[Freeipa-users] IPA3 beta - CA will not install
Hello, I am attempting to install the IPA 3.x beta on Fedora 17 and running into some difficulty. I performed the following steps attempting the install (following setup instructions for FreeIPA 2.2): 1. Download Fedora 17 2. Install Fedora 17 with VMWare 3. add hostname to /etc/hosts - 172.16.112.10 ipaserver.beta.local ipaserver 4. yum update 5. open the following ports on the firewall tcp 80,443,389,636,88,464,53,7839 udp 88,464,53,123 iptables -L ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:https ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ldap ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ldaps ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:kerberos ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:kpasswd ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:domain ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:7389 ACCEPT udp -- anywhere anywhere state NEW udp dpt:kerberos ACCEPT udp -- anywhere anywhere state NEW udp dpt:kpasswd ACCEPT udp -- anywhere anywhere state NEW udp dpt:domain ACCEPT udp -- anywhere anywhere state NEW udp dpt:ntp 6. Disable NetworkManger and enable network 7. reboot 8. add freeipa repository baseurl=http://freeipa.com/downloads/devel/rpms/F$releasever/$basearch 9. yum install freeipa-server bind bind-dyndb-ldap 10. ipa-server-install Attached is the log file. Thanks, Mike ipaserver-install.log Description: Binary data ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] IPA3 beta - CA will not install
On 07/24/2012 03:57 PM, Michael Mercier wrote: Hello, I am attempting to install the IPA 3.x beta on Fedora 17 and running into some difficulty. I performed the following steps attempting the install (following setup instructions for FreeIPA 2.2): 1. Download Fedora 17 2. Install Fedora 17 with VMWare 3. add hostname to /etc/hosts - 172.16.112.10 ipaserver.beta.local ipaserver 4. yum update 5. open the following ports on the firewall tcp 80,443,389,636,88,464,53,7839 udp 88,464,53,123 iptables -L ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:https ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ldap ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ldaps ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:kerberos ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:kpasswd ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:domain ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:7389 ACCEPT udp -- anywhere anywhere state NEW udp dpt:kerberos ACCEPT udp -- anywhere anywhere state NEW udp dpt:kpasswd ACCEPT udp -- anywhere anywhere state NEW udp dpt:domain ACCEPT udp -- anywhere anywhere state NEW udp dpt:ntp 6. Disable NetworkManger and enable network 7. reboot 8. add freeipa repository baseurl=http://freeipa.com/downloads/devel/rpms/F$releasever/$basearch 9. yum install freeipa-server bind bind-dyndb-ldap 10. ipa-server-install Attached is the log file. Thanks, Mike This was reported a while ago, see https://www.redhat.com/archives/freeipa-users/2012-July/msg00167.html for the workaround. -- PetrĀ³ ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] IPA3 beta - CA will not install
Petr Viktorin wrote: On 07/24/2012 03:57 PM, Michael Mercier wrote: Hello, I am attempting to install the IPA 3.x beta on Fedora 17 and running into some difficulty. I performed the following steps attempting the install (following setup instructions for FreeIPA 2.2): 1. Download Fedora 17 2. Install Fedora 17 with VMWare 3. add hostname to /etc/hosts - 172.16.112.10 ipaserver.beta.local ipaserver 4. yum update 5. open the following ports on the firewall tcp 80,443,389,636,88,464,53,7839 udp 88,464,53,123 iptables -L ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:https ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ldap ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ldaps ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:kerberos ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:kpasswd ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:domain ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:7389 ACCEPT udp -- anywhere anywhere state NEW udp dpt:kerberos ACCEPT udp -- anywhere anywhere state NEW udp dpt:kpasswd ACCEPT udp -- anywhere anywhere state NEW udp dpt:domain ACCEPT udp -- anywhere anywhere state NEW udp dpt:ntp 6. Disable NetworkManger and enable network 7. reboot 8. add freeipa repository baseurl=http://freeipa.com/downloads/devel/rpms/F$releasever/$basearch 9. yum install freeipa-server bind bind-dyndb-ldap 10. ipa-server-install Attached is the log file. Thanks, Mike This was reported a while ago, see https://www.redhat.com/archives/freeipa-users/2012-July/msg00167.html for the workaround. Or try updating the pki-* packages to 9.0.21, the packages are in updates-testing. The dogtag team fixed an SELinux issue introduced in a recently selinux-policy update. rob ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
