Hi Rob, This was on CentOS 6.4 - so I checked package versions and found some mismatches.
After upgrading all servers to CentOS 6.5 and getting IPA packages to the same latest 3.0.0-37 versions this problem has been resolved - thanks. Regards, Suhail Choudhury. DevOps | Recommendations Team | BSkyB ________________________________________ From: Rob Crittenden [rcrit...@redhat.com] Sent: 17 July 2014 19:33 To: Choudhury, Suhail; email@example.com Subject: Re: [Freeipa-users] DNS/Named STOPPED Choudhury, Suhail wrote: > Hi guys, > > After deleting and freshly installing another master replica, I'm seeing > DNS is stopped and cannot resolve any DNS: > > [root@recsds1 ~]# service ipa status > Directory Service: RUNNING > KDC Service: RUNNING > KPASSWD Service: RUNNING > DNS Service: STOPPED > MEMCACHE Service: RUNNING > HTTP Service: RUNNING > CA Service: RUNNING > [root@recsds1 ~]# > > [root@recsds1 ~]# /etc/init.d/named restart > Stopping named: [ OK ] > Starting named: [ OK ] > [root@recsds1 ~]# /etc/init.d/named status > rndc: connect failed: 127.0.0.1#953: connection refused > named dead but pid file exists > > > All other 5 IPA master replicas are fine. > > In /var/log/messages I see: > > Jul 17 17:16:43 recsds1 named: exiting (due to assertion failure) > Jul 17 17:16:43 recsds1 abrt: /var/named/core.17387 fd(-1) is not > a regular file with link count 1: Permission denied > Jul 17 17:16:43 recsds1 abrtd: Directory > 'ccpp-2014-07-17-17:16:43-17387' creation detected > > and > > Jul 17 17:17:12 recsds1 sssd[pam]: Starting up > Jul 17 17:17:12 recsds1 sssd[pac]: Starting up > Jul 17 17:22:03 recsds1 ntpd: synchronized to 184.108.40.206, > stratum 2 > Jul 17 17:22:45 recsds1 python: GSSAPI Error: Unspecified GSS failure. > Minor code may provide more information (Credentials cache file > '/tmp/krb5cc_0' not found) > Jul 17 17:23:13 recsds1 python: GSSAPI Error: Unspecified GSS failure. > Minor code may provide more information (Credentials cache file > '/tmp/krb5cc_0' not found) > Jul 17 17:23:21 recsds1 python: GSSAPI Error: Unspecified GSS failure. > Minor code may provide more information (Credentials cache file > '/tmp/krb5cc_0' not found) What distro and version of IPA? What version of bind? Are you seeing any SELinux AVCs? It looks like a core is failing to be created, can you double-check? rob Information in this email including any attachments may be privileged, confidential and is intended exclusively for the addressee. The views expressed may not be official policy, but the personal views of the originator. If you have received it in error, please notify the sender by return e-mail and delete it from your system. You should not reproduce, distribute, store, retransmit, use or disclose its contents to anyone. Please note we reserve the right to monitor all e-mail communication through our internal and external networks. SKY and the SKY marks are trademarks of British Sky Broadcasting Group plc and Sky International AG and are used under licence. British Sky Broadcasting Limited (Registration No. 2906991), Sky-In-Home Service Limited (Registration No. 2067075) and Sky Subscribers Services Limited (Registration No. 2340150) are direct or indirect subsidiaries of British Sky Broadcasting Group plc (Registration No. 2247735). All of the companies mentioned in this p! aragraph are incorporated in England and Wales and share the same registered office at Grant Way, Isleworth, Middlesex TW7 5QD. -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project