On 14/10/15 07:56, Martin Kosek wrote:
On 10/13/2015 12:23 PM, lejeczek wrote:
dear all,
my first try at ipa server, I get this when install fails:
Hi lejeczek,
Can you please start with specifying your IPA version?
http://www.freeipa.org/page/Troubleshooting#Reporting_bugs
it's: ipa-server-4.1.0-18.sl7_1.4.x86_64
and I did file a report before asking the list, also
attached a log there.
I'm now trying a plain vanilla virtual system and it
succeeded there.
Where to start troubleshooting it, it seems like that java
process hangs on while installer tries to restart httpd.
[15/16]: restarting httpd
[error] CalledProcessError: Command ''/bin/systemctl' 'restart'
'httpd.service'' returned non-zero exit status 1
Unexpected error - see /var/log/ipaserver-install.log for details:
CalledProcessError: Command ''/bin/systemctl' 'restart' 'httpd.service''
returned non-zero exit status 1
then I can see that httpd fails to restart for:
Starting The Apache HTTP Server...
(98)Address already in use: AH00072: make_sock: could not bind to address
[::]:8443
(98)Address already in use: AH00072: make_sock: could not bind to address
0.0.0.0:8443
no listening sockets available, shutting down
and port is bound by:
UID PID PPID C SZ RSS PSR STIME TTY TIME CMD
pkiuser 5330 1 1 2128224 494604 5 11:00 ? 00:00:16 java
-agentpath:/usr/lib64/libabrt-java-connector.so=abrt=on
-DRESTEASY_LIB=/usr/share/java/resteasy-base -classpath
/usr/share/tomcat/bin/bootstrap.jar:/usr/share/tomcat/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar
-Dcatalina.base=/var/lib/pki/pki-tomcat -Dcatalina.home=/usr/share/tomcat
-Djava.endorsed.dirs= -Djava.io.tmpdir=/var/lib/pki/pki-tomcat/temp
-Djava.util.logging.config.file=/var/lib/pki/pki-tomcat/conf/logging.properties
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
-Djava.security.manager
-Djava.security.policy==/var/lib/pki/pki-tomcat/conf/catalina.policy
org.apache.catalina.startup.Bootstrap start
and this is as you can see, the process, the result of the ipa-server-install
itself.
Any suggestions as what is the problem there?
It is expected that Dogtag takes over port 8443. What FreeIPA does is
re-configure installed mod_nss (nss.conf) originally listening on 8443 to
occupy port 443 instead.
So this failure likely means that something else is bound to port 8443, whether
it is other Apache module or other program.
I would start with
# netstat -putna run before the installation to see what's it.
Upstream wise, there should be a check since
https://fedorahosted.org/freeipa/ticket/4564
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project