Re: [Freeipa-devel] Problem with ipa installation: certutil
On Wed, 2009-12-02 at 09:38 -0500, Rob Crittenden wrote: Martin Nagy wrote: Hi, I'm trying to install ipa and am getting a python traceback (attached). It seems that running certutil didn't succeed so I added a debugging print before it's execution and tried to run it manually. This is what I get: # /usr/bin/certutil -d /etc/httpd/alias -S -n 'CA certificate' -s 'cn=IPA Test Certificate Authority' -x -t 'CT,,C' -1 -2 -5 -m 1056 -v 120 -z /etc/httpd/alias/noise.txt -f /etc/httpd/alias/pwdfile.txt certutil -o: unable to open tempcertreq for writing (-5950, 2) Exit 255 (The Exit 255 is from my shell saying that certutil exited returning 255). I did a git grep tempcertreq in freeipa git tree but didn't find anything, so I'm assuming we weren't creating it or anything. Does anyone know what might be causing this error? Martin This message comes directly from certutil itself. It tries to open the file tempcertreq in the cwd. Odd since you are installing this as root, right? Perhaps you are in a directory that no longer exists? Correct. I was in my freeipa git directory when I executed ipa-server-install but had to delete it and clone again in other terminal. I seem to recall running into this in v1 as well and though we did a chdir(). Maybe we do that in some places and not others. Should we make a patch to prevent any future problems like this (even if they are rare)? Maybe at the beginning we could chdir() to our current directory to make sure, and abort if that fails. Martin ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
[Freeipa-devel] Problem with ipa installation: certutil
Hi, I'm trying to install ipa and am getting a python traceback (attached). It seems that running certutil didn't succeed so I added a debugging print before it's execution and tried to run it manually. This is what I get: # /usr/bin/certutil -d /etc/httpd/alias -S -n 'CA certificate' -s 'cn=IPA Test Certificate Authority' -x -t 'CT,,C' -1 -2 -5 -m 1056 -v 120 -z /etc/httpd/alias/noise.txt -f /etc/httpd/alias/pwdfile.txt certutil -o: unable to open tempcertreq for writing (-5950, 2) Exit 255 (The Exit 255 is from my shell saying that certutil exited returning 255). I did a git grep tempcertreq in freeipa git tree but didn't find anything, so I'm assuming we weren't creating it or anything. Does anyone know what might be causing this error? Martin ipa: DEBUG: [Errno 32] Broken pipe File /usr/sbin/ipa-server-install, line 791, in module sys.exit(main()) File /usr/sbin/ipa-server-install, line 673, in main ds.create_instance(ds_user, realm_name, host_name, domain_name, dm_password, self_signed_ca=not options.ca, uidstart=options.uidstart, gidstart=options.gidstart) File /usr/lib/python2.6/site-packages/ipaserver/install/dsinstance.py, line 193, in create_instance self.start_creation(Configuring directory server:) File /usr/lib/python2.6/site-packages/ipaserver/install/service.py, line 171, in start_creation method() File /usr/lib/python2.6/site-packages/ipaserver/install/dsinstance.py, line 342, in __enable_ssl cadb.create_self_signed() File /usr/lib/python2.6/site-packages/ipaserver/install/certs.py, line 826, in create_self_signed self.create_ca_cert() File /usr/lib/python2.6/site-packages/ipaserver/install/certs.py, line 357, in create_ca_cert p.stdin.write(0\n1\n5\n9\ny\n) ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] Problem with ipa installation: certutil
Martin Nagy wrote: Hi, I'm trying to install ipa and am getting a python traceback (attached). It seems that running certutil didn't succeed so I added a debugging print before it's execution and tried to run it manually. This is what I get: # /usr/bin/certutil -d /etc/httpd/alias -S -n 'CA certificate' -s 'cn=IPA Test Certificate Authority' -x -t 'CT,,C' -1 -2 -5 -m 1056 -v 120 -z /etc/httpd/alias/noise.txt -f /etc/httpd/alias/pwdfile.txt certutil -o: unable to open tempcertreq for writing (-5950, 2) Exit 255 (The Exit 255 is from my shell saying that certutil exited returning 255). I did a git grep tempcertreq in freeipa git tree but didn't find anything, so I'm assuming we weren't creating it or anything. Does anyone know what might be causing this error? Martin This message comes directly from certutil itself. It tries to open the file tempcertreq in the cwd. Odd since you are installing this as root, right? Perhaps you are in a directory that no longer exists? I seem to recall running into this in v1 as well and though we did a chdir(). Maybe we do that in some places and not others. rob ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel