hi Martin,
Much better:)
Unfortunately not perfect yet.
[...]
Done configuring DNS key synchronization service (ipa-dnskeysyncd).
Restarting ipa-dnskeysyncd
Restarting named
ipa : ERROR Named service failed to start (Command
''/bin/systemctl' 'restart' 'named-pkcs11.service'' returned non-zero
exit status 1)
named service failed to start
Global DNS configuration in LDAP server is empty
You can use 'dnsconfig-mod' command to set global DNS options that
would override settings in local named.conf files
Restarting the web server
Unexpected error - see /var/log/ipaserver-install.log for details:
CalledProcessError: Command ''/bin/systemctl' 'restart' 'ipa.service''
returned non-zero exit status 1
This helped:
chmod 777 /var/named/dyndb-ldap/ipa/
Probably chown or chgrp named would be just enough.
Cheers,
tamas
On 11/19/2014 05:41 PM, Martin Kosek wrote:
It is highly probable the issue is caused by SELinux (check for AVCs in
/var/log/audit/audit.log).
Can you try with SELinux permissive? We specifically did not build
selinux-policy as we do not think we should be the ones maintaining it for
CentOS.
HTH,
Martin
----- Original Message -----
From: "Bill Peck" <b...@pecknet.com>
To: "Martin Kosek" <mko...@redhat.com>
Cc: "Tamas Papp" <tom...@martos.bme.hu>, freeipa-users@redhat.com
Sent: Wednesday, November 19, 2014 5:34:10 PM
Subject: Re: [Freeipa-users] freeipa-server from copr repo
Hi Marin,
I was able to install from the copr repo now as well. Thank you!
However I wasn't able to finish the install:
[23/27]: configure certmonger for renewals
[24/27]: configure certificate renewals
[error] DBusException: org.fedorahosted.certmonger.bad_arg: The location
"/etc/pki/pki-tomcat/alias" could not be accessed due to insufficient
permissions.
Don't know if you need the command for how I was installing ipa. But here
is the line from my anseible playbook.
shell: ipa-server-install -a {{ adminpassword }} --hostname={{ servername
}} -r {{ realm }} -p {{ directorypassword }} -n {{ domain }} --setup-dns
--forwarder={{ dnsforwarder }} -U creates={{ slapd }}
On Wed, Nov 19, 2014 at 11:23 AM, Martin Kosek <mko...@redhat.com> wrote:
On 11/19/2014 11:57 AM, Tamas Papp wrote:
I am good in waiting;)
Thanks for the prompt reply.
Ok Tamas, I think we *finally* got somewhere. Can you please try the
mkosek/freeipa Copr repo now?
I was able to install upstream "freeipa-server" 4.1.1 package on my
RHEL-7.0
machine (should be the same for CentOS) and run ipa-server-install:
# yum install freeipa-server --enablerepo=mkosek-freeipa
...
Resolving Dependencies
--> Running transaction check
---> Package freeipa-server.x86_64 0:4.1.1-1.2.el7.centos will be installed
...
Transaction Summary
========================================================================================================
Install 1 Package (+338 Dependent packages)
Upgrade ( 11 Dependent packages)
Total download size: 146 M
...
# rpm -q freeipa-server
freeipa-server-4.1.1-1.2.el7.centos.x86_64
# ipa-server-install --setup-dns
# kinit admin
Password for ad...@example.com:
Thanks,
Martin
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
