I've got a patch that generates empty db's during package build, need to
polish it and send to debian.

** Changed in: nss (Ubuntu)
       Status: Confirmed => In Progress

** Changed in: nss (Ubuntu)
     Assignee: (unassigned) => Timo Aaltonen (tjaalton)

You received this bug notification because you are a member of FreeIPA,
which is subscribed to freeipa in Ubuntu.

  ipa-client-install failes at certutil stage because /etc/pki doesn't

Status in “freeipa” package in Ubuntu:
Status in “nss” package in Ubuntu:
  In Progress
Status in “nss” package in Debian:

Bug description:
  Dear Colleagues,

  ipa-client-install fails at the import stage of the freeipa server

  Created /etc/ipa/default.conf
  New SSSD config will be created.
  Configured /etc/sssd/sssd.conf
  Traceback (most recent call last):
    File "/usr/sbin/ipa-client-install", line 1292, in <module>
    File "/usr/sbin/ipa-client-install", line 1279, in main
      rval = install(options, env, fstore, statestore)
    File "/usr/sbin/ipa-client-install", line 1124, in install
      run(["/usr/bin/certutil", "-A", "-d", "/etc/pki/nssdb", "-n", "IPA CA", 
"-t", "CT,C,C", "-a", "-i", "/etc/ipa/ca.crt"])
    File "/usr/lib/python2.7/dist-packages/ipapython/ipautil.py", line 273, in 
      raise CalledProcessError(p.returncode, args)
  subprocess.CalledProcessError: Command '/usr/bin/certutil -A -d 
/etc/pki/nssdb -n IPA CA -t CT,C,C -a -i /etc/ipa/ca.crt' returned non-zero 
exit status 255

  It looks like the patch create_client_dirs.patch needs to be refreshed to:

  1. check if /etc/pki exists
  2. if not, create it

  this is important especially for debian and ubuntu, because /etc/pki
  is/was fedora/rhel specific



To manage notifications about this bug go to:

Mailing list: https://launchpad.net/~freeipa
Post to     : freeipa@lists.launchpad.net
Unsubscribe : https://launchpad.net/~freeipa
More help   : https://help.launchpad.net/ListHelp

Reply via email to