Hi Martin,
Yes, setting selinux to permissive allowed me to install and configure IPA
4.1 on CentOS 7.
:-)
On Wed, Nov 19, 2014 at 11:41 AM, Martin Kosek <mko...@redhat.com> wrote:
> It is highly probable the issue is caused by SELinux (check for AVCs in
> /var/log/audit/audit.log).
>
> Can you try with SELinux permissive? We specifically did not build
> selinux-policy as we do not think we should be the ones maintaining it for
> CentOS.
>
> HTH,
> Martin
>
> ----- Original Message -----
> > From: "Bill Peck" <b...@pecknet.com>
> > To: "Martin Kosek" <mko...@redhat.com>
> > Cc: "Tamas Papp" <tom...@martos.bme.hu>, freeipa-users@redhat.com
> > Sent: Wednesday, November 19, 2014 5:34:10 PM
> > Subject: Re: [Freeipa-users] freeipa-server from copr repo
> >
> > Hi Marin,
> >
> > I was able to install from the copr repo now as well. Thank you!
> >
> > However I wasn't able to finish the install:
> >
> > [23/27]: configure certmonger for renewals
> > [24/27]: configure certificate renewals
> > [error] DBusException: org.fedorahosted.certmonger.bad_arg: The
> location
> > "/etc/pki/pki-tomcat/alias" could not be accessed due to insufficient
> > permissions.
> >
> >
> > Don't know if you need the command for how I was installing ipa. But
> here
> > is the line from my anseible playbook.
> > shell: ipa-server-install -a {{ adminpassword }} --hostname={{ servername
> > }} -r {{ realm }} -p {{ directorypassword }} -n {{ domain }} --setup-dns
> > --forwarder={{ dnsforwarder }} -U creates={{ slapd }}
> >
> > On Wed, Nov 19, 2014 at 11:23 AM, Martin Kosek <mko...@redhat.com>
> wrote:
> >
> > > On 11/19/2014 11:57 AM, Tamas Papp wrote:
> > > > I am good in waiting;)
> > > >
> > > > Thanks for the prompt reply.
> > >
> > > Ok Tamas, I think we *finally* got somewhere. Can you please try the
> > > mkosek/freeipa Copr repo now?
> > >
> > > I was able to install upstream "freeipa-server" 4.1.1 package on my
> > > RHEL-7.0
> > > machine (should be the same for CentOS) and run ipa-server-install:
> > >
> > > # yum install freeipa-server --enablerepo=mkosek-freeipa
> > > ...
> > > Resolving Dependencies
> > > --> Running transaction check
> > > ---> Package freeipa-server.x86_64 0:4.1.1-1.2.el7.centos will be
> installed
> > > ...
> > > Transaction Summary
> > >
> > >
> ========================================================================================================
> > > Install 1 Package (+338 Dependent packages)
> > > Upgrade ( 11 Dependent packages)
> > >
> > > Total download size: 146 M
> > > ...
> > >
> > > # rpm -q freeipa-server
> > > freeipa-server-4.1.1-1.2.el7.centos.x86_64
> > >
> > > # ipa-server-install --setup-dns
> > >
> > > # kinit admin
> > > Password for ad...@example.com:
> > >
> > > Thanks,
> > > Martin
> > >
> > > --
> > > Manage your subscription for the Freeipa-users mailing list:
> > > https://www.redhat.com/mailman/listinfo/freeipa-users
> > > Go To http://freeipa.org for more info on the project
> > >
> >
>
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
