Am Dienstag, 9. Dezember 2014, 09:49:04 schrieb Ade Lee:
> On Tue, 2014-12-09 at 13:54 +0100, chymian wrote:
> > hey people,
> > 
> > after a successful install of ipa 4.0.5-2 on jessie, the named services 
> > started flawless during setup. see attached log, Installation summary (line 
> > 3107)
> > but after reboot, it refuses to start. (did this install a couple times, on 
> > vanilla jessie)
> > 
> > I can reach & work with Dogtag https://ipa.eb8.lan:8443/ca, but not the 
> > admin-services on https://ipa.eb8.lan/ca/ee/ca and 
> > https://ipa.eb8.lan/ca/agent/ca.
> > 
> > 
> > $ systemctl status pki-tomcatd@pki-tomcat.service
> > ● pki-tomcatd@pki-tomcat.service - PKI Tomcat Server pki-tomcat
> >    Loaded: loaded (/lib/systemd/system/pki-tomcatd@.service; enabled)
> >    Active: failed (Result: resources)
> > 
> > Dez 08 20:40:13 ipa systemd[1]: Starting PKI Tomcat Server pki-tomcat...
> > Dez 08 20:40:13 ipa systemd[1]: Failed to load environment files: No such 
> > file or directory
> > Dez 08 20:40:13 ipa systemd[1]: pki-tomcatd@pki-tomcat.service failed to 
> > run 'start-pre' task: No such file or directory
> > Dez 08 20:40:13 ipa systemd[1]: Failed to start PKI Tomcat Server 
> > pki-tomcat.
> > Dez 08 20:40:13 ipa systemd[1]: Unit pki-tomcatd@pki-tomcat.service entered 
> > failed state.
> > 
> > 
> 
> Is dogtag actually running?  ps -ef |grep java

it shows:
pkiuser    676     1  0 13:25 ?        00:00:26 
/usr/lib/jvm/default-java/bin/java 
-Djava.util.logging.config.file=/var/lib/pki/pki-tomcat/conf/logging.properties 
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 
-DRESTEASY_LIB=/usr/share/java/ 
-Djava.endorsed.dirs=/usr/share/tomcat7/endorsed -classpath 
/usr/share/tomcat7/bin/bootstrap.jar:/var/lib/pki/pki-tomcat/bin/tomcat-juli.jar
 -Dcatalina.base=/var/lib/pki/pki-tomcat -Dcatalina.home=/usr/share/tomcat7 
-Djava.io.tmpdir=/var/lib/pki/pki-tomcat/temp 
org.apache.catalina.startup.Bootstrap start

is it ment to be, that the dogtag-pki package it’s self is not installed, just 
the dogtag-pki-server-theme is
and a couple pki-packages… pki-base, pki-ca, pki-server, pki-tools?


> 
> You could try restarting it - 
> systemctl restart pki-tomcatd@pki-tomcat.service

fails with same log-msg.

> 
> The logs should be found in the journal --> 
> journalctl -u pki-tomcatd@pki-tomcat.service

same as above.

> 
> Other debug logs should be found under /var/log/pki/pki-tomcat/.  Please
> provide a tar of that directory.

attached

> I am curious what the unit file looks like:  On Fedora, its
> at /etc/systemd/system/pki-tomcatd.target.wants/pki-tomcatd@pki-tomcat.service

lrwxrwxrwx 1 pkiuser pkiuser 40 Dez  8 20:22 pki-tomcatd@pki-tomcat.service -> 
/lib/systemd/system/pki-tomcatd@.service
root@ipa /etc/systemd/system/pki-tomcatd.target.wants
$ cat pki-tomcatd@pki-tomcat.service
[Unit]
Description=PKI Tomcat Server %i
After=pki-tomcatd.target network.target
PartOf=pki-tomcatd.target

[Service]
Type=simple
EnvironmentFile=/etc/tomcat/tomcat.conf
Environment="NAME=%i"
EnvironmentFile=-/etc/default/%i
ExecStartPre=/usr/bin/pkidaemon start %i
ExecStart=/usr/libexec/tomcat/server start
ExecStop=/usr/libexec/tomcat/server stop
SuccessExitStatus=143
User=pkiuser
Group=pkiuser

[Install]
WantedBy=multi-user.target


> which points to an EnvironmentFile /etc/tomcat/tomcat.conf.  Does that
> file exist?

there is not even an dir. /etc/tomcat/, or rather a tomcat.conf in it.

this is what was installed:

ii  libtomcat7-java                          7.0.56-1
ii  libtomcatjss-java                        7.1.1-2
ii  tomcat7-common                           7.0.56-1
ii  tomcat7-user                             7.0.56-1

and if I would install tomcat7, it would give me an /etc/tomcat7 – not a 
/etc/tomcat

and, here on debian, there is no such dir. /usr/libexec.
seems that the unitfile is more a centos one.


but: 

systemctl status pki-tomcatd.service
● pki-tomcatd.service - LSB: Start pki-tomcatd at boot time
   Loaded: loaded (/etc/init.d/pki-tomcatd)
   Active: active (running) since Di 2014-12-09 13:25:12 CET; 10h ago
   CGroup: 
/user.slice/user-0.slice/session-5.scope/system.slice/pki-tomcatd.service
           └─676 /usr/lib/jvm/default-java/bin/java 
-Djava.util.logging.config.file=/var/lib/pki/pki-tomcat/conf/logging.properties 
-Djava.util.log...

Dez 09 13:25:12 ipa pki-tomcatd[484]: .
Dez 09 13:25:12 ipa systemd[1]: Started LSB: Start pki-tomcatd at boot time.


which is started with a /etc/init.d/pki-tomcatd script, not systemd-unit-file – 
yet.

> 
> Ade

thx,
guenter

> 
> > a second service fails to start:
> > 
> > $ systemctl status dirsrv-snmp.service
> > ● dirsrv-snmp.service - 389 Directory Server SNMP Subagent.
> >    Loaded: loaded (/lib/systemd/system/dirsrv-snmp.service; enabled)
> >    Active: failed (Result: exit-code) since Di 2014-12-09 13:25:04 CET; 
> > 5min ago
> >   Process: 156 ExecStart=/usr/sbin/ldap-agent 
> > /etc/dirsrv/config/ldap-agent.conf (code=exited, status=1/FAILURE)
> > 
> > Dez 09 13:25:04 ipa systemd[1]: Starting 389 Directory Server SNMP 
> > Subagent....
> > Dez 09 13:25:04 ipa ldap-agent[156]: ldap-agent: No server instances 
> > defined in config file
> > Dez 09 13:25:04 ipa systemd[1]: dirsrv-snmp.service: control process 
> > exited, code=exited status=1
> > Dez 09 13:25:04 ipa systemd[1]: Failed to start 389 Directory Server SNMP 
> > Subagent..
> > Dez 09 13:25:04 ipa systemd[1]: Unit dirsrv-snmp.service entered failed 
> > state.
> > 
> > 
> > except these, I was able to subscribe a jessie-client with autodiscovery 
> > right after I did configure the ipa-server, before first reboot.
> > 
> > 
> > any help appreciated, since I do not have much experience with IPA – yet.
> > guenter
> 
> 

Attachment: pki-tomcat-fail-on-jessie.tar.xz
Description: application/xz-compressed-tar

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project

Reply via email to