subject:"Re\: \[Freeipa\-users\] ipa\-dnskeysyncd not starting"

Re: [Freeipa-users] ipa-dnskeysyncd not starting

2016-12-19 Thread Rob Verduijn

2016-12-19 18:53 GMT+01:00 Martin Basti :

>
>
> On 19.12.2016 17:51, Rob Verduijn wrote:
>
> 2016-12-19 17:06 GMT+01:00 Martin Basti :
>
>>
>>
>> On 19.12.2016 16:27, Rob Verduijn wrote:
>>
>>
>>
>> 2016-12-19 16:07 GMT+01:00 Rob Verduijn :
>>
>>>
>>>
>>>
>>> 2016-12-19 15:52 GMT+01:00 Petr Spacek :
>>>
 On 19.12.2016 14:07, Rob Verduijn wrote:
 > Hello,
 >
 > I'm running ipa on centos 7.3 with the latest patches applied.
 >
 > It seem to run fine however the ipa-dnskeysyncd keeps failing to
 start and
 > I keep seeing this message in my logs:
 >
 > ipa-dnskeysyncd[25663]: ipa : INFO LDAP bind...
 > python2[25663]: GSSAPI client step 1
 > python2[25663]: GSSAPI client step 1
 > ns-slapd[2569]: GSSAPI server step 1
 > python2[25663]: GSSAPI client step 1
 > ns-slapd[2569]: GSSAPI server step 2
 > python2[25663]: GSSAPI client step 2
 > ns-slapd[2569]: GSSAPI server step 3
 > ipa-dnskeysyncd[25663]: ipa : INFO Commencing sync process
 > ipa-dnskeysyncd[25663]: ipa.ipapython.dnssec.keysyncer.KeySyncer:
 INFO
 > Initial LDAP dump is done, sychronizing with ODS and BIND
 > python2[25674]: GSSAPI client step 1
 > python2[25674]: GSSAPI client step 1
 > ns-slapd[2569]: GSSAPI server step 1
 > python2[25674]: GSSAPI client step 1
 > ns-slapd[2569]: GSSAPI server step 2
 > python2[25674]: GSSAPI client step 2
 > ns-slapd[2569]: GSSAPI server step 3
 > ipa-dnskeysyncd[25663]: Traceback (most recent call last):
 > ipa-dnskeysyncd[25663]: File "/usr/libexec/ipa/ipa-dnskeysyncd",
 line 110,
 > in 
 > ipa-dnskeysyncd[25663]: while ldap_connection.syncrepl_poll(all=1,
 > msgid=ldap_search):
 > ipa-dnskeysyncd[25663]: File
 > "/usr/lib64/python2.7/site-packages/ldap/syncrepl.py", line 405, in
 > syncrepl_poll
 > ipa-dnskeysyncd[25663]: self.syncrepl_refreshdone()
 > ipa-dnskeysyncd[25663]: File
 > "/usr/lib/python2.7/site-packages/ipapython/dnssec/keysyncer.py",
 line 115,
 > in syncrepl_refreshdone
 > ipa-dnskeysyncd[25663]: self.hsm_replica_sync()
 > ipa-dnskeysyncd[25663]: File
 > "/usr/lib/python2.7/site-packages/ipapython/dnssec/keysyncer.py",
 line 181,
 > in hsm_replica_sync
 > ipa-dnskeysyncd[25663]: ipautil.run([paths.IPA_DNSKEYSYNCD_REPLICA])
 > ipa-dnskeysyncd[25663]: File
 > "/usr/lib/python2.7/site-packages/ipapython/ipautil.py", line 494,
 in run
 > ipa-dnskeysyncd[25663]: raise CalledProcessError(p.returncode,
 arg_string,
 > str(output))
 > ipa-dnskeysyncd[25663]: subprocess.CalledProcessError: Command
 > '/usr/libexec/ipa/ipa-dnskeysync-replica' returned non-zero exit
 status 1
 > systemd[1]: ipa-dnskeysyncd.service: main process exited, code=exited,
 > status=1/FAILURE
 > systemd[1]: Unit ipa-dnskeysyncd.service entered failed state.
 > systemd[1]: ipa-dnskeysyncd.service failed.
 >
 > for some reason the ipa-dnskeysyncd keeops crashing.
 > Anybody know where to start looking for this one ?

 Please raise the debug level so we can see something in the logs:

 http://www.freeipa.org/page/Troubleshooting#ipa_command_cras
 hes_or_returns_no_data

 --
 Petr^2 Spacek

 --
 Manage your subscription for the Freeipa-users mailing list:
 https://www.redhat.com/mailman/listinfo/freeipa-users
 Go to http://freeipa.org for more info on the project

>>>
>>> Hello,
>>>
>>> The file /etc/ipa/ipa.conf or the file /etc/ipa/server.conf do not exist
>>> on my system.
>>> How to set debugging in this case ?
>>>
>>> Rob
>>>
>>
>> I've set the debug level in /etc/ipa/default.conf
>>
>> now I get this output
>>  systemd[1]: ipa-dnskeysyncd.service: main process exited, code=exited,
>> status=1/FAILURE
>>  systemd[1]: Unit ipa-dnskeysyncd.service entered failed state.
>>  systemd[1]: ipa-dnskeysyncd.service failed.
>>  systemd[1]: ipa-dnskeysyncd.service holdoff time over, scheduling
>> restart.
>>  systemd[1]: Started IPA key daemon.
>>  systemd[1]: Starting IPA key daemon...
>>  ipa-dnskeysyncd[30568]: ipa : INFO LDAP bind...
>>  python2[30568]: GSSAPI client step 1
>>  python2[30568]: GSSAPI client step 1
>>  ns-slapd[26744]: GSSAPI server step 1
>>  python2[30568]: GSSAPI client step 1
>>  ns-slapd[26744]: GSSAPI server step 2
>>  python2[30568]: GSSAPI client step 2
>>  ns-slapd[26744]: GSSAPI server step 3
>>  ipa-dnskeysyncd[30568]: ipa : INFO Commencing sync process
>>  ipa-dnskeysyncd[30568]: ipa.ipapython.dnssec.keysyncer.KeySyncer:
>> INFO Initial LDAP dump is done, sychronizing with ODS and BIND
>>  python2[30579]: GSSAPI client step 1
>>  python2[30579]: GSSAPI client step 1
>>  ns-slapd[26744]: GSSAPI server step 1
>>  python2[30579]: GSSAPI client step 1
>>  ns-slapd[26744]: GSSAPI server step 2
>>  python2[30579]: GSSAPI client step 2
>>  ns-slapd[26744]

Re: [Freeipa-users] ipa-dnskeysyncd not starting

2016-12-19 Thread Martin Basti




On 19.12.2016 17:51, Rob Verduijn wrote:
2016-12-19 17:06 GMT+01:00 Martin Basti >:




On 19.12.2016 16:27, Rob Verduijn wrote:



2016-12-19 16:07 GMT+01:00 Rob Verduijn mailto:rob.verdu...@gmail.com>>:




2016-12-19 15:52 GMT+01:00 Petr Spacek mailto:pspa...@redhat.com>>:

On 19.12.2016 14:07, Rob Verduijn wrote:
> Hello,
>
> I'm running ipa on centos 7.3 with the latest patches
applied.
>
> It seem to run fine however the ipa-dnskeysyncd keeps
failing to start and
> I keep seeing this message in my logs:
>
> ipa-dnskeysyncd[25663]: ipa : INFO LDAP bind...
> python2[25663]: GSSAPI client step 1
> python2[25663]: GSSAPI client step 1
> ns-slapd[2569]: GSSAPI server step 1
> python2[25663]: GSSAPI client step 1
> ns-slapd[2569]: GSSAPI server step 2
> python2[25663]: GSSAPI client step 2
> ns-slapd[2569]: GSSAPI server step 3
> ipa-dnskeysyncd[25663]: ipa : INFO  Commencing
sync process
> ipa-dnskeysyncd[25663]:
ipa.ipapython.dnssec.keysyncer.KeySyncer: INFO
> Initial LDAP dump is done, sychronizing with ODS and BIND
> python2[25674]: GSSAPI client step 1
> python2[25674]: GSSAPI client step 1
> ns-slapd[2569]: GSSAPI server step 1
> python2[25674]: GSSAPI client step 1
> ns-slapd[2569]: GSSAPI server step 2
> python2[25674]: GSSAPI client step 2
> ns-slapd[2569]: GSSAPI server step 3
> ipa-dnskeysyncd[25663]: Traceback (most recent call last):
> ipa-dnskeysyncd[25663]: File
"/usr/libexec/ipa/ipa-dnskeysyncd", line 110,
> in 
> ipa-dnskeysyncd[25663]: while
ldap_connection.syncrepl_poll(all=1,
> msgid=ldap_search):
> ipa-dnskeysyncd[25663]: File
> "/usr/lib64/python2.7/site-packages/ldap/syncrepl.py",
line 405, in
> syncrepl_poll
> ipa-dnskeysyncd[25663]: self.syncrepl_refreshdone()
> ipa-dnskeysyncd[25663]: File
>
"/usr/lib/python2.7/site-packages/ipapython/dnssec/keysyncer.py",
line 115,
> in syncrepl_refreshdone
> ipa-dnskeysyncd[25663]: self.hsm_replica_sync()
> ipa-dnskeysyncd[25663]: File
>
"/usr/lib/python2.7/site-packages/ipapython/dnssec/keysyncer.py",
line 181,
> in hsm_replica_sync
> ipa-dnskeysyncd[25663]:
ipautil.run([paths.IPA_DNSKEYSYNCD_REPLICA])
> ipa-dnskeysyncd[25663]: File
>
"/usr/lib/python2.7/site-packages/ipapython/ipautil.py",
line 494, in run
> ipa-dnskeysyncd[25663]: raise
CalledProcessError(p.returncode, arg_string,
> str(output))
> ipa-dnskeysyncd[25663]: subprocess.CalledProcessError:
Command
> '/usr/libexec/ipa/ipa-dnskeysync-replica' returned
non-zero exit status 1
> systemd[1]: ipa-dnskeysyncd.service: main process
exited, code=exited,
> status=1/FAILURE
> systemd[1]: Unit ipa-dnskeysyncd.service entered failed
state.
> systemd[1]: ipa-dnskeysyncd.service failed.
>
> for some reason the ipa-dnskeysyncd keeops crashing.
> Anybody know where to start looking for this one ?

Please raise the debug level so we can see something in
the logs:


http://www.freeipa.org/page/Troubleshooting#ipa_command_crashes_or_returns_no_data



--
Petr^2 Spacek

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users

Go to http://freeipa.org for more info on the project


Hello,

The file /etc/ipa/ipa.conf or the file /etc/ipa/server.conf
do not exist on my system.
How to set debugging in this case ?

Rob


I've set the debug level in /etc/ipa/default.conf

now I get this output
 systemd[1]: ipa-dnskeysyncd.service: main process exited,
code=exited, status=1/FAILURE
 systemd[1]: Unit ipa-dnskeysyncd.service entered failed state.
 systemd[1]: ipa-dnskeysyncd.service failed.
 systemd[1]: ipa-dnskeysyncd.service holdoff time over,
scheduling restart.
 systemd[1]: Started IPA key daemon.
 systemd[1]: Starting IPA key daemon...
 ipa-dnskeysync

Re: [Freeipa-users] ipa-dnskeysyncd not starting

2016-12-19 Thread Rob Verduijn

2016-12-19 17:06 GMT+01:00 Martin Basti :

>
>
> On 19.12.2016 16:27, Rob Verduijn wrote:
>
>
>
> 2016-12-19 16:07 GMT+01:00 Rob Verduijn :
>
>>
>>
>>
>> 2016-12-19 15:52 GMT+01:00 Petr Spacek :
>>
>>> On 19.12.2016 14:07, Rob Verduijn wrote:
>>> > Hello,
>>> >
>>> > I'm running ipa on centos 7.3 with the latest patches applied.
>>> >
>>> > It seem to run fine however the ipa-dnskeysyncd keeps failing to start
>>> and
>>> > I keep seeing this message in my logs:
>>> >
>>> > ipa-dnskeysyncd[25663]: ipa : INFO LDAP bind...
>>> > python2[25663]: GSSAPI client step 1
>>> > python2[25663]: GSSAPI client step 1
>>> > ns-slapd[2569]: GSSAPI server step 1
>>> > python2[25663]: GSSAPI client step 1
>>> > ns-slapd[2569]: GSSAPI server step 2
>>> > python2[25663]: GSSAPI client step 2
>>> > ns-slapd[2569]: GSSAPI server step 3
>>> > ipa-dnskeysyncd[25663]: ipa : INFO Commencing sync process
>>> > ipa-dnskeysyncd[25663]: ipa.ipapython.dnssec.keysyncer.KeySyncer: INFO
>>> > Initial LDAP dump is done, sychronizing with ODS and BIND
>>> > python2[25674]: GSSAPI client step 1
>>> > python2[25674]: GSSAPI client step 1
>>> > ns-slapd[2569]: GSSAPI server step 1
>>> > python2[25674]: GSSAPI client step 1
>>> > ns-slapd[2569]: GSSAPI server step 2
>>> > python2[25674]: GSSAPI client step 2
>>> > ns-slapd[2569]: GSSAPI server step 3
>>> > ipa-dnskeysyncd[25663]: Traceback (most recent call last):
>>> > ipa-dnskeysyncd[25663]: File "/usr/libexec/ipa/ipa-dnskeysyncd", line
>>> 110,
>>> > in 
>>> > ipa-dnskeysyncd[25663]: while ldap_connection.syncrepl_poll(all=1,
>>> > msgid=ldap_search):
>>> > ipa-dnskeysyncd[25663]: File
>>> > "/usr/lib64/python2.7/site-packages/ldap/syncrepl.py", line 405, in
>>> > syncrepl_poll
>>> > ipa-dnskeysyncd[25663]: self.syncrepl_refreshdone()
>>> > ipa-dnskeysyncd[25663]: File
>>> > "/usr/lib/python2.7/site-packages/ipapython/dnssec/keysyncer.py",
>>> line 115,
>>> > in syncrepl_refreshdone
>>> > ipa-dnskeysyncd[25663]: self.hsm_replica_sync()
>>> > ipa-dnskeysyncd[25663]: File
>>> > "/usr/lib/python2.7/site-packages/ipapython/dnssec/keysyncer.py",
>>> line 181,
>>> > in hsm_replica_sync
>>> > ipa-dnskeysyncd[25663]: ipautil.run([paths.IPA_DNSKEYSYNCD_REPLICA])
>>> > ipa-dnskeysyncd[25663]: File
>>> > "/usr/lib/python2.7/site-packages/ipapython/ipautil.py", line 494, in
>>> run
>>> > ipa-dnskeysyncd[25663]: raise CalledProcessError(p.returncode,
>>> arg_string,
>>> > str(output))
>>> > ipa-dnskeysyncd[25663]: subprocess.CalledProcessError: Command
>>> > '/usr/libexec/ipa/ipa-dnskeysync-replica' returned non-zero exit
>>> status 1
>>> > systemd[1]: ipa-dnskeysyncd.service: main process exited, code=exited,
>>> > status=1/FAILURE
>>> > systemd[1]: Unit ipa-dnskeysyncd.service entered failed state.
>>> > systemd[1]: ipa-dnskeysyncd.service failed.
>>> >
>>> > for some reason the ipa-dnskeysyncd keeops crashing.
>>> > Anybody know where to start looking for this one ?
>>>
>>> Please raise the debug level so we can see something in the logs:
>>>
>>> http://www.freeipa.org/page/Troubleshooting#ipa_command_cras
>>> hes_or_returns_no_data
>>>
>>> --
>>> Petr^2 Spacek
>>>
>>> --
>>> Manage your subscription for the Freeipa-users mailing list:
>>> https://www.redhat.com/mailman/listinfo/freeipa-users
>>> Go to http://freeipa.org for more info on the project
>>>
>>
>> Hello,
>>
>> The file /etc/ipa/ipa.conf or the file /etc/ipa/server.conf do not exist
>> on my system.
>> How to set debugging in this case ?
>>
>> Rob
>>
>
> I've set the debug level in /etc/ipa/default.conf
>
> now I get this output
>  systemd[1]: ipa-dnskeysyncd.service: main process exited, code=exited,
> status=1/FAILURE
>  systemd[1]: Unit ipa-dnskeysyncd.service entered failed state.
>  systemd[1]: ipa-dnskeysyncd.service failed.
>  systemd[1]: ipa-dnskeysyncd.service holdoff time over, scheduling restart.
>  systemd[1]: Started IPA key daemon.
>  systemd[1]: Starting IPA key daemon...
>  ipa-dnskeysyncd[30568]: ipa : INFO LDAP bind...
>  python2[30568]: GSSAPI client step 1
>  python2[30568]: GSSAPI client step 1
>  ns-slapd[26744]: GSSAPI server step 1
>  python2[30568]: GSSAPI client step 1
>  ns-slapd[26744]: GSSAPI server step 2
>  python2[30568]: GSSAPI client step 2
>  ns-slapd[26744]: GSSAPI server step 3
>  ipa-dnskeysyncd[30568]: ipa : INFO Commencing sync process
>  ipa-dnskeysyncd[30568]: ipa.ipapython.dnssec.keysyncer.KeySyncer:
> INFO Initial LDAP dump is done, sychronizing with ODS and BIND
>  python2[30579]: GSSAPI client step 1
>  python2[30579]: GSSAPI client step 1
>  ns-slapd[26744]: GSSAPI server step 1
>  python2[30579]: GSSAPI client step 1
>  ns-slapd[26744]: GSSAPI server step 2
>  python2[30579]: GSSAPI client step 2
>  ns-slapd[26744]: GSSAPI server step 3
>  python2[30579]: ObjectStore.cpp(59): Failed to enumerate object store in
> /var/lib/softhsm/tokens/
>  python2[30579]: SoftHSM.cpp(476): Could not load the object store
>  ipa-dnskeysyncd[30568]: Traceback

Re: [Freeipa-users] ipa-dnskeysyncd not starting

2016-12-19 Thread Martin Basti




On 19.12.2016 16:27, Rob Verduijn wrote:



2016-12-19 16:07 GMT+01:00 Rob Verduijn >:





2016-12-19 15:52 GMT+01:00 Petr Spacek mailto:pspa...@redhat.com>>:

On 19.12.2016 14:07, Rob Verduijn wrote:
> Hello,
>
> I'm running ipa on centos 7.3 with the latest patches applied.
>
> It seem to run fine however the ipa-dnskeysyncd keeps
failing to start and
> I keep seeing this message in my logs:
>
> ipa-dnskeysyncd[25663]: ipa : INFO LDAP bind...
> python2[25663]: GSSAPI client step 1
> python2[25663]: GSSAPI client step 1
> ns-slapd[2569]: GSSAPI server step 1
> python2[25663]: GSSAPI client step 1
> ns-slapd[2569]: GSSAPI server step 2
> python2[25663]: GSSAPI client step 2
> ns-slapd[2569]: GSSAPI server step 3
> ipa-dnskeysyncd[25663]: ipa : INFO Commencing
sync process
> ipa-dnskeysyncd[25663]:
ipa.ipapython.dnssec.keysyncer.KeySyncer: INFO
> Initial LDAP dump is done, sychronizing with ODS and BIND
> python2[25674]: GSSAPI client step 1
> python2[25674]: GSSAPI client step 1
> ns-slapd[2569]: GSSAPI server step 1
> python2[25674]: GSSAPI client step 1
> ns-slapd[2569]: GSSAPI server step 2
> python2[25674]: GSSAPI client step 2
> ns-slapd[2569]: GSSAPI server step 3
> ipa-dnskeysyncd[25663]: Traceback (most recent call last):
> ipa-dnskeysyncd[25663]: File
"/usr/libexec/ipa/ipa-dnskeysyncd", line 110,
> in 
> ipa-dnskeysyncd[25663]: while
ldap_connection.syncrepl_poll(all=1,
> msgid=ldap_search):
> ipa-dnskeysyncd[25663]: File
> "/usr/lib64/python2.7/site-packages/ldap/syncrepl.py", line
405, in
> syncrepl_poll
> ipa-dnskeysyncd[25663]: self.syncrepl_refreshdone()
> ipa-dnskeysyncd[25663]: File
>
"/usr/lib/python2.7/site-packages/ipapython/dnssec/keysyncer.py",
line 115,
> in syncrepl_refreshdone
> ipa-dnskeysyncd[25663]: self.hsm_replica_sync()
> ipa-dnskeysyncd[25663]: File
>
"/usr/lib/python2.7/site-packages/ipapython/dnssec/keysyncer.py",
line 181,
> in hsm_replica_sync
> ipa-dnskeysyncd[25663]:
ipautil.run([paths.IPA_DNSKEYSYNCD_REPLICA])
> ipa-dnskeysyncd[25663]: File
> "/usr/lib/python2.7/site-packages/ipapython/ipautil.py",
line 494, in run
> ipa-dnskeysyncd[25663]: raise
CalledProcessError(p.returncode, arg_string,
> str(output))
> ipa-dnskeysyncd[25663]: subprocess.CalledProcessError: Command
> '/usr/libexec/ipa/ipa-dnskeysync-replica' returned non-zero
exit status 1
> systemd[1]: ipa-dnskeysyncd.service: main process exited,
code=exited,
> status=1/FAILURE
> systemd[1]: Unit ipa-dnskeysyncd.service entered failed state.
> systemd[1]: ipa-dnskeysyncd.service failed.
>
> for some reason the ipa-dnskeysyncd keeops crashing.
> Anybody know where to start looking for this one ?

Please raise the debug level so we can see something in the logs:


http://www.freeipa.org/page/Troubleshooting#ipa_command_crashes_or_returns_no_data



--
Petr^2 Spacek

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users

Go to http://freeipa.org for more info on the project


Hello,

The file /etc/ipa/ipa.conf or the file /etc/ipa/server.conf do not
exist on my system.
How to set debugging in this case ?

Rob


I've set the debug level in /etc/ipa/default.conf

now I get this output
 systemd[1]: ipa-dnskeysyncd.service: main process exited, 
code=exited, status=1/FAILURE

 systemd[1]: Unit ipa-dnskeysyncd.service entered failed state.
 systemd[1]: ipa-dnskeysyncd.service failed.
 systemd[1]: ipa-dnskeysyncd.service holdoff time over, scheduling 
restart.

 systemd[1]: Started IPA key daemon.
 systemd[1]: Starting IPA key daemon...
 ipa-dnskeysyncd[30568]: ipa : INFO LDAP bind...
 python2[30568]: GSSAPI client step 1
 python2[30568]: GSSAPI client step 1
 ns-slapd[26744]: GSSAPI server step 1
 python2[30568]: GSSAPI client step 1
 ns-slapd[26744]: GSSAPI server step 2
 python2[30568]: GSSAPI client step 2
 ns-slapd[26744]: GSSAPI server step 3
 ipa-dnskeysyncd[30568]: ipa : INFO Commencing sync process
 ipa-dnskeysyncd[30568]: ipa.ipapython.dnssec.keysyncer.KeySyncer: 
INFO Initial LDAP dump is done, sychronizing with ODS and BIND

 python2[30579]: GSSAPI client step 1
 pyt

Re: [Freeipa-users] ipa-dnskeysyncd not starting

2016-12-19 Thread Rob Verduijn

2016-12-19 16:07 GMT+01:00 Rob Verduijn :

>
>
>
> 2016-12-19 15:52 GMT+01:00 Petr Spacek :
>
>> On 19.12.2016 14:07, Rob Verduijn wrote:
>> > Hello,
>> >
>> > I'm running ipa on centos 7.3 with the latest patches applied.
>> >
>> > It seem to run fine however the ipa-dnskeysyncd keeps failing to start
>> and
>> > I keep seeing this message in my logs:
>> >
>> > ipa-dnskeysyncd[25663]: ipa : INFO LDAP bind...
>> > python2[25663]: GSSAPI client step 1
>> > python2[25663]: GSSAPI client step 1
>> > ns-slapd[2569]: GSSAPI server step 1
>> > python2[25663]: GSSAPI client step 1
>> > ns-slapd[2569]: GSSAPI server step 2
>> > python2[25663]: GSSAPI client step 2
>> > ns-slapd[2569]: GSSAPI server step 3
>> > ipa-dnskeysyncd[25663]: ipa : INFO Commencing sync process
>> > ipa-dnskeysyncd[25663]: ipa.ipapython.dnssec.keysyncer.KeySyncer: INFO
>> > Initial LDAP dump is done, sychronizing with ODS and BIND
>> > python2[25674]: GSSAPI client step 1
>> > python2[25674]: GSSAPI client step 1
>> > ns-slapd[2569]: GSSAPI server step 1
>> > python2[25674]: GSSAPI client step 1
>> > ns-slapd[2569]: GSSAPI server step 2
>> > python2[25674]: GSSAPI client step 2
>> > ns-slapd[2569]: GSSAPI server step 3
>> > ipa-dnskeysyncd[25663]: Traceback (most recent call last):
>> > ipa-dnskeysyncd[25663]: File "/usr/libexec/ipa/ipa-dnskeysyncd", line
>> 110,
>> > in 
>> > ipa-dnskeysyncd[25663]: while ldap_connection.syncrepl_poll(all=1,
>> > msgid=ldap_search):
>> > ipa-dnskeysyncd[25663]: File
>> > "/usr/lib64/python2.7/site-packages/ldap/syncrepl.py", line 405, in
>> > syncrepl_poll
>> > ipa-dnskeysyncd[25663]: self.syncrepl_refreshdone()
>> > ipa-dnskeysyncd[25663]: File
>> > "/usr/lib/python2.7/site-packages/ipapython/dnssec/keysyncer.py", line
>> 115,
>> > in syncrepl_refreshdone
>> > ipa-dnskeysyncd[25663]: self.hsm_replica_sync()
>> > ipa-dnskeysyncd[25663]: File
>> > "/usr/lib/python2.7/site-packages/ipapython/dnssec/keysyncer.py", line
>> 181,
>> > in hsm_replica_sync
>> > ipa-dnskeysyncd[25663]: ipautil.run([paths.IPA_DNSKEYSYNCD_REPLICA])
>> > ipa-dnskeysyncd[25663]: File
>> > "/usr/lib/python2.7/site-packages/ipapython/ipautil.py", line 494, in
>> run
>> > ipa-dnskeysyncd[25663]: raise CalledProcessError(p.returncode,
>> arg_string,
>> > str(output))
>> > ipa-dnskeysyncd[25663]: subprocess.CalledProcessError: Command
>> > '/usr/libexec/ipa/ipa-dnskeysync-replica' returned non-zero exit
>> status 1
>> > systemd[1]: ipa-dnskeysyncd.service: main process exited, code=exited,
>> > status=1/FAILURE
>> > systemd[1]: Unit ipa-dnskeysyncd.service entered failed state.
>> > systemd[1]: ipa-dnskeysyncd.service failed.
>> >
>> > for some reason the ipa-dnskeysyncd keeops crashing.
>> > Anybody know where to start looking for this one ?
>>
>> Please raise the debug level so we can see something in the logs:
>>
>> http://www.freeipa.org/page/Troubleshooting#ipa_command_cras
>> hes_or_returns_no_data
>>
>> --
>> Petr^2 Spacek
>>
>> --
>> Manage your subscription for the Freeipa-users mailing list:
>> https://www.redhat.com/mailman/listinfo/freeipa-users
>> Go to http://freeipa.org for more info on the project
>>
>
> Hello,
>
> The file /etc/ipa/ipa.conf or the file /etc/ipa/server.conf do not exist
> on my system.
> How to set debugging in this case ?
>
> Rob
>

I've set the debug level in /etc/ipa/default.conf

now I get this output
 systemd[1]: ipa-dnskeysyncd.service: main process exited, code=exited,
status=1/FAILURE
 systemd[1]: Unit ipa-dnskeysyncd.service entered failed state.
 systemd[1]: ipa-dnskeysyncd.service failed.
 systemd[1]: ipa-dnskeysyncd.service holdoff time over, scheduling restart.
 systemd[1]: Started IPA key daemon.
 systemd[1]: Starting IPA key daemon...
 ipa-dnskeysyncd[30568]: ipa : INFO LDAP bind...
 python2[30568]: GSSAPI client step 1
 python2[30568]: GSSAPI client step 1
 ns-slapd[26744]: GSSAPI server step 1
 python2[30568]: GSSAPI client step 1
 ns-slapd[26744]: GSSAPI server step 2
 python2[30568]: GSSAPI client step 2
 ns-slapd[26744]: GSSAPI server step 3
 ipa-dnskeysyncd[30568]: ipa : INFO Commencing sync process
 ipa-dnskeysyncd[30568]: ipa.ipapython.dnssec.keysyncer.KeySyncer: INFO
Initial LDAP dump is done, sychronizing with ODS and BIND
 python2[30579]: GSSAPI client step 1
 python2[30579]: GSSAPI client step 1
 ns-slapd[26744]: GSSAPI server step 1
 python2[30579]: GSSAPI client step 1
 ns-slapd[26744]: GSSAPI server step 2
 python2[30579]: GSSAPI client step 2
 ns-slapd[26744]: GSSAPI server step 3
 python2[30579]: ObjectStore.cpp(59): Failed to enumerate object store in
/var/lib/softhsm/tokens/
 python2[30579]: SoftHSM.cpp(476): Could not load the object store
 ipa-dnskeysyncd[30568]: Traceback (most recent call last):
 ipa-dnskeysyncd[30568]: File "/usr/libexec/ipa/ipa-dnskeysyncd", line 110,
in 
 ipa-dnskeysyncd[30568]: while ldap_connection.syncrepl_poll(all=1,
msgid=ldap_search):
 ipa-dnskeysyncd[30568]: File
"/usr/lib64/python2.7/site-package

Re: [Freeipa-users] ipa-dnskeysyncd not starting

2016-12-19 Thread Rob Verduijn

2016-12-19 15:52 GMT+01:00 Petr Spacek :

> On 19.12.2016 14:07, Rob Verduijn wrote:
> > Hello,
> >
> > I'm running ipa on centos 7.3 with the latest patches applied.
> >
> > It seem to run fine however the ipa-dnskeysyncd keeps failing to start
> and
> > I keep seeing this message in my logs:
> >
> > ipa-dnskeysyncd[25663]: ipa : INFO LDAP bind...
> > python2[25663]: GSSAPI client step 1
> > python2[25663]: GSSAPI client step 1
> > ns-slapd[2569]: GSSAPI server step 1
> > python2[25663]: GSSAPI client step 1
> > ns-slapd[2569]: GSSAPI server step 2
> > python2[25663]: GSSAPI client step 2
> > ns-slapd[2569]: GSSAPI server step 3
> > ipa-dnskeysyncd[25663]: ipa : INFO Commencing sync process
> > ipa-dnskeysyncd[25663]: ipa.ipapython.dnssec.keysyncer.KeySyncer: INFO
> > Initial LDAP dump is done, sychronizing with ODS and BIND
> > python2[25674]: GSSAPI client step 1
> > python2[25674]: GSSAPI client step 1
> > ns-slapd[2569]: GSSAPI server step 1
> > python2[25674]: GSSAPI client step 1
> > ns-slapd[2569]: GSSAPI server step 2
> > python2[25674]: GSSAPI client step 2
> > ns-slapd[2569]: GSSAPI server step 3
> > ipa-dnskeysyncd[25663]: Traceback (most recent call last):
> > ipa-dnskeysyncd[25663]: File "/usr/libexec/ipa/ipa-dnskeysyncd", line
> 110,
> > in 
> > ipa-dnskeysyncd[25663]: while ldap_connection.syncrepl_poll(all=1,
> > msgid=ldap_search):
> > ipa-dnskeysyncd[25663]: File
> > "/usr/lib64/python2.7/site-packages/ldap/syncrepl.py", line 405, in
> > syncrepl_poll
> > ipa-dnskeysyncd[25663]: self.syncrepl_refreshdone()
> > ipa-dnskeysyncd[25663]: File
> > "/usr/lib/python2.7/site-packages/ipapython/dnssec/keysyncer.py", line
> 115,
> > in syncrepl_refreshdone
> > ipa-dnskeysyncd[25663]: self.hsm_replica_sync()
> > ipa-dnskeysyncd[25663]: File
> > "/usr/lib/python2.7/site-packages/ipapython/dnssec/keysyncer.py", line
> 181,
> > in hsm_replica_sync
> > ipa-dnskeysyncd[25663]: ipautil.run([paths.IPA_DNSKEYSYNCD_REPLICA])
> > ipa-dnskeysyncd[25663]: File
> > "/usr/lib/python2.7/site-packages/ipapython/ipautil.py", line 494, in
> run
> > ipa-dnskeysyncd[25663]: raise CalledProcessError(p.returncode,
> arg_string,
> > str(output))
> > ipa-dnskeysyncd[25663]: subprocess.CalledProcessError: Command
> > '/usr/libexec/ipa/ipa-dnskeysync-replica' returned non-zero exit status
> 1
> > systemd[1]: ipa-dnskeysyncd.service: main process exited, code=exited,
> > status=1/FAILURE
> > systemd[1]: Unit ipa-dnskeysyncd.service entered failed state.
> > systemd[1]: ipa-dnskeysyncd.service failed.
> >
> > for some reason the ipa-dnskeysyncd keeops crashing.
> > Anybody know where to start looking for this one ?
>
> Please raise the debug level so we can see something in the logs:
>
> http://www.freeipa.org/page/Troubleshooting#ipa_command_
> crashes_or_returns_no_data
>
> --
> Petr^2 Spacek
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
>

Hello,

The file /etc/ipa/ipa.conf or the file /etc/ipa/server.conf do not exist on
my system.
How to set debugging in this case ?

Rob
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] ipa-dnskeysyncd not starting

2016-12-19 Thread Petr Spacek

On 19.12.2016 14:07, Rob Verduijn wrote:
> Hello,
> 
> I'm running ipa on centos 7.3 with the latest patches applied.
> 
> It seem to run fine however the ipa-dnskeysyncd keeps failing to start and
> I keep seeing this message in my logs:
> 
> ipa-dnskeysyncd[25663]: ipa : INFO LDAP bind...
> python2[25663]: GSSAPI client step 1
> python2[25663]: GSSAPI client step 1
> ns-slapd[2569]: GSSAPI server step 1
> python2[25663]: GSSAPI client step 1
> ns-slapd[2569]: GSSAPI server step 2
> python2[25663]: GSSAPI client step 2
> ns-slapd[2569]: GSSAPI server step 3
> ipa-dnskeysyncd[25663]: ipa : INFO Commencing sync process
> ipa-dnskeysyncd[25663]: ipa.ipapython.dnssec.keysyncer.KeySyncer: INFO
> Initial LDAP dump is done, sychronizing with ODS and BIND
> python2[25674]: GSSAPI client step 1
> python2[25674]: GSSAPI client step 1
> ns-slapd[2569]: GSSAPI server step 1
> python2[25674]: GSSAPI client step 1
> ns-slapd[2569]: GSSAPI server step 2
> python2[25674]: GSSAPI client step 2
> ns-slapd[2569]: GSSAPI server step 3
> ipa-dnskeysyncd[25663]: Traceback (most recent call last):
> ipa-dnskeysyncd[25663]: File "/usr/libexec/ipa/ipa-dnskeysyncd", line 110,
> in 
> ipa-dnskeysyncd[25663]: while ldap_connection.syncrepl_poll(all=1,
> msgid=ldap_search):
> ipa-dnskeysyncd[25663]: File
> "/usr/lib64/python2.7/site-packages/ldap/syncrepl.py", line 405, in
> syncrepl_poll
> ipa-dnskeysyncd[25663]: self.syncrepl_refreshdone()
> ipa-dnskeysyncd[25663]: File
> "/usr/lib/python2.7/site-packages/ipapython/dnssec/keysyncer.py", line 115,
> in syncrepl_refreshdone
> ipa-dnskeysyncd[25663]: self.hsm_replica_sync()
> ipa-dnskeysyncd[25663]: File
> "/usr/lib/python2.7/site-packages/ipapython/dnssec/keysyncer.py", line 181,
> in hsm_replica_sync
> ipa-dnskeysyncd[25663]: ipautil.run([paths.IPA_DNSKEYSYNCD_REPLICA])
> ipa-dnskeysyncd[25663]: File
> "/usr/lib/python2.7/site-packages/ipapython/ipautil.py", line 494, in run
> ipa-dnskeysyncd[25663]: raise CalledProcessError(p.returncode, arg_string,
> str(output))
> ipa-dnskeysyncd[25663]: subprocess.CalledProcessError: Command
> '/usr/libexec/ipa/ipa-dnskeysync-replica' returned non-zero exit status 1
> systemd[1]: ipa-dnskeysyncd.service: main process exited, code=exited,
> status=1/FAILURE
> systemd[1]: Unit ipa-dnskeysyncd.service entered failed state.
> systemd[1]: ipa-dnskeysyncd.service failed.
> 
> for some reason the ipa-dnskeysyncd keeops crashing.
> Anybody know where to start looking for this one ?

Please raise the debug level so we can see something in the logs:

http://www.freeipa.org/page/Troubleshooting#ipa_command_crashes_or_returns_no_data

-- 
Petr^2 Spacek

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] ipa-dnskeysyncd not starting

Re: [Freeipa-users] ipa-dnskeysyncd not starting

Re: [Freeipa-users] ipa-dnskeysyncd not starting

Re: [Freeipa-users] ipa-dnskeysyncd not starting

Re: [Freeipa-users] ipa-dnskeysyncd not starting

Re: [Freeipa-users] ipa-dnskeysyncd not starting

Re: [Freeipa-users] ipa-dnskeysyncd not starting

7 matches

Site Navigation

Mail list logo

Footer information