On 03/25/2015 04:11 AM, Dmitri Pal wrote: > On 03/24/2015 09:17 PM, Anthony Lanni wrote: >> While running ipa-server-install, it's failing out at the end with an error >> regarding the client install on the server. This happens regardless of how I >> input the options, but here's the latest command: >> >> ipa-server-install --setup-dns -N --idstart=1000 -r EXAMPLE.COM >> <http://EXAMPLE.COM> -n example.com <http://example.com> -p passwd1 -a >> passwd2 --hostname=ldap-server-01.example.com >> <http://ldap-server-01.example.com> --forwarder=10.0.1.20 >> --forwarder=10.0.1.21 --reverse-zone=1.0.10.in-addr.arpa. -d >> >> Runs through the entire setup and gives me this: >> >> [...] >> ipa : DEBUG args=/usr/sbin/ipa-client-install --on-master >> --unattended --domain example.com <http://example.com> --server >> ldap-server-01.example.com <http://ldap-server-01.example.com> --realm >> EXAMPLE.COM <http://EXAMPLE.COM> --hostname ldap-server-01.example.com >> <http://ldap-server-01.example.com> >> ipa : DEBUG stdout= >> >> ipa : DEBUG stderr=Hostname: ldap-server-01.example.com >> <http://ldap-server-01.example.com> >> Realm: EXAMPLE.COM <http://EXAMPLE.COM> >> DNS Domain: example.com <http://example.com> >> IPA Server: ldap-server-01.example.com <http://ldap-server-01.example.com> >> BaseDN: dc=example,dc=com >> New SSSD config will be created >> Configured /etc/sssd/sssd.conf >> Traceback (most recent call last): >> File "/usr/sbin/ipa-client-install", line 2377, in <module> >> sys.exit(main()) >> File "/usr/sbin/ipa-client-install", line 2363, in main >> rval = install(options, env, fstore, statestore) >> File "/usr/sbin/ipa-client-install", line 2135, in install >> delete_persistent_client_session_data(host_principal) >> File "/usr/lib/python2.6/site-packages/ipalib/rpc.py", line 124, in >> delete_persistent_client_session_data >> kernel_keyring.del_key(keyname) >> File "/usr/lib/python2.6/site-packages/ipapython/kernel_keyring.py", line >> 99, in del_key >> real_key = get_real_key(key) >> File "/usr/lib/python2.6/site-packages/ipapython/kernel_keyring.py", line >> 45, in get_real_key >> (stdout, stderr, rc) = run(['keyctl', 'search', KEYRING, KEYTYPE, key], >> raiseonerr=False) > > Is keyctl installed? Can you run it manually? > Any SELinux denials?
You are likely hitting https://fedorahosted.org/freeipa/ticket/3808 Please try installing keyutils before running ipa-server-install. It is fixed in RHEL-7, I filed us a RHEL-6 ticket, to fix it in this platform also: https://bugzilla.redhat.com/show_bug.cgi?id=1205660 Martin -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
