[Freeipa] [Bug 1890786] Re: ipa-client-install fails on restarting non-existing chronyd.service
Any chance of getting this fixed released for Ubuntu 12.04? It is still on package 4.8.6-1ubuntu2. -- You received this bug notification because you are a member of FreeIPA, which is subscribed to freeipa in Ubuntu. https://bugs.launchpad.net/bugs/1890786 Title: ipa-client-install fails on restarting non-existing chronyd.service Status in freeipa package in Ubuntu: Fix Released Bug description: DistroRelease: Ubuntu 20.10 Package: freeipa-client 4.8.6-1ubuntu2 Client install fails: * LANG=C /usr/sbin/ipa-client-install --domain cockpit.lan --realm COCKPIT.LAN --mkhomedir --enable-dns-updates --unattended --force-join --principal admin -W --force-ntpd Option --force-ntpd has been deprecated and will be removed in a future release. Discovery was successful! Client hostname: x0.cockpit.lan Realm: COCKPIT.LAN DNS Domain: cockpit.lan IPA Server: f0.cockpit.lan BaseDN: dc=cockpit,dc=lan Synchronizing time No SRV records of NTP servers found and no NTP server or pool address was provided. CalledProcessError(Command ['/bin/systemctl', 'restart', 'chronyd.service'] returned non-zero exit status 5: 'Failed to restart chronyd.service: Unit chronyd.service not found.\n') The ipa-client-install command failed. See /var/log/ipaclient-install.log for more information /var/log/ipaclient-install.log basically says the same, just with a giant Traceback for CalledProcessError. freeipa-client could depend on chronyd, but IMHO it would be better to make this non-fatal. If one uses systemd-timesyncd (as we do by default in Ubuntu), that should be fine? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/freeipa/+bug/1890786/+subscriptions ___ Mailing list: https://launchpad.net/~freeipa Post to : freeipa@lists.launchpad.net Unsubscribe : https://launchpad.net/~freeipa More help : https://help.launchpad.net/ListHelp
[Freeipa] [Bug 1879083] Re: default sssd.conf after ipa-client-install crashes sssd
Any chance of getting this fixed released for Ubuntu 12.04? It is still on package 4.8.6-1ubuntu2. -- You received this bug notification because you are a member of FreeIPA, which is subscribed to freeipa in Ubuntu. https://bugs.launchpad.net/bugs/1879083 Title: default sssd.conf after ipa-client-install crashes sssd Status in freeipa package in Ubuntu: Fix Released Bug description: Notice ipa-client-install creates /etc/sssd/sssd.conf but changes in the sssd process's socket approach calls for that file to change /etc/sssd.conf from ... [sssd] services = nss, pam, ssh, sud ... to [sssd] #services = nss, pam, ssh, sud otherwise the sssd service either won't start or complains. ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: freeipa-client 4.8.6-1ubuntu2 ProcVersionSignature: Ubuntu 5.4.0-29.33-generic 5.4.30 Uname: Linux 5.4.0-29-generic x86_64 ApportVersion: 2.20.11-0ubuntu27 Architecture: amd64 CasperMD5CheckResult: skip CurrentDesktop: MATE Date: Sat May 16 12:51:21 2020 InstallationDate: Installed on 2020-05-13 (2 days ago) InstallationMedia: Ubuntu-MATE 20.04 LTS "Focal Fossa" - Release amd64 (20200423) SourcePackage: freeipa UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/freeipa/+bug/1879083/+subscriptions ___ Mailing list: https://launchpad.net/~freeipa Post to : freeipa@lists.launchpad.net Unsubscribe : https://launchpad.net/~freeipa More help : https://help.launchpad.net/ListHelp
[Freeipa] [Bug 1769440] Re: freeipa server install fails - named-pkcs11 fails to run
** Also affects: bind9 (Ubuntu Bionic) Importance: Undecided Status: New ** Also affects: freeipa (Ubuntu Bionic) Importance: Undecided Status: New ** No longer affects: freeipa (Ubuntu Bionic) -- You received this bug notification because you are a member of FreeIPA, which is subscribed to freeipa in Ubuntu. https://bugs.launchpad.net/bugs/1769440 Title: freeipa server install fails - named-pkcs11 fails to run Status in bind9 package in Ubuntu: Fix Released Status in freeipa package in Ubuntu: Invalid Status in bind9 source package in Bionic: New Bug description: [Impact] Using RTLD_DEEPBIND in bind9 causes the FreeIPA serve install to fail. This patch, also applied in fedora and debian, disables use of RTLD_DEEPBIND. https://src.fedoraproject.org/rpms/bind/c/3d5ea105bd877f0069452e450320f8877b01cb52?branch=master https://salsa.debian.org/dns-team/bind9/commit/afc6b5fe2e359e4e7eadc256cd94481965418b4b [Test Case] # uvt-kvm create --memory 2048 cosmic-freeipa release=cosmic label=daily # uvt-kvm wait cosmic-freeipa # uvt-kvm ssh cosmic-freeipa Inside vm: # sudo su # apt purge -y cloud-init # echo "cosmic-freeipa.example.com" >/etc/hostname # sed -i 's/127.0.1.1.*cosmic.*//g' /etc/hosts # echo "$(ip addr | grep 'state UP' -A2 | tail -n1 | awk '{print $2}' | cut -f1 -d'/') cosmic-freeipa.example.com" >>/etc/hosts # apt update # apt dist-upgrade -y # reboot # apt install -y freeipa-server * Default Kerberos realm: EXAMPLE.COM * Kerberos servers: cosmic-freeipa.example.com * Administrative server: cosmic-freeipa.example.com Get machine's ip address. You'll be using the x.x.x.1 address for the DNS forwarder # ip addr # ipa-server-install --allow-zone-overlap * Do you want to configure integrated DNS (BIND): YES * Server host name: cosmic-freeipa.example.com * Please confirm the domain name: example.com * Please provide a realm name: EXAMPLE.COM * Directory Manager password: (anything) * IPA admin password: (anything) * Do you want to configure DNS forwarders: yes * Do you want to configure these servers as DNS forwarders?: no * Enter an IP address for a DNS forwarder, or press Enter to skip: (x.x.x.1 address from before) * Do you want to search for missing reverse zones?: yes Installation should fail. [Regression Potential] In theory, if another library with the exact same symbol is loaded, bind9 may end up calling the wrong function. This is, however, a potential problem with any program that loads shared libraries. [Original Description] Setting up FreeIPA server fails at "Configuring the web interface", step 12/21 It's in a cleanly started LXC Ubuntu Bionic container. The ppa:freeipa/ppa is also used to get tomcat 8.5.30-1ubuntu1.2 Configuring the web interface (httpd) [1/21]: stopping httpd [2/21]: backing up ssl.conf [3/21]: disabling nss.conf [4/21]: configuring mod_ssl certificate paths [5/21]: setting mod_ssl protocol list to TLSv1.0 - TLSv1.2 [6/21]: configuring mod_ssl log directory [7/21]: disabling mod_ssl OCSP [8/21]: adding URL rewriting rules [9/21]: configuring httpd [10/21]: setting up httpd keytab [11/21]: configuring Gssproxy [12/21]: setting up ssl [error] RuntimeError: Certificate issuance failed (CA_REJECTED) ipapython.admintool: ERRORCertificate issuance failed (CA_REJECTED) ipapython.admintool: ERRORThe ipa-server-install command failed. See /var/log/ipaserver-install.log for more information and in the log there is 2018-05-05T20:37:29Z DEBUG stderr= 2018-05-05T20:37:29Z DEBUG step duration: httpd configure_gssproxy 1.09 sec 2018-05-05T20:37:29Z DEBUG [12/21]: setting up ssl 2018-05-05T20:37:33Z DEBUG certmonger request is in state dbus.String(u'GENERATING_KEY_PAIR', variant_level=1) 2018-05-05T20:37:38Z DEBUG certmonger request is in state dbus.String(u'CA_REJECTED', variant_level=1) 2018-05-05T20:37:42Z DEBUG Traceback (most recent call last): File "/usr/lib/python2.7/dist-packages/ipaserver/install/service.py", line 555, in start_creation run_step(full_msg, method) File "/usr/lib/python2.7/dist-packages/ipaserver/install/service.py", line 541, in run_step method() File "/usr/lib/python2.7/dist-packages/ipaserver/install/httpinstance.py", line 376, in __setup_ssl passwd_fname=key_passwd_file File "/usr/lib/python2.7/dist-packages/ipalib/install/certmonger.py", line 320, in request_and_wait_for_cert raise RuntimeError("Certificate issuance failed ({})".format(state)) RuntimeError: Certificate issuance failed (CA_REJECTED) 2018-05-05T20:37:42Z DEBUG [error] RuntimeError: Certificate issuance failed (CA_REJECTED) 2018-05-05T20:37:42Z DEBUG File "/usr/lib/python2.7/dist-packages/ipapython/admintool.py", line 174, in exec ute ... To manage notifications about this bug go to:
[Freeipa] [Bug 1784399] Re: package freeipa-server 4.7.0~pre1+git20180411-2ubuntu2 failed to install/upgrade: installed freeipa-server package post-installation script subprocess returned error exit s
$ sudo apt-get install freeipa-client Reading package lists... Done Building dependency tree Reading state information... Done freeipa-client is already the newest version (4.3.1-0ubuntu1). The following package was automatically installed and is no longer required: snap-confine Use 'sudo apt autoremove' to remove it. 0 upgraded, 0 newly installed, 0 to remove and 18 not upgraded. 1 not fully installed or removed. After this operation, 0 B of additional disk space will be used. Do you want to continue? [Y/n] y Setting up freeipa-client (4.3.1-0ubuntu1) ... dpkg: error processing package freeipa-client (--configure): subprocess installed post-installation script returned error exit status 1 Errors were encountered while processing: freeipa-client localepurge: Disk space freed in /usr/share/locale: 0 KiB localepurge: Disk space freed in /usr/share/man: 0 KiB Total disk space freed by localepurge: 0 KiB E: Sub-process /usr/bin/dpkg returned an error code (1) -- You received this bug notification because you are a member of FreeIPA, which is subscribed to freeipa in Ubuntu. https://bugs.launchpad.net/bugs/1784399 Title: package freeipa-server 4.7.0~pre1+git20180411-2ubuntu2 failed to install/upgrade: installed freeipa-server package post-installation script subprocess returned error exit status 1 Status in freeipa package in Ubuntu: Confirmed Bug description: I was trying to upgrade a freeipa server running ubuntu 16.04 to 18.04. ProblemType: Package DistroRelease: Ubuntu 18.04 Package: freeipa-server 4.7.0~pre1+git20180411-2ubuntu2 ProcVersionSignature: Ubuntu 4.15.0-29.31~16.04.1-generic 4.15.18 Uname: Linux 4.15.0-29-generic x86_64 ApportVersion: 2.20.9-0ubuntu7.2 Architecture: amd64 Date: Mon Jul 30 14:32:34 2018 ErrorMessage: installed freeipa-server package post-installation script subprocess returned error exit status 1 InstallationDate: Installed on 2018-05-29 (62 days ago) InstallationMedia: Ubuntu-Server 16.04.3 LTS "Xenial Xerus" - Release amd64 (20170801) Python3Details: /usr/bin/python3.6, Python 3.6.5, python3-minimal, 3.6.5-3ubuntu1 PythonDetails: /usr/bin/python2.7, Python 2.7.15rc1, python-minimal, 2.7.15~rc1-1 RelatedPackageVersions: dpkg 1.19.0.5ubuntu2 apt 1.6.3 SourcePackage: freeipa Title: package freeipa-server 4.7.0~pre1+git20180411-2ubuntu2 failed to install/upgrade: installed freeipa-server package post-installation script subprocess returned error exit status 1 UpgradeStatus: Upgraded to bionic on 2018-07-30 (0 days ago) modified.conffile..etc.default.ipa-dnskeysyncd: [modified] mtime.conffile..etc.default.ipa-dnskeysyncd: 2018-06-19T16:17:32.099908 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/freeipa/+bug/1784399/+subscriptions ___ Mailing list: https://launchpad.net/~freeipa Post to : freeipa@lists.launchpad.net Unsubscribe : https://launchpad.net/~freeipa More help : https://help.launchpad.net/ListHelp