Also, if I touch /etc/pki/default.cfg, it still fails, because /etc/pki/pki.conf doesn't exist and isn't created by anything. If pki is supposed to be configured prior to installing ipa, as a stand alone server separate from ipa, having that documented might be a good idea. As it is it appears ipa needs to configure the service to manage it, and it doesn't appear to actually be doing that.
-- You received this bug notification because you are a member of FreeIPA, which is subscribed to freeipa in Ubuntu. https://bugs.launchpad.net/bugs/1698309 Title: free-ipa-server install fails Status in freeipa package in Ubuntu: New Bug description: clean install ubuntu 16.04, kernel 4.4.0-79, running ipa-server- install after installing freeipa-server always fails. It successfully gets through all 46 previous steps, and fails on pki-tomcatd: Configuring certificate server (pki-tomcatd). Estimated time: 3 minutes 30 seconds [1/28]: creating certificate server user [2/28]: configuring certificate server instance ipa.ipaserver.install.cainstance.CAInstance: CRITICAL Failed to configure CA instance: Command '/usr/sbin/pkispawn -s CA -f /tmp/tmpIHv1S_' returned non-zero exit status 255 ipa.ipaserver.install.cainstance.CAInstance: CRITICAL See the installation logs and the following files/directories for more information: ipa.ipaserver.install.cainstance.CAInstance: CRITICAL /var/log/pki/pki-tomcat [error] RuntimeError: CA configuration failed. ipa.ipapython.install.cli.install_tool(Server): ERROR CA configuration failed. ipa.ipapython.install.cli.install_tool(Server): ERROR The ipa-server-install command failed. See /var/log/ipaserver-install.log for more information CA configuration failed. Something is certainly wrong when the software can't be installed on a newly installed ubuntu box. Namely, the script seems to choke when trying to write out the config file: 2017-06-16T07:09:49Z DEBUG args=/usr/sbin/pkispawn -s CA -f /tmp/tmpIHv1S_ 2017-06-16T07:09:49Z DEBUG Process finished, return code=255 2017-06-16T07:09:49Z DEBUG stdout=ERROR: File '/etc/pki/default.cfg' is either missing or is NOT a regular file! usage: pkispawn [-s <subsystem>] [-h] [-v] [-p <prefix>] [-f <file>] PKI Instance Installation and Configuration There's nowhere in the documentation, in the script, in the packages, anywhere, that says I should first create a /etc/pki/default.cfg file, nor what that file should contain (it appears the script is trying to generate that file itself but doesn't). A fix would be appreciated. ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: freeipa-server 4.3.1-0ubuntu1 ProcVersionSignature: Ubuntu 4.4.0-79.100-generic 4.4.67 Uname: Linux 4.4.0-79-generic x86_64 ApportVersion: 2.20.1-0ubuntu2.6 Architecture: amd64 Date: Fri Jun 16 00:12:29 2017 InstallationDate: Installed on 2017-05-05 (41 days ago) InstallationMedia: Ubuntu-Server 16.04.2 LTS "Xenial Xerus" - Release amd64 (20170215.8) ProcEnviron: TERM=xterm-color PATH=(custom, no user) XDG_RUNTIME_DIR=<set> LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: freeipa UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/freeipa/+bug/1698309/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~freeipa Post to : firstname.lastname@example.org Unsubscribe : https://launchpad.net/~freeipa More help : https://help.launchpad.net/ListHelp