On 04/28/2016 08:14 PM, Hosakote Nagesh, Pawan wrote: > Hi, > I am planning to deploy FreeIPA Client in a docker where my Apps are > running. However I hit a road block as there seems to be problem with the > docker’s hostname settings > In DNS records.
CCing Jan on this one. Did you try to use SSSD Docker container we already have instead? https://hub.docker.com/r/fedora/sssd/ https://www.adelton.com/docs/docker/fedora-sssd-container Martin > Debug Log > ——————— > > ipa-client-install --hostname=`hostname -f` --mkhomedir -N --force-join > —debug > > . > > . > > . > > . > > debug > > zone phx01.eaz.ebayc3.com. > > update delete </docker/_container_fqdn>. IN A > > show > > send > > update add </docker/_container_fqdn>. 1200 IN A 172.17.0.3 > > show > > send > > > Starting external process > > args=/usr/bin/nsupdate -g /etc/ipa/.dns_update.txt > > Process execution failed > > Traceback (most recent call last): > > File "/usr/sbin/ipa-client-install", line 2603, in <module> > > sys.exit(main()) > > File "/usr/sbin/ipa-client-install", line 2584, in main > > rval = install(options, env, fstore, statestore) > > File "/usr/sbin/ipa-client-install", line 2387, in install > > client_dns(cli_server[0], hostname, options.dns_updates) > > File "/usr/sbin/ipa-client-install", line 1423, in client_dns > > update_dns(server, hostname) > > File "/usr/sbin/ipa-client-install", line 1410, in update_dns > > if do_nsupdate(update_txt): > > File "/usr/sbin/ipa-client-install", line 1346, in do_nsupdate > > ipautil.run(['/usr/bin/nsupdate', '-g', UPDATE_FILE]) > > File "/usr/lib/python2.7/dist-packages/ipapython/ipautil.py", line 303, in > run > > close_fds=True, env=env, cwd=cwd) > > File "/usr/lib/python2.7/subprocess.py", line 710, in __init__ > > errread, errwrite) > > File "/usr/lib/python2.7/subprocess.py", line 1327, in _execute_child > > raise child_exception > > OSError: [Errno 2] No such file or directory > > > > As a Follow up question I also wanted to know why is absolutely necessary for > Kerberos Client to have hostname? Wont Client initiate the connection and > FreeIPA server can take it from there. > If so what is the need of FQDN for FreeIPA client at all? > > - > Best, > Pawan > > -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project