Good ones. Also Ccing PetrS and MartinB, who were directly involved in these
features and original thread, for reference

On 03/25/2015 11:46 AM, John Obaterspok wrote:
> Hi Jan,
> 
> See:
> https://www.redhat.com/archives/freeipa-users/2015-February/msg00131.html
> https://www.redhat.com/archives/freeipa-users/2014-October/msg00362.html
> 
> -- john
> 
> 2015-03-24 17:58 GMT+01:00 Jan Pazdziora <jpazdzi...@redhat.com>:
> 
>>
>> Hello,
>>
>> after enabling
>>
>>
>> https://copr.fedoraproject.org/coprs/mkosek/freeipa/repo/fedora-20/mkosek-freeipa-fedora-20.repo
>>
>> I've installed
>>
>>         freeipa-server bind bind-dyndb-ldap
>>
>> and run
>>
>>         ipa-server-install --domain example.test
>>
>> The process failed at
>>
>>   [3/7]: setting up kerberos principal
>>   [4/7]: setting up SoftHSM
>>   [error] CalledProcessError: Command ''/usr/bin/softhsm2-util'
>> '--init-token' '--slot' '0' '--label' 'ipaDNSSEC' '--pin' XXXXXXXX
>> '--so-pin' XXXXXXXX' returned non-zero exit status 1
>> Unexpected error - see /var/log/ipaserver-install.log for details:
>> CalledProcessError: Command ''/usr/bin/softhsm2-util' '--init-token'
>> '--slot' '0' '--label' 'ipaDNSSEC' '--pin' XXXXXXXX '--so-pin' XXXXXXXX'
>> returned non-zero exit status 1
>>
>> and the log file ends with
>>
>> 2015-03-24T16:49:51Z DEBUG Saving SO PIN to /etc/ipa/dnssec/softhsm_pin_so
>> 2015-03-24T16:49:51Z DEBUG Initializing tokens
>> 2015-03-24T16:49:51Z DEBUG Starting external process
>> 2015-03-24T16:49:51Z DEBUG args='/usr/bin/softhsm2-util' '--init-token'
>> '--slot' '0' '--label' 'ipaDNSSEC' '--pin' XXXXXXXX '--so-pin' XXXXXXXX
>> 2015-03-24T16:49:51Z DEBUG Process finished, return code=1
>> 2015-03-24T16:49:51Z DEBUG stdout=
>> 2015-03-24T16:49:51Z DEBUG stderr=ERROR: Could not load the library.
>>
>> 2015-03-24T16:49:51Z DEBUG Traceback (most recent call last):
>>   File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
>> line 382, in start_creation
>>     run_step(full_msg, method)
>>   File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
>> line 372, in run_step
>>     method()
>>   File
>> "/usr/lib/python2.7/site-packages/ipaserver/install/dnskeysyncinstance.py",
>> line 293, in __setup_softhsm
>>     ipautil.run(command, nolog=(pin, pin_so,))
>>   File "/usr/lib/python2.7/site-packages/ipapython/ipautil.py", line 346,
>> in run
>>     raise CalledProcessError(p.returncode, arg_string, stdout)
>> CalledProcessError: Command ''/usr/bin/softhsm2-util' '--init-token'
>> '--slot' '0' '--label' 'ipaDNSSEC' '--pin' XXXXXXXX '--so-pin' XXXXXXXX'
>> returned non-zero exit status 1
>>
>> 2015-03-24T16:49:51Z DEBUG   [error] CalledProcessError: Command
>> ''/usr/bin/softhsm2-util' '--init-token' '--slot' '0' '--label' 'ipaDNSSEC'
>> '--pin' XXXXXXXX '--so-pin' XXXXXXXX' returned non-zero exit status 1
>> 2015-03-24T16:49:51Z DEBUG   File
>> "/usr/lib/python2.7/site-packages/ipaserver/install/installutils.py", line
>> 642, in run_script
>>     return_value = main_function()
>>
>>   File "/usr/sbin/ipa-server-install", line 1302, in main
>>     dnskeysyncd.create_instance(api.env.host, api.env.realm)
>>
>>   File
>> "/usr/lib/python2.7/site-packages/ipaserver/install/dnskeysyncinstance.py",
>> line 146, in create_instance
>>     self.start_creation()
>>
>>   File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
>> line 382, in start_creation
>>     run_step(full_msg, method)
>>
>>   File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
>> line 372, in run_step
>>     method()
>>
>>   File
>> "/usr/lib/python2.7/site-packages/ipaserver/install/dnskeysyncinstance.py",
>> line 293, in __setup_softhsm
>>     ipautil.run(command, nolog=(pin, pin_so,))
>>
>>   File "/usr/lib/python2.7/site-packages/ipapython/ipautil.py", line 346,
>> in run
>>     raise CalledProcessError(p.returncode, arg_string, stdout)
>>
>> 2015-03-24T16:49:51Z DEBUG The ipa-server-install command failed,
>> exception: CalledProcessError: Command ''/usr/bin/softhsm2-util'
>> '--init-token' '--slot' '0' '--label' 'ipaDNSSEC' '--pin' XXXXXXXX
>> '--so-pin' XXXXXXXX' returned non-zero exit status 1
>>
>> I've found discussion at
>>
>>
>> https://www.redhat.com/archives/freeipa-users/2014-October/msg00362.html
>>
>> which seems related but it seems the issue is back or was never
>> properly addressed.
>>
>> Attempt to run the command manually fails as well:
>>
>> # SOFTHSM2_CONF=/etc/ipa/dnssec/softhsm2.conf /usr/bin/softhsm2-util
>> '--init-token' '--slot' '0' '--label' 'ipaDNSSEC' '--pin' XXXXXXXX
>> '--so-pin' XXXXXXXX
>> ERROR: Could not load the library.
>>
>> I see the same bug both on host and in container.
>>
>> --
>> Jan Pazdziora
>> Principal Software Engineer, Identity Management Engineering, Red Hat
>>
>> --
>> Manage your subscription for the Freeipa-users mailing list:
>> https://www.redhat.com/mailman/listinfo/freeipa-users
>> Go to http://freeipa.org for more info on the project
>>
> 
> 
> 

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to