Petr Viktorin wrote:
On 07/24/2012 03:57 PM, Michael Mercier wrote:
Hello,
I am attempting to install the IPA 3.x beta on Fedora 17 and running
into some difficulty.
I performed the following steps attempting the install (following
setup instructions for FreeIPA 2.2):
1. Download Fedora 17
2. Install Fedora 17 with VMWare
3. add hostname to /etc/hosts - 172.16.112.10 ipaserver.beta.local
ipaserver
4. yum update
5. open the following ports on the firewall tcp
80,443,389,636,88,464,53,7839 udp 88,464,53,123
iptables -L
ACCEPT tcp -- anywhere anywhere state
NEW tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere state
NEW tcp dpt:http
ACCEPT tcp -- anywhere anywhere state
NEW tcp dpt:https
ACCEPT tcp -- anywhere anywhere state
NEW tcp dpt:ldap
ACCEPT tcp -- anywhere anywhere state
NEW tcp dpt:ldaps
ACCEPT tcp -- anywhere anywhere state
NEW tcp dpt:kerberos
ACCEPT tcp -- anywhere anywhere state
NEW tcp dpt:kpasswd
ACCEPT tcp -- anywhere anywhere state
NEW tcp dpt:domain
ACCEPT tcp -- anywhere anywhere state
NEW tcp dpt:7389
ACCEPT udp -- anywhere anywhere state
NEW udp dpt:kerberos
ACCEPT udp -- anywhere anywhere state
NEW udp dpt:kpasswd
ACCEPT udp -- anywhere anywhere state
NEW udp dpt:domain
ACCEPT udp -- anywhere anywhere state
NEW udp dpt:ntp
6. Disable NetworkManger and enable network
7. reboot
8. add freeipa repository
baseurl=http://freeipa.com/downloads/devel/rpms/F$releasever/$basearch
9. yum install freeipa-server bind bind-dyndb-ldap
10. ipa-server-install
Attached is the log file.
Thanks,
Mike
This was reported a while ago, see
https://www.redhat.com/archives/freeipa-users/2012-July/msg00167.html
for the workaround.
Or try updating the pki-* packages to 9.0.21, the packages are in
updates-testing. The dogtag team fixed an SELinux issue introduced in a
recently selinux-policy update.
rob
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
