Re: [Freeipa-users] freeipa-server from copr repo
Ok :) Thank you for the response. 2014-11-21 10:39 GMT+02:00 Martin Kosek : > On 11/21/2014 09:30 AM, Genadi Postrilko wrote: > >> Actually no, FreeIPA 4.1 is planned to be included in RHEL-7.1 release - > > so you can look forward to that :-) > >> > >> Martin > > > > Will it be included as a tech preview or fully supported? > > You mean if whole IPA will be Tech Preview or Fully Supported? The > functionality that was present and supported in RHEL-7.0 of course cannot > be > suddenly put to Tech Preview. > > I cannot disclose at this moment which *new* features would be supported > and > which would be TP, wait and see - but I think this information will be > publicly > available even in RHEL-7.1 Beta :-) > > > On 11/19/2014 10:24 PM, Tamas Papp wrote: > > > >> > >> On 11/19/2014 09:29 PM, Martin Kosek wrote: > >> > >>> > >>> Ah, yes. This one is not a problem with the CentOS port, but rather > >>> existing > >>> problem in FreeIPA 4.1.1 which will be fixed in FreeIPA 4.1.2 on all > >>> platforms, including Fedora 21 and CentOS. > >>> > >>> See upstream ticket: > >>> https://fedorahosted.org/freeipa/ticket/4716 > >>> > >>> Until this is fixed, correct workaround is to chown this directory by > >>> named:named and chmod rights to 0770. > >>> > >>> I will with the team when 4.1.2 is about to be released, if it is not > >>> soon, I > >>> can just add the patch to the 4.1.1 in Copr repo. > >>> > >> > >> Thanks for all. > >> > >> Just a question. My understanding is that 4.x will not hit RH 7 ever. > >> So for IPA 4.x we have to wait until RH8, am I correct? > >> > >> Thanks, > >> tamas > >> > > > > Actually no, FreeIPA 4.1 is planned to be included in RHEL-7.1 release - > so > > you can look forward to that :-) > > > > Martin > > > > -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
Re: [Freeipa-users] freeipa-server from copr repo
On 11/21/2014 09:30 AM, Genadi Postrilko wrote: >> Actually no, FreeIPA 4.1 is planned to be included in RHEL-7.1 release - > so you can look forward to that :-) >> >> Martin > > Will it be included as a tech preview or fully supported? You mean if whole IPA will be Tech Preview or Fully Supported? The functionality that was present and supported in RHEL-7.0 of course cannot be suddenly put to Tech Preview. I cannot disclose at this moment which *new* features would be supported and which would be TP, wait and see - but I think this information will be publicly available even in RHEL-7.1 Beta :-) > On 11/19/2014 10:24 PM, Tamas Papp wrote: > >> >> On 11/19/2014 09:29 PM, Martin Kosek wrote: >> >>> >>> Ah, yes. This one is not a problem with the CentOS port, but rather >>> existing >>> problem in FreeIPA 4.1.1 which will be fixed in FreeIPA 4.1.2 on all >>> platforms, including Fedora 21 and CentOS. >>> >>> See upstream ticket: >>> https://fedorahosted.org/freeipa/ticket/4716 >>> >>> Until this is fixed, correct workaround is to chown this directory by >>> named:named and chmod rights to 0770. >>> >>> I will with the team when 4.1.2 is about to be released, if it is not >>> soon, I >>> can just add the patch to the 4.1.1 in Copr repo. >>> >> >> Thanks for all. >> >> Just a question. My understanding is that 4.x will not hit RH 7 ever. >> So for IPA 4.x we have to wait until RH8, am I correct? >> >> Thanks, >> tamas >> > > Actually no, FreeIPA 4.1 is planned to be included in RHEL-7.1 release - so > you can look forward to that :-) > > Martin > -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
Re: [Freeipa-users] freeipa-server from copr repo
> Actually no, FreeIPA 4.1 is planned to be included in RHEL-7.1 release - so you can look forward to that :-) > > Martin Will it be included as a tech preview or fully supported? On 11/19/2014 10:24 PM, Tamas Papp wrote: > > On 11/19/2014 09:29 PM, Martin Kosek wrote: > >> >> Ah, yes. This one is not a problem with the CentOS port, but rather >> existing >> problem in FreeIPA 4.1.1 which will be fixed in FreeIPA 4.1.2 on all >> platforms, including Fedora 21 and CentOS. >> >> See upstream ticket: >> https://fedorahosted.org/freeipa/ticket/4716 >> >> Until this is fixed, correct workaround is to chown this directory by >> named:named and chmod rights to 0770. >> >> I will with the team when 4.1.2 is about to be released, if it is not >> soon, I >> can just add the patch to the 4.1.1 in Copr repo. >> > > Thanks for all. > > Just a question. My understanding is that 4.x will not hit RH 7 ever. > So for IPA 4.x we have to wait until RH8, am I correct? > > Thanks, > tamas > Actually no, FreeIPA 4.1 is planned to be included in RHEL-7.1 release - so you can look forward to that :-) Martin -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
Re: [Freeipa-users] freeipa-server from copr repo
On 11/19/2014 10:27 PM, Martin Kosek wrote: Actually no, FreeIPA 4.1 is planned to be included in RHEL-7.1 release - so you can look forward to that :-) Very good! Then everything is good for testing:) t -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
Re: [Freeipa-users] freeipa-server from copr repo
On 11/19/2014 10:24 PM, Tamas Papp wrote: On 11/19/2014 09:29 PM, Martin Kosek wrote: Ah, yes. This one is not a problem with the CentOS port, but rather existing problem in FreeIPA 4.1.1 which will be fixed in FreeIPA 4.1.2 on all platforms, including Fedora 21 and CentOS. See upstream ticket: https://fedorahosted.org/freeipa/ticket/4716 Until this is fixed, correct workaround is to chown this directory by named:named and chmod rights to 0770. I will with the team when 4.1.2 is about to be released, if it is not soon, I can just add the patch to the 4.1.1 in Copr repo. Thanks for all. Just a question. My understanding is that 4.x will not hit RH 7 ever. So for IPA 4.x we have to wait until RH8, am I correct? Thanks, tamas Actually no, FreeIPA 4.1 is planned to be included in RHEL-7.1 release - so you can look forward to that :-) Martin -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
Re: [Freeipa-users] freeipa-server from copr repo
On 11/19/2014 09:29 PM, Martin Kosek wrote: Ah, yes. This one is not a problem with the CentOS port, but rather existing problem in FreeIPA 4.1.1 which will be fixed in FreeIPA 4.1.2 on all platforms, including Fedora 21 and CentOS. See upstream ticket: https://fedorahosted.org/freeipa/ticket/4716 Until this is fixed, correct workaround is to chown this directory by named:named and chmod rights to 0770. I will with the team when 4.1.2 is about to be released, if it is not soon, I can just add the patch to the 4.1.1 in Copr repo. Thanks for all. Just a question. My understanding is that 4.x will not hit RH 7 ever. So for IPA 4.x we have to wait until RH8, am I correct? Thanks, tamas -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
Re: [Freeipa-users] freeipa-server from copr repo
On 11/19/2014 09:23 PM, Tamas Papp wrote: hi Martin, Much better:) Unfortunately not perfect yet. [...] Done configuring DNS key synchronization service (ipa-dnskeysyncd). Restarting ipa-dnskeysyncd Restarting named ipa : ERRORNamed service failed to start (Command ''/bin/systemctl' 'restart' 'named-pkcs11.service'' returned non-zero exit status 1) named service failed to start Global DNS configuration in LDAP server is empty You can use 'dnsconfig-mod' command to set global DNS options that would override settings in local named.conf files Restarting the web server Unexpected error - see /var/log/ipaserver-install.log for details: CalledProcessError: Command ''/bin/systemctl' 'restart' 'ipa.service'' returned non-zero exit status 1 This helped: chmod 777 /var/named/dyndb-ldap/ipa/ Probably chown or chgrp named would be just enough. Cheers, tamas Ah, yes. This one is not a problem with the CentOS port, but rather existing problem in FreeIPA 4.1.1 which will be fixed in FreeIPA 4.1.2 on all platforms, including Fedora 21 and CentOS. See upstream ticket: https://fedorahosted.org/freeipa/ticket/4716 Until this is fixed, correct workaround is to chown this directory by named:named and chmod rights to 0770. I will with the team when 4.1.2 is about to be released, if it is not soon, I can just add the patch to the 4.1.1 in Copr repo. Martin -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
Re: [Freeipa-users] freeipa-server from copr repo
hi Martin, Much better:) Unfortunately not perfect yet. [...] Done configuring DNS key synchronization service (ipa-dnskeysyncd). Restarting ipa-dnskeysyncd Restarting named ipa : ERRORNamed service failed to start (Command ''/bin/systemctl' 'restart' 'named-pkcs11.service'' returned non-zero exit status 1) named service failed to start Global DNS configuration in LDAP server is empty You can use 'dnsconfig-mod' command to set global DNS options that would override settings in local named.conf files Restarting the web server Unexpected error - see /var/log/ipaserver-install.log for details: CalledProcessError: Command ''/bin/systemctl' 'restart' 'ipa.service'' returned non-zero exit status 1 This helped: chmod 777 /var/named/dyndb-ldap/ipa/ Probably chown or chgrp named would be just enough. Cheers, tamas On 11/19/2014 05:41 PM, Martin Kosek wrote: It is highly probable the issue is caused by SELinux (check for AVCs in /var/log/audit/audit.log). Can you try with SELinux permissive? We specifically did not build selinux-policy as we do not think we should be the ones maintaining it for CentOS. HTH, Martin - Original Message - From: "Bill Peck" To: "Martin Kosek" Cc: "Tamas Papp" , freeipa-users@redhat.com Sent: Wednesday, November 19, 2014 5:34:10 PM Subject: Re: [Freeipa-users] freeipa-server from copr repo Hi Marin, I was able to install from the copr repo now as well. Thank you! However I wasn't able to finish the install: [23/27]: configure certmonger for renewals [24/27]: configure certificate renewals [error] DBusException: org.fedorahosted.certmonger.bad_arg: The location "/etc/pki/pki-tomcat/alias" could not be accessed due to insufficient permissions. Don't know if you need the command for how I was installing ipa. But here is the line from my anseible playbook. shell: ipa-server-install -a {{ adminpassword }} --hostname={{ servername }} -r {{ realm }} -p {{ directorypassword }} -n {{ domain }} --setup-dns --forwarder={{ dnsforwarder }} -U creates={{ slapd }} On Wed, Nov 19, 2014 at 11:23 AM, Martin Kosek wrote: On 11/19/2014 11:57 AM, Tamas Papp wrote: I am good in waiting;) Thanks for the prompt reply. Ok Tamas, I think we *finally* got somewhere. Can you please try the mkosek/freeipa Copr repo now? I was able to install upstream "freeipa-server" 4.1.1 package on my RHEL-7.0 machine (should be the same for CentOS) and run ipa-server-install: # yum install freeipa-server --enablerepo=mkosek-freeipa ... Resolving Dependencies --> Running transaction check ---> Package freeipa-server.x86_64 0:4.1.1-1.2.el7.centos will be installed ... Transaction Summary Install 1 Package (+338 Dependent packages) Upgrade ( 11 Dependent packages) Total download size: 146 M ... # rpm -q freeipa-server freeipa-server-4.1.1-1.2.el7.centos.x86_64 # ipa-server-install --setup-dns # kinit admin Password for ad...@example.com: Thanks, Martin -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
Re: [Freeipa-users] freeipa-server from copr repo
Good news! To clarify on the selinux-policy side. By not maintaining it for the CentOS I meant that FreeIPA Copr should not maintain system policy for any system, not just SELinux. Ideally, it should have a SELinux policy module that would be compiled for SELinux only and that would only contain the additional policy required by IPA on top of 7.0. But this is not a priority for now & we do not have enough capacity for it ATM. But if anyone wishes to contribute that part, doors are open :-) Martin On 11/19/2014 05:56 PM, Bill Peck wrote: Hi Martin, Yes, setting selinux to permissive allowed me to install and configure IPA 4.1 on CentOS 7. :-) On Wed, Nov 19, 2014 at 11:41 AM, Martin Kosek mailto:mko...@redhat.com>> wrote: It is highly probable the issue is caused by SELinux (check for AVCs in /var/log/audit/audit.log). Can you try with SELinux permissive? We specifically did not build selinux-policy as we do not think we should be the ones maintaining it for CentOS. HTH, Martin - Original Message - > From: "Bill Peck" mailto:b...@pecknet.com>> > To: "Martin Kosek" mailto:mko...@redhat.com>> > Cc: "Tamas Papp" mailto:tom...@martos.bme.hu>>, freeipa-users@redhat.com <mailto:freeipa-users@redhat.com> > Sent: Wednesday, November 19, 2014 5:34:10 PM > Subject: Re: [Freeipa-users] freeipa-server from copr repo > > Hi Marin, > > I was able to install from the copr repo now as well. Thank you! > > However I wasn't able to finish the install: > > [23/27]: configure certmonger for renewals > [24/27]: configure certificate renewals > [error] DBusException: org.fedorahosted.certmonger.bad_arg: The location > "/etc/pki/pki-tomcat/alias" could not be accessed due to insufficient > permissions. > > > Don't know if you need the command for how I was installing ipa. But here > is the line from my anseible playbook. > shell: ipa-server-install -a {{ adminpassword }} --hostname={{ servername > }} -r {{ realm }} -p {{ directorypassword }} -n {{ domain }} --setup-dns > --forwarder={{ dnsforwarder }} -U creates={{ slapd }} > > On Wed, Nov 19, 2014 at 11:23 AM, Martin Kosek mailto:mko...@redhat.com>> wrote: > > > On 11/19/2014 11:57 AM, Tamas Papp wrote: > > > I am good in waiting;) > > > > > > Thanks for the prompt reply. > > > > Ok Tamas, I think we *finally* got somewhere. Can you please try the > > mkosek/freeipa Copr repo now? > > > > I was able to install upstream "freeipa-server" 4.1.1 package on my > > RHEL-7.0 > > machine (should be the same for CentOS) and run ipa-server-install: > > > > # yum install freeipa-server --enablerepo=mkosek-freeipa > > ... > > Resolving Dependencies > > --> Running transaction check > > ---> Package freeipa-server.x86_64 0:4.1.1-1.2.el7.centos will be installed > > ... > > Transaction Summary > > > > > > Install 1 Package (+338 Dependent packages) > > Upgrade ( 11 Dependent packages) > > > > Total download size: 146 M > > ... > > > > # rpm -q freeipa-server > > freeipa-server-4.1.1-1.2.el7.centos.x86_64 > > > > # ipa-server-install --setup-dns > > > > # kinit admin > > Password for ad...@example.com <mailto:ad...@example.com>: > > > > Thanks, > > Martin > > > > -- > > Manage your subscription for the Freeipa-users mailing list: > > https://www.redhat.com/mailman/listinfo/freeipa-users > > Go To http://freeipa.org for more info on the project > > > -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
Re: [Freeipa-users] freeipa-server from copr repo
Hi Martin, Yes, setting selinux to permissive allowed me to install and configure IPA 4.1 on CentOS 7. :-) On Wed, Nov 19, 2014 at 11:41 AM, Martin Kosek wrote: > It is highly probable the issue is caused by SELinux (check for AVCs in > /var/log/audit/audit.log). > > Can you try with SELinux permissive? We specifically did not build > selinux-policy as we do not think we should be the ones maintaining it for > CentOS. > > HTH, > Martin > > - Original Message - > > From: "Bill Peck" > > To: "Martin Kosek" > > Cc: "Tamas Papp" , freeipa-users@redhat.com > > Sent: Wednesday, November 19, 2014 5:34:10 PM > > Subject: Re: [Freeipa-users] freeipa-server from copr repo > > > > Hi Marin, > > > > I was able to install from the copr repo now as well. Thank you! > > > > However I wasn't able to finish the install: > > > > [23/27]: configure certmonger for renewals > > [24/27]: configure certificate renewals > > [error] DBusException: org.fedorahosted.certmonger.bad_arg: The > location > > "/etc/pki/pki-tomcat/alias" could not be accessed due to insufficient > > permissions. > > > > > > Don't know if you need the command for how I was installing ipa. But > here > > is the line from my anseible playbook. > > shell: ipa-server-install -a {{ adminpassword }} --hostname={{ servername > > }} -r {{ realm }} -p {{ directorypassword }} -n {{ domain }} --setup-dns > > --forwarder={{ dnsforwarder }} -U creates={{ slapd }} > > > > On Wed, Nov 19, 2014 at 11:23 AM, Martin Kosek > wrote: > > > > > On 11/19/2014 11:57 AM, Tamas Papp wrote: > > > > I am good in waiting;) > > > > > > > > Thanks for the prompt reply. > > > > > > Ok Tamas, I think we *finally* got somewhere. Can you please try the > > > mkosek/freeipa Copr repo now? > > > > > > I was able to install upstream "freeipa-server" 4.1.1 package on my > > > RHEL-7.0 > > > machine (should be the same for CentOS) and run ipa-server-install: > > > > > > # yum install freeipa-server --enablerepo=mkosek-freeipa > > > ... > > > Resolving Dependencies > > > --> Running transaction check > > > ---> Package freeipa-server.x86_64 0:4.1.1-1.2.el7.centos will be > installed > > > ... > > > Transaction Summary > > > > > > > > > > Install 1 Package (+338 Dependent packages) > > > Upgrade ( 11 Dependent packages) > > > > > > Total download size: 146 M > > > ... > > > > > > # rpm -q freeipa-server > > > freeipa-server-4.1.1-1.2.el7.centos.x86_64 > > > > > > # ipa-server-install --setup-dns > > > > > > # kinit admin > > > Password for ad...@example.com: > > > > > > Thanks, > > > Martin > > > > > > -- > > > Manage your subscription for the Freeipa-users mailing list: > > > https://www.redhat.com/mailman/listinfo/freeipa-users > > > Go To http://freeipa.org for more info on the project > > > > > > -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
Re: [Freeipa-users] freeipa-server from copr repo
It is highly probable the issue is caused by SELinux (check for AVCs in /var/log/audit/audit.log). Can you try with SELinux permissive? We specifically did not build selinux-policy as we do not think we should be the ones maintaining it for CentOS. HTH, Martin - Original Message - > From: "Bill Peck" > To: "Martin Kosek" > Cc: "Tamas Papp" , freeipa-users@redhat.com > Sent: Wednesday, November 19, 2014 5:34:10 PM > Subject: Re: [Freeipa-users] freeipa-server from copr repo > > Hi Marin, > > I was able to install from the copr repo now as well. Thank you! > > However I wasn't able to finish the install: > > [23/27]: configure certmonger for renewals > [24/27]: configure certificate renewals > [error] DBusException: org.fedorahosted.certmonger.bad_arg: The location > "/etc/pki/pki-tomcat/alias" could not be accessed due to insufficient > permissions. > > > Don't know if you need the command for how I was installing ipa. But here > is the line from my anseible playbook. > shell: ipa-server-install -a {{ adminpassword }} --hostname={{ servername > }} -r {{ realm }} -p {{ directorypassword }} -n {{ domain }} --setup-dns > --forwarder={{ dnsforwarder }} -U creates={{ slapd }} > > On Wed, Nov 19, 2014 at 11:23 AM, Martin Kosek wrote: > > > On 11/19/2014 11:57 AM, Tamas Papp wrote: > > > I am good in waiting;) > > > > > > Thanks for the prompt reply. > > > > Ok Tamas, I think we *finally* got somewhere. Can you please try the > > mkosek/freeipa Copr repo now? > > > > I was able to install upstream "freeipa-server" 4.1.1 package on my > > RHEL-7.0 > > machine (should be the same for CentOS) and run ipa-server-install: > > > > # yum install freeipa-server --enablerepo=mkosek-freeipa > > ... > > Resolving Dependencies > > --> Running transaction check > > ---> Package freeipa-server.x86_64 0:4.1.1-1.2.el7.centos will be installed > > ... > > Transaction Summary > > > > > > Install 1 Package (+338 Dependent packages) > > Upgrade ( 11 Dependent packages) > > > > Total download size: 146 M > > ... > > > > # rpm -q freeipa-server > > freeipa-server-4.1.1-1.2.el7.centos.x86_64 > > > > # ipa-server-install --setup-dns > > > > # kinit admin > > Password for ad...@example.com: > > > > Thanks, > > Martin > > > > -- > > Manage your subscription for the Freeipa-users mailing list: > > https://www.redhat.com/mailman/listinfo/freeipa-users > > Go To http://freeipa.org for more info on the project > > > -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
Re: [Freeipa-users] freeipa-server from copr repo
Hi Marin, I was able to install from the copr repo now as well. Thank you! However I wasn't able to finish the install: [23/27]: configure certmonger for renewals [24/27]: configure certificate renewals [error] DBusException: org.fedorahosted.certmonger.bad_arg: The location "/etc/pki/pki-tomcat/alias" could not be accessed due to insufficient permissions. Don't know if you need the command for how I was installing ipa. But here is the line from my anseible playbook. shell: ipa-server-install -a {{ adminpassword }} --hostname={{ servername }} -r {{ realm }} -p {{ directorypassword }} -n {{ domain }} --setup-dns --forwarder={{ dnsforwarder }} -U creates={{ slapd }} On Wed, Nov 19, 2014 at 11:23 AM, Martin Kosek wrote: > On 11/19/2014 11:57 AM, Tamas Papp wrote: > > I am good in waiting;) > > > > Thanks for the prompt reply. > > Ok Tamas, I think we *finally* got somewhere. Can you please try the > mkosek/freeipa Copr repo now? > > I was able to install upstream "freeipa-server" 4.1.1 package on my > RHEL-7.0 > machine (should be the same for CentOS) and run ipa-server-install: > > # yum install freeipa-server --enablerepo=mkosek-freeipa > ... > Resolving Dependencies > --> Running transaction check > ---> Package freeipa-server.x86_64 0:4.1.1-1.2.el7.centos will be installed > ... > Transaction Summary > > > Install 1 Package (+338 Dependent packages) > Upgrade ( 11 Dependent packages) > > Total download size: 146 M > ... > > # rpm -q freeipa-server > freeipa-server-4.1.1-1.2.el7.centos.x86_64 > > # ipa-server-install --setup-dns > > # kinit admin > Password for ad...@example.com: > > Thanks, > Martin > > -- > Manage your subscription for the Freeipa-users mailing list: > https://www.redhat.com/mailman/listinfo/freeipa-users > Go To http://freeipa.org for more info on the project > -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
Re: [Freeipa-users] freeipa-server from copr repo
On 11/19/2014 11:57 AM, Tamas Papp wrote: > I am good in waiting;) > > Thanks for the prompt reply. Ok Tamas, I think we *finally* got somewhere. Can you please try the mkosek/freeipa Copr repo now? I was able to install upstream "freeipa-server" 4.1.1 package on my RHEL-7.0 machine (should be the same for CentOS) and run ipa-server-install: # yum install freeipa-server --enablerepo=mkosek-freeipa ... Resolving Dependencies --> Running transaction check ---> Package freeipa-server.x86_64 0:4.1.1-1.2.el7.centos will be installed ... Transaction Summary Install 1 Package (+338 Dependent packages) Upgrade ( 11 Dependent packages) Total download size: 146 M ... # rpm -q freeipa-server freeipa-server-4.1.1-1.2.el7.centos.x86_64 # ipa-server-install --setup-dns # kinit admin Password for ad...@example.com: Thanks, Martin -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
Re: [Freeipa-users] freeipa-server from copr repo
I am good in waiting;) Thanks for the prompt reply. -- Sent from mobile On November 19, 2014 11:54:40 AM Martin Kosek wrote: On 11/19/2014 11:37 AM, Tamas Papp wrote: > hi All, > > --> Finished Dependency Resolution > Error: Package: freeipa-server-4.1.1-1.1.el7.centos.x86_64 (mkosek-freeipa) >Requires: pki-ca >= 10.2.0-3 >Available: pki-ca-10.0.5-3.el7.noarch (base) >pki-ca = 10.0.5-3.el7 >Available: pki-ca-10.1.2-3.el7.centos.noarch (mkosek-freeipa) >pki-ca = 10.1.2-3.el7.centos > You could try using --skip-broken to work around the problem > You could try running: rpm -Va --nofiles --nodigest We are working on a fix right now. So hopefully, the fixed CentOS repo would be available during today. > Ho can I fix this? Waiting a bit and then trying to install again :-) > > 10x > tamas > -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
Re: [Freeipa-users] freeipa-server from copr repo
On 11/19/2014 11:37 AM, Tamas Papp wrote: > hi All, > > --> Finished Dependency Resolution > Error: Package: freeipa-server-4.1.1-1.1.el7.centos.x86_64 (mkosek-freeipa) >Requires: pki-ca >= 10.2.0-3 >Available: pki-ca-10.0.5-3.el7.noarch (base) >pki-ca = 10.0.5-3.el7 >Available: pki-ca-10.1.2-3.el7.centos.noarch (mkosek-freeipa) >pki-ca = 10.1.2-3.el7.centos > You could try using --skip-broken to work around the problem > You could try running: rpm -Va --nofiles --nodigest We are working on a fix right now. So hopefully, the fixed CentOS repo would be available during today. > Ho can I fix this? Waiting a bit and then trying to install again :-) > > 10x > tamas > -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
[Freeipa-users] freeipa-server from copr repo
hi All, --> Finished Dependency Resolution Error: Package: freeipa-server-4.1.1-1.1.el7.centos.x86_64 (mkosek-freeipa) Requires: pki-ca >= 10.2.0-3 Available: pki-ca-10.0.5-3.el7.noarch (base) pki-ca = 10.0.5-3.el7 Available: pki-ca-10.1.2-3.el7.centos.noarch (mkosek-freeipa) pki-ca = 10.1.2-3.el7.centos You could try using --skip-broken to work around the problem You could try running: rpm -Va --nofiles --nodigest Ho can I fix this? 10x tamas -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project