Peter Zoltan Keresztes (zozo) via FreeIPA-users wrote: > Hello > > I have just installed ipa-server on ubuntu 18.04 and I have observed > that the kadmin service is not running. While investigating the issue > I’ve seen that is complaining about the not existance of the > /etc/krb5kdc/kadm5.acl. > > ipactl status > Directory Service: RUNNING > krb5kdc Service: RUNNING > kadmin Service: STOPPED > httpd Service: RUNNING > ipa-custodia Service: RUNNING > pki-tomcatd Service: RUNNING > ipa-otpd Service: RUNNING > ipa: INFO: The ipactl command was successful > > systemctl status krb5-admin-server.service > ● krb5-admin-server.service - Kerberos 5 Admin Server > Loaded: loaded (/lib/systemd/system/krb5-admin-server.service; > disabled; vendor preset: enabled) > Drop-In: /lib/systemd/system/krb5-admin-server.service.d > └─slapd-before-kdc.conf > Active: failed (Result: exit-code) since Thu 2019-06-20 16:36:34 EDT; > 3min 9s ago > Process: 13426 ExecStart=/usr/sbin/kadmind -nofork $DAEMON_ARGS > (code=exited, status=1/FAILURE) > Main PID: 13426 (code=exited, status=1/FAILURE) > > Jun 20 16:36:34 ipadev.redcapcloud.com > <http://ipadev.redcapcloud.com> kadmind[13426]: > setsockopt(11,IPV6_V6ONLY,1) worked > Jun 20 16:36:34 ipadev.redcapcloud.com > <http://ipadev.redcapcloud.com> kadmind[13426]: Setting up RPC socket > for address 0.0.0.0.749 > Jun 20 16:36:34 ipadev.redcapcloud.com > <http://ipadev.redcapcloud.com> kadmind[13426]: Setting up RPC socket > for address ::.749 > Jun 20 16:36:34 ipadev.redcapcloud.com > <http://ipadev.redcapcloud.com> kadmind[13426]: > setsockopt(13,IPV6_V6ONLY,1) worked > Jun 20 16:36:34 ipadev.redcapcloud.com > <http://ipadev.redcapcloud.com> kadmind[13426]: set up 6 sockets > Jun 20 16:36:34 ipadev.redcapcloud.com > <http://ipadev.redcapcloud.com> kadmind[13426]: No such file or > directory while opening ACL file /etc/krb5kdc/kadm5.acl > Jun 20 16:36:34 ipadev.redcapcloud.com > <http://ipadev.redcapcloud.com> kadmind[13426]: Cannot open > /etc/krb5kdc/kadm5.acl: No such file or directory while initializing ACL > file, aborting > Jun 20 16:36:34 ipadev.redcapcloud.com > <http://ipadev.redcapcloud.com> kadmind[13426]: kadmind: kadmind: Cannot > open /etc/krb5kdc/kadm5.acl: No such file or directory while > initializing ACL file, aborting > Jun 20 16:36:34 ipadev.redcapcloud.com > <http://ipadev.redcapcloud.com> systemd[1]: krb5-admin-server.service: > Main process exited, code=exited, status=1/FAILURE > Jun 20 16:36:34 ipadev.redcapcloud.com > <http://ipadev.redcapcloud.com> systemd[1]: krb5-admin-server.service: > Failed with result 'exit-code’. > > is there any way I can fix this?
The installer should at least create a zero-length file if it doesn't exist. Does the directory /etc/krb5kdc exist? If not you can create it and then create an empty file kadm5.acl there and things should be ok. rob _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
