On 24.6.2014 21:40, Carl Perry wrote:
Whoops, let me send replies to the list. Sorry about that!

It appears the problem is with named not starting. I did install the
required packages, but it looks like SELinux is getting in the way:

[root@freeipa named]# named -f -d 255
isc_file_isplainfile 'data/named.run' failed: permission denied
[root@freeipa named]#

It took some time digging through logs and startup scripts to find the
exact issue.

Interesting.

First of all, try to start named with "named -g -u named" and look for error messages. IMHO SELinux correctly prevents it from running under root account as it is undesirable.

Also, it would be valuable to see error messages or AVCs from /var/log/audit/audit.log .

Did you find any error in /var/log/ipaserver-install.log ?

Petr^2 Spacek

   -Carl

On 06/24/2014 02:13 PM, Rob Verduijn wrote:
err
http://www.freeipa.org/docs/master/html-desktop/index.html#Preparing_for_an_IPA_Installation
ofcourse

Rob

2014-06-24 21:12 GMT+02:00 Rob Verduijn <rob.verdu...@gmail.com>:
I saw this in your log :

<snip>
Global DNS configuration in LDAP server is empty
You can use 'dnsconfig-mod' command to set global DNS options that
would override settings in local named.conf files
<snip>

Did you install bind and bind-dyndb-ldap ?
http://www.freeipa.org/docs/master/html-desktop/index.html#installing-replica

Just meddling around with ipa myself
Rob

2014-06-24 19:11 GMT+02:00 Petr Spacek <pspa...@redhat.com>:
Hello!

That is interesting. Do you have latest updates?

Please see
http://www.freeipa.org/page/Troubleshooting



On 24.6.2014 18:41, Carl Perry wrote:
Unexpected error - see /var/log/ipaserver-install.log for details:
If the web page doesn't cover your case please send us the log file
mentioned in the the error message.

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project

Reply via email to