On 03/25/2015 04:11 AM, Dmitri Pal wrote:
> On 03/24/2015 09:17 PM, Anthony Lanni wrote:
>> While running ipa-server-install, it's failing out at the end with an error
>> regarding the client install on the server. This happens regardless of how I
>> input the options, but here's the latest command:
>>
>> ipa-server-install --setup-dns -N --idstart=1000 -r EXAMPLE.COM
>> <http://EXAMPLE.COM> -n example.com <http://example.com> -p passwd1 -a
>> passwd2 --hostname=ldap-server-01.example.com
>> <http://ldap-server-01.example.com> --forwarder=10.0.1.20
>> --forwarder=10.0.1.21 --reverse-zone=1.0.10.in-addr.arpa. -d
>>
>> Runs through the entire setup and gives me this:
>>
>> [...]
>> ipa         : DEBUG  args=/usr/sbin/ipa-client-install --on-master
>> --unattended --domain example.com <http://example.com> --server
>> ldap-server-01.example.com <http://ldap-server-01.example.com> --realm
>> EXAMPLE.COM <http://EXAMPLE.COM> --hostname ldap-server-01.example.com
>> <http://ldap-server-01.example.com>
>> ipa         : DEBUG    stdout=
>>
>> ipa         : DEBUG    stderr=Hostname: ldap-server-01.example.com
>> <http://ldap-server-01.example.com>
>> Realm: EXAMPLE.COM <http://EXAMPLE.COM>
>> DNS Domain: example.com <http://example.com>
>> IPA Server: ldap-server-01.example.com <http://ldap-server-01.example.com>
>> BaseDN: dc=example,dc=com
>> New SSSD config will be created
>> Configured /etc/sssd/sssd.conf
>> Traceback (most recent call last):
>>   File "/usr/sbin/ipa-client-install", line 2377, in <module>
>>     sys.exit(main())
>>   File "/usr/sbin/ipa-client-install", line 2363, in main
>>     rval = install(options, env, fstore, statestore)
>>   File "/usr/sbin/ipa-client-install", line 2135, in install
>> delete_persistent_client_session_data(host_principal)
>>   File "/usr/lib/python2.6/site-packages/ipalib/rpc.py", line 124, in
>> delete_persistent_client_session_data
>>     kernel_keyring.del_key(keyname)
>>   File "/usr/lib/python2.6/site-packages/ipapython/kernel_keyring.py", line
>> 99, in del_key
>>     real_key = get_real_key(key)
>>   File "/usr/lib/python2.6/site-packages/ipapython/kernel_keyring.py", line
>> 45, in get_real_key
>>     (stdout, stderr, rc) = run(['keyctl', 'search', KEYRING, KEYTYPE, key],
>> raiseonerr=False)
> 
> Is keyctl installed? Can you run it manually?
> Any SELinux denials?

You are likely hitting
https://fedorahosted.org/freeipa/ticket/3808

Please try installing keyutils before running ipa-server-install. It is fixed
in RHEL-7, I filed us a RHEL-6 ticket, to fix it in this platform also:
https://bugzilla.redhat.com/show_bug.cgi?id=1205660

Martin

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to