I was a bit premature with my report that it worked ;)
After logging into the PKI page I ended up with this error:
OperationalError at /
no such table: pki_ca
Request Method:
POST
Request URL:
https://192.168.2.25:9393/
Django Version:
1.8.1
Exception Type:
OperationalError
Exception Value:
no such table: pki_ca
Exception Location:
/usr/lib/python2.7/site-packages/django/db/backends/sqlite3/base.py in
execute, line 318
Python Executable:
/bin/python
Python Version:
2.7.5
Python Path:
['/usr/lib64/python27.zip',
'/usr/lib64/python2.7',
'/usr/lib64/python2.7/plat-linux2',
'/usr/lib64/python2.7/lib-tk',
'/usr/lib64/python2.7/lib-old',
'/usr/lib64/python2.7/lib-dynload',
'/usr/lib64/python2.7/site-packages',
'/usr/lib/python2.7/site-packages',
'/usr/local/packetfence-pki',
'/usr/local/packetfence-pki/inverse']
Server time:
Tue, 12 Dec 2017 02:53:21 +0000
And theres a whole lot of traceback that I can show but it will make this
post unreadable
From: E.P. [mailto:ype...@gmail.com]
Sent: Monday, December 11, 2017 6:52 PM
To: 'Durand fabrice'; 'packetfence-users@lists.sourceforge.net'
Subject: RE: [PacketFence-users] PKI installation
Hm
I was stubbornly persisting on this service showing in the output of
netstat.
But now I can have the webpage for PKI come up. Strange
But it looks like it is now working.
I REALLY appreciate your assistance, Fabrice, and the whole effort you do to
create and maintain this product.
I anticipate a pleasure after having it deployed and tuned to our
requirements
Eugene
From: E.P. [mailto:ype...@gmail.com]
Sent: Monday, December 11, 2017 6:44 PM
To: 'Durand fabrice'; packetfence-users@lists.sourceforge.net
Subject: RE: [PacketFence-users] PKI installation
Yes, Fabrice, I made sure I uncommented iptables rules for this service.
Heres the extract from iptables.conf file:
# PacketFence-PKI
-A input-management-if --protocol tcp --match tcp --dport 9393 --jump ACCEPT
-A input-management-if --protocol tcp --match tcp --dport 9292 --jump ACCEPT
Heres the extract from the output of iptables L
Chain input-management-if (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere state NEW tcp
dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:https
ACCEPT tcp -- anywhere anywhere tcp dpt:ies-lm
ACCEPT tcp -- anywhere anywhere tcp dpt:websm
ACCEPT tcp -- anywhere anywhere tcp dpt:arcp
ACCEPT tcp -- anywhere anywhere tcp
dpt:sun-as-jpda
ACCEPT tcp -- anywhere anywhere tcp
dpt:marcam-lm
ACCEPT tcp -- anywhere anywhere tcp
dpt:armtechdaemon
ACCEPT tcp -- anywhere anywhere tcp
dpt:cslistener
ACCEPT tcp -- anywhere anywhere tcp
dpt:mailbox
ACCEPT tcp -- anywhere anywhere tcp
dpt:afs3-prserver
ACCEPT tcp -- anywhere anywhere tcp dpt:radius
ACCEPT udp -- anywhere anywhere udp dpt:radius
ACCEPT tcp -- anywhere anywhere tcp
dpt:radius-acct
ACCEPT udp -- anywhere anywhere udp
dpt:radius-acct
ACCEPT tcp -- anywhere anywhere tcp dpt:mmpft
ACCEPT udp -- anywhere anywhere udp dpt:mmpft
ACCEPT tcp -- anywhere anywhere tcp dpt:radsec
ACCEPT udp -- anywhere anywhere udp
dpt:snmptrap
ACCEPT udp -- anywhere anywhere udp dpt:bootps
ACCEPT tcp -- anywhere anywhere tcp dpt:bootps
ACCEPT tcp -- anywhere anywhere tcp dpt:9392
ACCEPT tcp -- anywhere anywhere tcp dpt:8834
ACCEPT tcp -- anywhere anywhere tcp dpt:9393
And nothing to listen on port 9393
[root@PacketFence-ZEN conf]# netstat -antlp | grep 9393
Press any key to continue...
From: Durand fabrice [mailto:fdur...@inverse.ca]
Sent: Monday, December 11, 2017 6:27 PM
To: E.P.; packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] PKI installation
Yes i already seen that but it listen on IPv4 port, did you updated the file
conf/iptables.conf to allow the port 9393 and restart iptables (pfcmd
service iptables restart)?
Regards
Fabrice
Le 2017-12-11 à 20:45, E.P. a écrit :
Bingo!
That made a trick. I was about to dig down to python packages installation
but really appreciate your input, Fabrice!
So, it looks like packetfence PKI was installed together with all
dependencies:
Installed:
packetfence-pki.noarch 0:1.1.1-1.el7.centos
Dependency Installed:
django-countries.noarch 0:5.0-4.1 python-ldap.x86_64
0:2.4.15-2.el7 python2-asn1crypto.noarch 0:0.22.0-2.el7.centos
python2-django-formtools.noarch 0:1.0-4.1
python2-pyasn1-modules.noarch 0:0.1.9-7.el7
Dependency Updated:
pyOpenSSL.noarch 0:17.2.0-9.1 python-django.noarch 0:1.8.1-3.1
python-django-bash-completion.noarch 0:1.8.1-3.1
python-django-tagging.noarch 0:0.3.6-5.1
Now, I started the service
[root@PacketFence-ZEN ~]# service packetfence-pki start
Reloading systemd: [ OK ]
Starting packetfence-pki (via systemctl): [ OK ]
But here hoes another challenge ;)
I see that port 9393 is open on TCP6, i.e. IPv6 stack. No idea why it
doesnt listen on a regular IPv4 TCP port
[root@PacketFence-ZEN ~]# netstat -ntlpa | grep 9393
tcp6 0 0 :::9393 :::* LISTEN
3914/httpd
Eugene
From: Durand fabrice [mailto:fdur...@inverse.ca]
Sent: Monday, December 11, 2017 3:55 PM
To: E.P.; packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] PKI installation
Ok what you can do now:
rpm -Uvh --force
http://inverse.ca/downloads/PacketFence/CentOS7/extra/x86_64/RPMS/python-cry
ptography-2.0.2-1.1.x86_64.rpm
rpm -Uvh --force
http://inverse.ca/downloads/PacketFence/CentOS7/extra/x86_64/RPMS/python-cry
ptography-vectors-2.0.2-1.1.noarch.rpm
and retry.
Regards
Fabrice
Le 2017-12-11 à 16:40, E.P. a écrit :
Well that helped to some extent to do one more step ahead but didnt move me
closer to packetfence PKI successful installation ;)
Heres what I did:
[root@PacketFence-ZEN ~]# yum install python-django-rest-framework
python-django-bootstrap3 --enablerepo=packetfence,packetfence-extra
Dependencies Resolved
============================================================================
============================================================================
====================
Package Arch
Version Repository
Size
============================================================================
============================================================================
====================
Installing:
python-django-bootstrap3 noarch
5.1.0-4.1 packetfence
45 k
python-django-rest-framework noarch
3.1.1-16.1 packetfence
420 k
Transaction Summary
============================================================================
============================================================================
====================
Install 2 Packages
Total download size: 466 k
Installed size: 1.7 M
Is this ok [y/d/N]: y
Downloading packages:
(1/2): python-django-bootstrap3-5.1.0-4.1.noarch.rpm
| 45 kB 00:00:00
(2/2): python-django-rest-framework-3.1.1-16.1.noarch.rpm
| 420 kB 00:00:01
----------------------------------------------------------------------------
----------------------------------------------------------------------------
--------------------
Total
345 kB/s | 466 kB 00:00:01
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : python-django-rest-framework-3.1.1-16.1.noarch
1/2
Installing : python-django-bootstrap3-5.1.0-4.1.noarch
2/2
Verifying : python-django-bootstrap3-5.1.0-4.1.noarch
1/2
Verifying : python-django-rest-framework-3.1.1-16.1.noarch
2/2
Installed:
python-django-bootstrap3.noarch 0:5.1.0-4.1
python-django-rest-framework.noarch 0:3.1.1-16.1
Complete!
Then on my attempt to install packetfence PKI I was presented with something
more promising:
[root@PacketFence-ZEN ~]# yum install packetfence-pki
--enablerepo=packetfence-extra, packetfence
<snip>
Dependencies Resolved
============================================================================
============================================================================
====================
Package Arch
Version Repository
Size
============================================================================
============================================================================
====================
Installing:
packetfence-pki noarch
1.1.1-1.el7.centos packetfence-extra
552 k
Installing for dependencies:
django-countries noarch
5.0-4.1 packetfence-extra
433 k
python-cryptography x86_64
2.0.2-1.1 packetfence-extra
500 k
python-ldap x86_64
2.4.15-2.el7 base
159 k
python2-asn1crypto noarch
0.22.0-2.el7.centos packetfence-extra
170 k
python2-django-formtools noarch
1.0-4.1 packetfence-extra
87 k
python2-pyasn1-modules noarch
0.1.9-7.el7 base
59 k
Updating for dependencies:
pyOpenSSL noarch
17.2.0-9.1 packetfence-extra
89 k
python-django noarch
1.8.1-3.1 packetfence-extra
3.5 M
python-django-bash-completion noarch
1.8.1-3.1 packetfence-extra
17 k
python-django-tagging noarch
0.3.6-5.1 packetfence-extra
61 k
Transaction Summary
============================================================================
============================================================================
====================
Install 1 Package (+6 Dependent packages)
Upgrade ( 4 Dependent packages)
Total download size: 5.6 M
Is this ok [y/d/N]: y
Downloading packages:
No Presto metadata available for packetfence-extra
(1/11): django-countries-5.0-4.1.noarch.rpm
| 433 kB 00:00:01
(2/11): pyOpenSSL-17.2.0-9.1.noarch.rpm
| 89 kB 00:00:00
(3/11): packetfence-pki-1.1.1-1.el7.centos.noarch.rpm
| 552 kB 00:00:01
(4/11): python-cryptography-2.0.2-1.1.x86_64.rpm
| 500 kB 00:00:02
(5/11): python-django-bash-completion-1.8.1-3.1.noarch.rpm
| 17 kB 00:00:00
(6/11): python-django-tagging-0.3.6-5.1.noarch.rpm
| 61 kB 00:00:00
(7/11): python-ldap-2.4.15-2.el7.x86_64.rpm
| 159 kB 00:00:00
(8/11): python2-asn1crypto-0.22.0-2.el7.centos.noarch.rpm
| 170 kB 00:00:00
(9/11): python2-pyasn1-modules-0.1.9-7.el7.noarch.rpm
| 59 kB 00:00:00
(10/11): python2-django-formtools-1.0-4.1.noarch.rpm
| 87 kB 00:00:00
(11/11): python-django-1.8.1-3.1.noarch.rpm
| 3.5 MB 00:00:10
----------------------------------------------------------------------------
----------------------------------------------------------------------------
--------------------
Total
437 kB/s | 5.6 MB 00:00:13
Running transaction check
Running transaction test
And here another can of worms about python opens up ;)
Im only quoting couple of first lines, as the output of errors is very
long:
Transaction check error:
file /usr/lib64/python2.7/site-packages/cryptography/__about__.py from
install of python-cryptography-2.0.2-1.1.x86_64 conflicts with file from
package python2-cryptography-1.7.2-1.el7.x86_64
file /usr/lib64/python2.7/site-packages/cryptography/__about__.pyc from
install of python-cryptography-2.0.2-1.1.x86_64 conflicts with file from
package python2-cryptography-1.7.2-1.el7.x86_64
Eugene
From: Fabrice Durand [mailto:fdur...@inverse.ca]
Sent: Monday, December 11, 2017 1:27 PM
To: E.P.; packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] PKI installation
Ok so can you try that:
yum install python-django-rest-framework python-django-bootstrap3
--enablerepo=packetfence,packetfence-extra
Le 2017-12-11 à 16:25, E.P. a écrit :
Thank you, Fabrice !
I found this advice earlier, built the cache, no luck, same results:
[root@PacketFence-ZEN ~]# yum makecache
--enablerepo=packetfence,packetfence-extra
<snip>
Metadata Cache Created
[root@PacketFence-ZEN ~]# yum install packetfence-pki
--enablerepo=packetfence-extra, packetfence
<snip>
--> Finished Dependency Resolution
Error: Package: packetfence-pki-1.1.1-1.el7.centos.noarch
(packetfence-extra)
Requires: python-django-rest-framework
Error: Package: packetfence-pki-1.1.1-1.el7.centos.noarch
(packetfence-extra)
Requires: python-django-bootstrap3
Eugene
From: Fabrice Durand via PacketFence-users
[mailto:packetfence-users@lists.sourceforge.net]
Sent: Monday, December 11, 2017 1:21 PM
To: packetfence-users@lists.sourceforge.net
Cc: Fabrice Durand
Subject: Re: [PacketFence-users] PKI installation
Hello Eugene,
can you try:
yum makecache --enablerepo=packetfence,packetfence-extra
yum install packetfence-pki --enablerepo=packetfence-extra, packetfence
Regards
Fabrice
Le 2017-12-11 à 16:03, E.P. via PacketFence-users a écrit :
Hi guys,
Im trying to follow the guide published here:
https://packetfence.org/doc/PacketFence_PKI_Quick_Install_Guide.html
My setup is based on ZEN virtual appliance and I understand it runs CentOS 7
Linux.
Now when Im trying to install packetfence-pki package as in step 3.1.6 of
the above guide I end up with dependency error, e.g.
[root@PacketFence-ZEN ~]# yum install packetfence-pki
--enablerepo=packetfence-extra, packetfence
<snip>
--> Finished Dependency Resolution
Error: Package: packetfence-pki-1.1.1-1.el7.centos.noarch
(packetfence-extra)
Requires: python-django-rest-framework
Error: Package: packetfence-pki-1.1.1-1.el7.centos.noarch
(packetfence-extra)
Requires: python-django-bootstrap3
I tried to look for any solution of this error in the mail archive but cant
see anything meaningful or helpful.
Anyone please advise, will very much appreciate it!
----------------------------------------------------------------------------
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Fabrice Durand
fdur...@inverse.ca :: +1.514.447.4918 (x135) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
--
Fabrice Durand
fdur...@inverse.ca :: +1.514.447.4918 (x135) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users