Public bug reported:
Dear Colleagues,
ipa-client-install fails at the import stage of the freeipa server cert.
Created /etc/ipa/default.conf
New SSSD config will be created.
Configured /etc/sssd/sssd.conf
Traceback (most recent call last):
File "/usr/sbin/ipa-client-install", line 1292, in <module>
sys.exit(main())
File "/usr/sbin/ipa-client-install", line 1279, in main
rval = install(options, env, fstore, statestore)
File "/usr/sbin/ipa-client-install", line 1124, in install
run(["/usr/bin/certutil", "-A", "-d", "/etc/pki/nssdb", "-n", "IPA CA",
"-t", "CT,C,C", "-a", "-i", "/etc/ipa/ca.crt"])
File "/usr/lib/python2.7/dist-packages/ipapython/ipautil.py", line 273, in run
raise CalledProcessError(p.returncode, args)
subprocess.CalledProcessError: Command '/usr/bin/certutil -A -d /etc/pki/nssdb
-n IPA CA -t CT,C,C -a -i /etc/ipa/ca.crt' returned non-zero exit status 255
It looks like the patch create_client_dirs.patch needs to be refreshed to:
1. check if /etc/pki exists
2. if not, create it
this is important especially for debian and ubuntu, because /etc/pki
is/was fedora/rhel specific
Regards,
\sh
** Affects: freeipa (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1024765
Title:
ipa-client-install failes at certutil stage because /etc/pki doesn't
exists
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/freeipa/+bug/1024765/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
