Re: [Freeipa-users] Unit pki-tomcatd@pki-tomcat.service entered failed state @ vanilla install on jessie – with log attached
> Am Dienstag, 9. Dezember 2014, 23:52:08 schrieb chymian: > > Am Dienstag, 9. Dezember 2014, 09:49:04 schrieb Ade Lee: > > On Tue, 2014-12-09 at 13:54 +0100, chymian wrote: > > > hey people, > > > > > > after a successful install of ipa 4.0.5-2 on jessie, the named services > > > started flawless during setup. see attached log, Installation summary > > > (line 3107) but after reboot, it refuses to start. (did this install a > > > couple times, on vanilla jessie) > > > > > > I can reach & work with Dogtag https://ipa.eb8.lan:8443/ca, but not the > > > admin-services on https://ipa.eb8.lan/ca/ee/ca and > > > https://ipa.eb8.lan/ca/agent/ca. > > > > > > > > > $ systemctl status pki-tomcatd@pki-tomcat.service > > > ● pki-tomcatd@pki-tomcat.service - PKI Tomcat Server pki-tomcat > > > > > >Loaded: loaded (/lib/systemd/system/pki-tomcatd@.service; enabled) > > >Active: failed (Result: resources) > > > > > > Dez 08 20:40:13 ipa systemd[1]: Starting PKI Tomcat Server pki-tomcat... > > > Dez 08 20:40:13 ipa systemd[1]: Failed to load environment files: No > > > such file or directory Dez 08 20:40:13 ipa systemd[1]: > > > pki-tomcatd@pki-tomcat.service failed to run 'start-pre' task: No such > > > file or directory Dez 08 20:40:13 ipa systemd[1]: Failed to start PKI > > > Tomcat Server pki-tomcat. Dez 08 20:40:13 ipa systemd[1]: Unit > > > pki-tomcatd@pki-tomcat.service entered failed state.> > > > Is dogtag actually running? ps -ef |grep java > > it shows: > pkiuser676 1 0 13:25 ?00:00:26 > /usr/lib/jvm/default-java/bin/java > -Djava.util.logging.config.file=/var/lib/pki/pki-tomcat/conf/logging.proper > ties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager > -DRESTEASY_LIB=/usr/share/java/ > -Djava.endorsed.dirs=/usr/share/tomcat7/endorsed -classpath > /usr/share/tomcat7/bin/bootstrap.jar:/var/lib/pki/pki-tomcat/bin/tomcat-jul > i.jar -Dcatalina.base=/var/lib/pki/pki-tomcat > -Dcatalina.home=/usr/share/tomcat7 > -Djava.io.tmpdir=/var/lib/pki/pki-tomcat/temp > org.apache.catalina.startup.Bootstrap start > > is it ment to be, that the dogtag-pki package it’s self is not installed, > just the dogtag-pki-server-theme is and a couple pki-packages… pki-base, > pki-ca, pki-server, pki-tools? > > > You could try restarting it - > > systemctl restart pki-tomcatd@pki-tomcat.service > > fails with same log-msg. > > > The logs should be found in the journal --> > > journalctl -u pki-tomcatd@pki-tomcat.service > > same as above. > > > Other debug logs should be found under /var/log/pki/pki-tomcat/. Please > > provide a tar of that directory. > > attached > > > I am curious what the unit file looks like: On Fedora, its > > at > > /etc/systemd/system/pki-tomcatd.target.wants/pki-tomcatd@pki-tomcat.servi > > ce> > lrwxrwxrwx 1 pkiuser pkiuser 40 Dez 8 20:22 pki-tomcatd@pki-tomcat.service > -> /lib/systemd/system/pki-tomcatd@.service root@ipa > /etc/systemd/system/pki-tomcatd.target.wants > $ cat pki-tomcatd@pki-tomcat.service > [Unit] > Description=PKI Tomcat Server %i > After=pki-tomcatd.target network.target > PartOf=pki-tomcatd.target > > [Service] > Type=simple > EnvironmentFile=/etc/tomcat/tomcat.conf > Environment="NAME=%i" > EnvironmentFile=-/etc/default/%i > ExecStartPre=/usr/bin/pkidaemon start %i > ExecStart=/usr/libexec/tomcat/server start > ExecStop=/usr/libexec/tomcat/server stop > SuccessExitStatus=143 > User=pkiuser > Group=pkiuser > > [Install] > WantedBy=multi-user.target > > > which points to an EnvironmentFile /etc/tomcat/tomcat.conf. Does that > > file exist? > > there is not even an dir. /etc/tomcat/, or rather a tomcat.conf in it. > > this is what was installed: > > ii libtomcat7-java 7.0.56-1 > ii libtomcatjss-java7.1.1-2 > ii tomcat7-common 7.0.56-1 > ii tomcat7-user 7.0.56-1 > > and if I would install tomcat7, it would give me an /etc/tomcat7 – not a > /etc/tomcat > > and, here on debian, there is no such dir. /usr/libexec. > seems that the unitfile is more a centos one. > > > but: > > systemctl status pki-tomcatd.service > ● pki-tomcatd.service - LSB: Start pki-tomcatd at boot time > >Loaded: loaded (/etc/init.d/pki-tomcatd) >Active: active (running) since Di 2014-12-09 13:25:12 CET; 10h ago >CGroup: >/user.slice/user-0.sli
Re: [Freeipa-users] Unit pki-tomcatd@pki-tomcat.service entered failed state @ vanilla install on jessie – with log attached
Am Mittwoch, 10. Dezember 2014, 10:28:17 schrieb thierry bordaz: > On 12/09/2014 11:52 PM, chymian wrote: > >> Am Dienstag, 9. Dezember 2014, 14:10:48 schrieb thierry bordaz: > >> > >> On 12/09/2014 01:54 PM, chymian wrote: > >>> hey people, > >>> > >>> after a successful install of ipa 4.0.5-2 on jessie, the named services > >>> started flawless during setup. see attached log, Installation summary > >>> (line > >>> 3107) but after reboot, it refuses to start. (did this install a couple > >>> times, on vanilla jessie) > >>> > >>> I can reach & work with Dogtag https://ipa.eb8.lan:8443/ca, but not the > >>> admin-services on https://ipa.eb8.lan/ca/ee/ca and > >>> https://ipa.eb8.lan/ca/agent/ca. > >>> > >>> > >>> $ systemctl status pki-tomcatd@pki-tomcat.service > >>> ● pki-tomcatd@pki-tomcat.service - PKI Tomcat Server pki-tomcat > >>> > >>> Loaded: loaded (/lib/systemd/system/pki-tomcatd@.service; enabled) > >>> Active: failed (Result: resources) > >>> > >>> Dez 08 20:40:13 ipa systemd[1]: Starting PKI Tomcat Server pki-tomcat... > >>> Dez 08 20:40:13 ipa systemd[1]: Failed to load environment files: No such > >>> file or directory Dez 08 20:40:13 ipa systemd[1]: > >>> pki-tomcatd@pki-tomcat.service failed to run 'start-pre' task: No such > >>> file > >>> or directory Dez 08 20:40:13 ipa systemd[1]: Failed to start PKI Tomcat > >>> Server pki-tomcat. Dez 08 20:40:13 ipa systemd[1]: Unit > >>> pki-tomcatd@pki-tomcat.service entered failed state. > >>> > >>> > >>> a second service fails to start: > >>> > >>> $ systemctl status dirsrv-snmp.service > >>> ● dirsrv-snmp.service - 389 Directory Server SNMP Subagent. > >>> > >>> Loaded: loaded (/lib/systemd/system/dirsrv-snmp.service; enabled) > >>> Active: failed (Result: exit-code) since Di 2014-12-09 13:25:04 CET; > >>> 5min > >>> ago > >>> > >>>Process: 156 ExecStart=/usr/sbin/ldap-agent > >>>/etc/dirsrv/config/ldap-agent.conf (code=exited, status=1/FAILURE)> > >>> > >>> Dez 09 13:25:04 ipa systemd[1]: Starting 389 Directory Server SNMP > >>> Subagent Dez 09 13:25:04 ipa ldap-agent[156]: ldap-agent: No server > >>> instances defined in config file Dez 09 13:25:04 ipa systemd[1]: > >>> dirsrv-snmp.service: control process exited, code=exited status=1 Dez 09 > >>> 13:25:04 ipa systemd[1]: Failed to start 389 Directory Server SNMP > >>> Subagent.. Dez 09 13:25:04 ipa systemd[1]: Unit dirsrv-snmp.service > >>> entered > >>> failed state. > >> Hello, > >> > >> regarding this issue. Is there a agent log file under > >> /var/log/dirsrv/agent/ > >> ? > >> > >> thanks > >> thierry > >> > > thierry, > > no there aren’t any files, except the slapd-EB8-LAN/ directory in > > /var/log/dirsrv/ > > not even an /var/log/dirsrv/agent/ > > > > anything else I can provide? > > Hello Guenter, > > It is looking like no server have been configured in > /etc/dirsrv/config/ldap-agent.conf to be monitored. > So the ldap-agent started by this service returns an errors at startup. > As you are not using snmp, like Rich said you may ignore this service > failure. > > thanks > thierry hello thierry, yes, it’s seems to be empty – same as on a plain cos6/ipa 3.3 installation. but there, the service does not get started, and therefore, no error is thrown. may I suggest to do a check in the startup scripts weather a service is configured or not, or "systemctl disable" it by default? thx for your help guenter > > > > thanks, > > guenter > > > >>> except these, I was able to subscribe a jessie-client with autodiscovery > >>> right after I did configure the ipa-server, before first reboot. > >>> > >>> > >>> any help appreciated, since I do not have much experience with IPA – yet. > >>> guenter > -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
Re: [Freeipa-users] Unit pki-tomcatd@pki-tomcat.service entered failed state @ vanilla install on jessie – with log attached
Am Dienstag, 9. Dezember 2014, 09:49:04 schrieb Ade Lee: > On Tue, 2014-12-09 at 13:54 +0100, chymian wrote: > > hey people, > > > > after a successful install of ipa 4.0.5-2 on jessie, the named services > > started flawless during setup. see attached log, Installation summary (line > > 3107) > > but after reboot, it refuses to start. (did this install a couple times, on > > vanilla jessie) > > > > I can reach & work with Dogtag https://ipa.eb8.lan:8443/ca, but not the > > admin-services on https://ipa.eb8.lan/ca/ee/ca and > > https://ipa.eb8.lan/ca/agent/ca. > > > > > > $ systemctl status pki-tomcatd@pki-tomcat.service > > ● pki-tomcatd@pki-tomcat.service - PKI Tomcat Server pki-tomcat > >Loaded: loaded (/lib/systemd/system/pki-tomcatd@.service; enabled) > >Active: failed (Result: resources) > > > > Dez 08 20:40:13 ipa systemd[1]: Starting PKI Tomcat Server pki-tomcat... > > Dez 08 20:40:13 ipa systemd[1]: Failed to load environment files: No such > > file or directory > > Dez 08 20:40:13 ipa systemd[1]: pki-tomcatd@pki-tomcat.service failed to > > run 'start-pre' task: No such file or directory > > Dez 08 20:40:13 ipa systemd[1]: Failed to start PKI Tomcat Server > > pki-tomcat. > > Dez 08 20:40:13 ipa systemd[1]: Unit pki-tomcatd@pki-tomcat.service entered > > failed state. > > > > > > Is dogtag actually running? ps -ef |grep java it shows: pkiuser676 1 0 13:25 ?00:00:26 /usr/lib/jvm/default-java/bin/java -Djava.util.logging.config.file=/var/lib/pki/pki-tomcat/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -DRESTEASY_LIB=/usr/share/java/ -Djava.endorsed.dirs=/usr/share/tomcat7/endorsed -classpath /usr/share/tomcat7/bin/bootstrap.jar:/var/lib/pki/pki-tomcat/bin/tomcat-juli.jar -Dcatalina.base=/var/lib/pki/pki-tomcat -Dcatalina.home=/usr/share/tomcat7 -Djava.io.tmpdir=/var/lib/pki/pki-tomcat/temp org.apache.catalina.startup.Bootstrap start is it ment to be, that the dogtag-pki package it’s self is not installed, just the dogtag-pki-server-theme is and a couple pki-packages… pki-base, pki-ca, pki-server, pki-tools? > > You could try restarting it - > systemctl restart pki-tomcatd@pki-tomcat.service fails with same log-msg. > > The logs should be found in the journal --> > journalctl -u pki-tomcatd@pki-tomcat.service same as above. > > Other debug logs should be found under /var/log/pki/pki-tomcat/. Please > provide a tar of that directory. attached > I am curious what the unit file looks like: On Fedora, its > at /etc/systemd/system/pki-tomcatd.target.wants/pki-tomcatd@pki-tomcat.service lrwxrwxrwx 1 pkiuser pkiuser 40 Dez 8 20:22 pki-tomcatd@pki-tomcat.service -> /lib/systemd/system/pki-tomcatd@.service root@ipa /etc/systemd/system/pki-tomcatd.target.wants $ cat pki-tomcatd@pki-tomcat.service [Unit] Description=PKI Tomcat Server %i After=pki-tomcatd.target network.target PartOf=pki-tomcatd.target [Service] Type=simple EnvironmentFile=/etc/tomcat/tomcat.conf Environment="NAME=%i" EnvironmentFile=-/etc/default/%i ExecStartPre=/usr/bin/pkidaemon start %i ExecStart=/usr/libexec/tomcat/server start ExecStop=/usr/libexec/tomcat/server stop SuccessExitStatus=143 User=pkiuser Group=pkiuser [Install] WantedBy=multi-user.target > which points to an EnvironmentFile /etc/tomcat/tomcat.conf. Does that > file exist? there is not even an dir. /etc/tomcat/, or rather a tomcat.conf in it. this is what was installed: ii libtomcat7-java 7.0.56-1 ii libtomcatjss-java7.1.1-2 ii tomcat7-common 7.0.56-1 ii tomcat7-user 7.0.56-1 and if I would install tomcat7, it would give me an /etc/tomcat7 – not a /etc/tomcat and, here on debian, there is no such dir. /usr/libexec. seems that the unitfile is more a centos one. but: systemctl status pki-tomcatd.service ● pki-tomcatd.service - LSB: Start pki-tomcatd at boot time Loaded: loaded (/etc/init.d/pki-tomcatd) Active: active (running) since Di 2014-12-09 13:25:12 CET; 10h ago CGroup: /user.slice/user-0.slice/session-5.scope/system.slice/pki-tomcatd.service └─676 /usr/lib/jvm/default-java/bin/java -Djava.util.logging.config.file=/var/lib/pki/pki-tomcat/conf/logging.properties -Djava.util.log... Dez 09 13:25:12 ipa pki-tomcatd[484]: . Dez 09 13:25:12 ipa systemd[1]: Started LSB: Start pki-tomcatd at boot time. which is started with a /etc/init.d/pki-tomcatd script, not systemd-unit-file – yet. > > Ade thx, guenter > > > a second service fails to start: > > > > $ systemctl status dirsrv-snmp.service > > ● dirsrv-snmp.service - 389 Direc
Re: [Freeipa-users] Unit pki-tomcatd@pki-tomcat.service entered failed state @ vanilla install on jessie – with log attached
> Am Dienstag, 9. Dezember 2014, 14:10:48 schrieb thierry bordaz: > > On 12/09/2014 01:54 PM, chymian wrote: > > hey people, > > > > after a successful install of ipa 4.0.5-2 on jessie, the named services > > started flawless during setup. see attached log, Installation summary > > (line > > 3107) but after reboot, it refuses to start. (did this install a couple > > times, on vanilla jessie) > > > > I can reach & work with Dogtag https://ipa.eb8.lan:8443/ca, but not the > > admin-services on https://ipa.eb8.lan/ca/ee/ca and > > https://ipa.eb8.lan/ca/agent/ca. > > > > > > $ systemctl status pki-tomcatd@pki-tomcat.service > > ● pki-tomcatd@pki-tomcat.service - PKI Tomcat Server pki-tomcat > > > >Loaded: loaded (/lib/systemd/system/pki-tomcatd@.service; enabled) > >Active: failed (Result: resources) > > > > Dez 08 20:40:13 ipa systemd[1]: Starting PKI Tomcat Server pki-tomcat... > > Dez 08 20:40:13 ipa systemd[1]: Failed to load environment files: No such > > file or directory Dez 08 20:40:13 ipa systemd[1]: > > pki-tomcatd@pki-tomcat.service failed to run 'start-pre' task: No such > > file > > or directory Dez 08 20:40:13 ipa systemd[1]: Failed to start PKI Tomcat > > Server pki-tomcat. Dez 08 20:40:13 ipa systemd[1]: Unit > > pki-tomcatd@pki-tomcat.service entered failed state. > > > > > > a second service fails to start: > > > > $ systemctl status dirsrv-snmp.service > > ● dirsrv-snmp.service - 389 Directory Server SNMP Subagent. > > > >Loaded: loaded (/lib/systemd/system/dirsrv-snmp.service; enabled) > >Active: failed (Result: exit-code) since Di 2014-12-09 13:25:04 CET; > >5min > >ago > > > > Process: 156 ExecStart=/usr/sbin/ldap-agent > > /etc/dirsrv/config/ldap-agent.conf (code=exited, status=1/FAILURE)> > > > > Dez 09 13:25:04 ipa systemd[1]: Starting 389 Directory Server SNMP > > Subagent Dez 09 13:25:04 ipa ldap-agent[156]: ldap-agent: No server > > instances defined in config file Dez 09 13:25:04 ipa systemd[1]: > > dirsrv-snmp.service: control process exited, code=exited status=1 Dez 09 > > 13:25:04 ipa systemd[1]: Failed to start 389 Directory Server SNMP > > Subagent.. Dez 09 13:25:04 ipa systemd[1]: Unit dirsrv-snmp.service > > entered > > failed state. > > Hello, > > regarding this issue. Is there a agent log file under /var/log/dirsrv/agent/ > ? > > thanks > thierry > thierry, no there aren’t any files, except the slapd-EB8-LAN/ directory in /var/log/dirsrv/ not even an /var/log/dirsrv/agent/ anything else I can provide? thanks, guenter > > > except these, I was able to subscribe a jessie-client with autodiscovery > > right after I did configure the ipa-server, before first reboot. > > > > > > any help appreciated, since I do not have much experience with IPA – yet. > > guenter -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
[Freeipa-users] Unit pki-tomcatd@pki-tomcat.service entered failed state @ vanilla install on jessie
hey people, after a successful install of ipa 4.0.5-2 on jessie, the named services started flawless during setup. see attached log, Installation summary (line 3107) but after reboot, it refuses to start. (did this install a couple times, on vanilla jessie) I can reach & work with Dogtag https://ipa.eb8.lan:8443/ca, but not the admin-services on https://ipa.eb8.lan/ca/ee/ca and https://ipa.eb8.lan/ca/agent/ca. $ systemctl status pki-tomcatd@pki-tomcat.service ● pki-tomcatd@pki-tomcat.service - PKI Tomcat Server pki-tomcat Loaded: loaded (/lib/systemd/system/pki-tomcatd@.service; enabled) Active: failed (Result: resources) Dez 08 20:40:13 ipa systemd[1]: Starting PKI Tomcat Server pki-tomcat... Dez 08 20:40:13 ipa systemd[1]: Failed to load environment files: No such file or directory Dez 08 20:40:13 ipa systemd[1]: pki-tomcatd@pki-tomcat.service failed to run 'start-pre' task: No such file or directory Dez 08 20:40:13 ipa systemd[1]: Failed to start PKI Tomcat Server pki-tomcat. Dez 08 20:40:13 ipa systemd[1]: Unit pki-tomcatd@pki-tomcat.service entered failed state. a second service fails to start: $ systemctl status dirsrv-snmp.service ● dirsrv-snmp.service - 389 Directory Server SNMP Subagent. Loaded: loaded (/lib/systemd/system/dirsrv-snmp.service; enabled) Active: failed (Result: exit-code) since Di 2014-12-09 13:25:04 CET; 5min ago Process: 156 ExecStart=/usr/sbin/ldap-agent /etc/dirsrv/config/ldap-agent.conf (code=exited, status=1/FAILURE) Dez 09 13:25:04 ipa systemd[1]: Starting 389 Directory Server SNMP Subagent Dez 09 13:25:04 ipa ldap-agent[156]: ldap-agent: No server instances defined in config file Dez 09 13:25:04 ipa systemd[1]: dirsrv-snmp.service: control process exited, code=exited status=1 Dez 09 13:25:04 ipa systemd[1]: Failed to start 389 Directory Server SNMP Subagent.. Dez 09 13:25:04 ipa systemd[1]: Unit dirsrv-snmp.service entered failed state. except these, I was able to subscribe a jessie-client with autodiscovery right after I did configure the ipa-server, before first reboot. any help appreciated, since I do not have much experience with IPA – yet. guenter -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
