Re: [Freeipa-users] ipa-server-install fails at last leg?

Wed, 14 Oct 2015 07:19:27 -0700 

On 14/10/15 07:56, Martin Kosek wrote:

On 10/13/2015 12:23 PM, lejeczek wrote:

dear all,

my first try at ipa server, I get this when install fails:

Hi lejeczek,

Can you please start with specifying your IPA version?

http://www.freeipa.org/page/Troubleshooting#Reporting_bugs

it's: ipa-server-4.1.0-18.sl7_1.4.x86_64
and I did file a report before asking the list, also attached a log there. I'm now trying a plain vanilla virtual system and it succeeded there. Where to start troubleshooting it, it seems like that java process hangs on while installer tries to restart httpd. 


   [15/16]: restarting httpd
   [error] CalledProcessError: Command ''/bin/systemctl' 'restart'
'httpd.service'' returned non-zero exit status 1
Unexpected error - see /var/log/ipaserver-install.log for details:
CalledProcessError: Command ''/bin/systemctl' 'restart' 'httpd.service''
returned non-zero exit status 1

then I can see that httpd fails to restart for:

Starting The Apache HTTP Server...
(98)Address already in use: AH00072: make_sock: could not bind to address
[::]:8443
(98)Address already in use: AH00072: make_sock: could not bind to address
0.0.0.0:8443
no listening sockets available, shutting down

and port is bound by:

UID        PID  PPID  C    SZ   RSS PSR STIME TTY          TIME CMD
pkiuser   5330     1  1 2128224 494604 5 11:00 ?       00:00:16 java
-agentpath:/usr/lib64/libabrt-java-connector.so=abrt=on
-DRESTEASY_LIB=/usr/share/java/resteasy-base -classpath
/usr/share/tomcat/bin/bootstrap.jar:/usr/share/tomcat/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar
-Dcatalina.base=/var/lib/pki/pki-tomcat -Dcatalina.home=/usr/share/tomcat
-Djava.endorsed.dirs= -Djava.io.tmpdir=/var/lib/pki/pki-tomcat/temp
-Djava.util.logging.config.file=/var/lib/pki/pki-tomcat/conf/logging.properties
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
-Djava.security.manager
-Djava.security.policy==/var/lib/pki/pki-tomcat/conf/catalina.policy
org.apache.catalina.startup.Bootstrap start

and this is as you can see, the process, the result of the ipa-server-install
itself.
Any suggestions as what is the problem there?

It is expected that Dogtag takes over port 8443. What FreeIPA does is
re-configure installed mod_nss (nss.conf) originally listening on 8443 to
occupy port 443  instead.

So this failure likely means that something else is bound to port 8443, whether
it is other Apache module or other program.

I would start with
# netstat -putna run before the installation to see what's it.

Upstream wise, there should be a check since
https://fedorahosted.org/freeipa/ticket/4564



--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to