? Sep 04 21:24:55 ipa0.qriospay.local named-pkcs11[30894]: #9 0x7f742b28728b in ?? Sep 04 21:24:55 ipa0.qriospay.local named-pkcs11[30894]: #10 0x7f742935cea5 in ?? Sep 04 21:24:55 ipa0.qriospay.local named-pkcs11[30894]: #11 0x7f74283cfb0d in ?? Sep 04 21:24:55 ipa0.qriospay.local named-pkcs11[30894]: exiting (due to assertion failure) Sep 04 21:24:55 ipa0.qriospay.local systemd[1]: named-pkcs11.service: control process exited, code=exited status=1 Sep 04 21:24:55 ipa0.qriospay.local systemd[1]: Failed to start Berkeley Internet Name Domain (DNS) with native PKCS#11. -- Subject: Unit named-pkcs11.service has failed -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit named-pkcs11.service has failed. -- -- The result is failed. Sep 04 21:24:55 ipa0.qriospay.local systemd[1]: Unit named-pkcs11.service entered failed state. Sep 04 21:24:55 ipa0.qriospay.local systemd[1]: named-pkcs11.service failed. Core files: ls /var/named/ core.1569 core.22344 core.22692 core.30894 core.31834 core.3585 core.4117 core.6927 data dynamic named.ca named.localhost slaves core.21923 core.22461 core.2584 core.31739 core.32646 core.3947 core.4723 core.6984 _default.tsigkeys dyndb-ldap named.empty named.loopback tmp-8bAnLCWdq7 cordially yours, Sina Owolabi
-- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
