Preferably in debian first, since I'm not sure what possible issues it might bring. Need to discuss it with Mike.
-- You received this bug notification because you are a member of FreeIPA, which is subscribed to freeipa in Ubuntu. https://bugs.launchpad.net/bugs/1024765 Title: ipa-client-install failes at certutil stage because /etc/pki doesn't exist Status in “freeipa” package in Ubuntu: New Status in “nss” package in Ubuntu: Confirmed Status in “nss” package in Debian: Confirmed Bug description: Dear Colleagues, ipa-client-install fails at the import stage of the freeipa server cert. Created /etc/ipa/default.conf New SSSD config will be created. Configured /etc/sssd/sssd.conf Traceback (most recent call last): File "/usr/sbin/ipa-client-install", line 1292, in <module> sys.exit(main()) File "/usr/sbin/ipa-client-install", line 1279, in main rval = install(options, env, fstore, statestore) File "/usr/sbin/ipa-client-install", line 1124, in install run(["/usr/bin/certutil", "-A", "-d", "/etc/pki/nssdb", "-n", "IPA CA", "-t", "CT,C,C", "-a", "-i", "/etc/ipa/ca.crt"]) File "/usr/lib/python2.7/dist-packages/ipapython/ipautil.py", line 273, in run raise CalledProcessError(p.returncode, args) subprocess.CalledProcessError: Command '/usr/bin/certutil -A -d /etc/pki/nssdb -n IPA CA -t CT,C,C -a -i /etc/ipa/ca.crt' returned non-zero exit status 255 It looks like the patch create_client_dirs.patch needs to be refreshed to: 1. check if /etc/pki exists 2. if not, create it this is important especially for debian and ubuntu, because /etc/pki is/was fedora/rhel specific Regards, \sh To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/freeipa/+bug/1024765/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~freeipa Post to : firstname.lastname@example.org Unsubscribe : https://launchpad.net/~freeipa More help : https://help.launchpad.net/ListHelp