On 11/19/2014 09:23 PM, Tamas Papp wrote:
hi Martin,

Much better:)
Unfortunately not perfect yet.

Done configuring DNS key synchronization service (ipa-dnskeysyncd).
Restarting ipa-dnskeysyncd
Restarting named
ipa         : ERROR    Named service failed to start (Command ''/bin/systemctl'
'restart' 'named-pkcs11.service'' returned non-zero exit status 1)
named service failed to start

Global DNS configuration in LDAP server is empty
You can use 'dnsconfig-mod' command to set global DNS options that
would override settings in local named.conf files

Restarting the web server
Unexpected error - see /var/log/ipaserver-install.log for details:
CalledProcessError: Command ''/bin/systemctl' 'restart' 'ipa.service'' returned
non-zero exit status 1

This helped:

chmod 777 /var/named/dyndb-ldap/ipa/

Probably chown or chgrp named would be just enough.


Ah, yes. This one is not a problem with the CentOS port, but rather existing problem in FreeIPA 4.1.1 which will be fixed in FreeIPA 4.1.2 on all platforms, including Fedora 21 and CentOS.

See upstream ticket:

Until this is fixed, correct workaround is to chown this directory by named:named and chmod rights to 0770.

I will with the team when 4.1.2 is about to be released, if it is not soon, I can just add the patch to the 4.1.1 in Copr repo.


Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project

Reply via email to