Looks like a bug, yes. I am just not sure whether in missing Saltstack SELinux module or the actual SELinux policy. You can try filing a bug to SELinux policy.
Looking at SaltStack Troubleshooting guide, would switching to rpm_script_t help? http://docs.saltstack.com/en/latest/topics/troubleshooting/#salt-and-selinux On 03/16/2015 05:21 PM, Andrew Holway wrote: > Hi, > > I think this is perhaps a bug? > > Thanks, > > Andrew > > On 13 March 2015 at 15:55, Andrew Holway <andrew.hol...@gmail.com> wrote: > >> >> >> On 13 March 2015 at 15:33, Michael Lasevich <mlasev...@gmail.com> wrote: >> >>> Is SELinux on? >>> >> Yes, >> >> ipa-server-install is running in the initrc_t domain but I guess its set >> up to run unconfined >> >> >> ps -Z with ipa-server-install run from salt-stack : >> >> system_u:system_r:init_t:s0 root 1568 0.0 1.4 231308 14652 ? >> Ss 14:31 0:00 /bin/python2 /usr/bin/salt-minion >> >> system_u:system_r:initrc_t:s0 root 3101 1.0 4.8 222004 49232 ? >> S 14:47 0:01 /usr/bin/python -E /usr/sbin/ipa-server-install >> >> ps -Z with ipa-server-install run from console : >> >> unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 root 4503 23.7 4.8 >> 323356 48860 pts/1 S+ 14:53 0:00 /usr/bin/python -E >> /sbin/ipa-server-install >> >> >> On Mar 13, 2015 7:46 AM, "Andrew Holway" <andrew.hol...@gmail.com> wrote: >>> >>>> Hallo >>>> >>>> I have a quite odd situation. I am using saltstack to set up freeipa >>>> servers on Centos 7 but I am getting the following error: >>>> >>>> failed to create ds instance Command '/usr/sbin/setup-ds.pl --silent >>>> --logfile - -f /tmp/tmp5witgD' returned non-zero exit status 1 >>>> >>>> Saltstack outputs the command it is trying to run: >>>> >>>> ipa-server-install -a password --realm CLOUD.DOMAIN.DE -P password -p >>>> password -n cloud.domain.de --setup-dns --unattended --no-forwarders >>>> >>>> However if I run this command manually on a clean machine it works fine. >>>> >>>> It works on Centos 6. >>>> >>>> >>>> >>>> I see this in the slapd error log: >>>> >>>> [root@freeipa-2 slapd-CLOUD-NATIVE-INSTRUMENTS-DE]# cat errors >>>> 389-Directory/1.3.1.6 B2014.219.1825 >>>> freeipa-2.cloud.native-instruments.de:389 >>>> (/etc/dirsrv/slapd-CLOUD-NATIVE-INSTRUMENTS-DE) >>>> >>>> [13/Mar/2015:10:45:59 +0000] - Error - Unable to create >>>> /var/lock/dirsrv/slapd-CLOUD-NATIVE-INSTRUMENTS-DE/imports, Netscape >>>> Portable Runtime error -5966 (Access Denied.) >>>> [13/Mar/2015:10:45:59 +0000] - Shutting down due to possible conflicts >>>> with other slapd processes >>>> [13/Mar/2015:10:45:59 +0000] - Error - Unable to create >>>> /var/lock/dirsrv/slapd-CLOUD-NATIVE-INSTRUMENTS-DE/imports, Netscape >>>> Portable Runtime error -5966 (Access Denied.) >>>> [13/Mar/2015:10:45:59 +0000] - Shutting down due to possible conflicts >>>> with other slapd processes >>>> [root@freeipa-2 slapd-CLOUD-NATIVE-INSTRUMENTS-DE]# cat errors | sed >>>> s/NATIVE-INSTRUMENTS/DOMAIN/g >>>> 389-Directory/1.3.1.6 B2014.219.1825 >>>> freeipa-2.cloud.native-instruments.de:389 >>>> (/etc/dirsrv/slapd-CLOUD-DOMAIN-DE) >>>> >>>> [13/Mar/2015:10:45:59 +0000] - Error - Unable to create >>>> /var/lock/dirsrv/slapd-CLOUD-DOMAIN-DE/imports, Netscape Portable Runtime >>>> error -5966 (Access Denied.) >>>> [13/Mar/2015:10:45:59 +0000] - Shutting down due to possible conflicts >>>> with other slapd processes >>>> [13/Mar/2015:10:45:59 +0000] - Error - Unable to create >>>> /var/lock/dirsrv/slapd-CLOUD-DOMAIN-DE/imports, Netscape Portable Runtime >>>> error -5966 (Access Denied.) >>>> [13/Mar/2015:10:45:59 +0000] - Shutting down due to possible conflicts >>>> with other slapd processes >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> ipaserver-install.log >>>> >>>> 015-03-13T10:45:57Z DEBUG Loading StateFile from >>>> '/var/lib/ipa/sysrestore/sysrestore.state' >>>> 2015-03-13T10:45:57Z DEBUG Loading Index file from >>>> '/var/lib/ipa/sysrestore/sysrestore.index' >>>> 2015-03-13T10:45:57Z DEBUG httpd is not configured >>>> 2015-03-13T10:45:57Z DEBUG kadmin is not configured >>>> 2015-03-13T10:45:57Z DEBUG dirsrv is not configured >>>> 2015-03-13T10:45:57Z DEBUG pki-cad is not configured >>>> 2015-03-13T10:45:57Z DEBUG pki-tomcatd is not configured >>>> 2015-03-13T10:45:57Z DEBUG install is not configured >>>> 2015-03-13T10:45:57Z DEBUG krb5kdc is not configured >>>> 2015-03-13T10:45:57Z DEBUG ntpd is not configured >>>> 2015-03-13T10:45:57Z DEBUG named is not configured >>>> 2015-03-13T10:45:57Z DEBUG ipa_memcached is not configured >>>> 2015-03-13T10:45:57Z DEBUG filestore is tracking no files >>>> 2015-03-13T10:45:57Z DEBUG Loading Index file from >>>> '/var/lib/ipa-client/sysrestore/sysrestore.index' >>>> 2015-03-13T10:45:57Z DEBUG /usr/sbin/ipa-server-install was invoked with >>>> options: {'reverse_zone': None, 'mkhomedir': False, 'create_sshfp': True, >>>> 'conf_sshd': True, 'conf_ntp': True, 'subject': None, 'no_forwarders': >>>> True, 'ui_redirect': True, 'domain_name': 'cloud.domain.de', 'idmax': >>>> 0, 'hbac_allow': False, 'no_reverse': False, 'dirsrv_pkcs12': None, >>>> 'unattended': True, 'trust_sshfp': False, 'external_ca_file': None, >>>> 'no_host_dns': False, 'http_pkcs12': None, 'realm_name': ' >>>> CLOUD.DOMAIN.DE', 'forwarders': None, 'idstart': 1544400000, >>>> 'external_ca': False, 'ip_address': None, 'conf_ssh': True, 'zonemgr': >>>> None, 'root_ca_file': None, 'setup_dns': True, 'host_name': None, 'debug': >>>> False, 'external_cert_file': None, 'uninstall': False} >>>> 2015-03-13T10:45:57Z DEBUG missing options might be asked for >>>> interactively later >>>> >>>> 2015-03-13T10:45:57Z DEBUG Loading Index file from >>>> '/var/lib/ipa/sysrestore/sysrestore.index' >>>> 2015-03-13T10:45:57Z DEBUG Loading StateFile from >>>> '/var/lib/ipa/sysrestore/sysrestore.state' >>>> 2015-03-13T10:45:57Z DEBUG Starting external process >>>> 2015-03-13T10:45:57Z DEBUG args=/bin/systemctl is-enabled chronyd.service >>>> 2015-03-13T10:45:57Z DEBUG Process finished, return code=0 >>>> 2015-03-13T10:45:57Z DEBUG stdout=enabled >>>> >>>> 2015-03-13T10:45:57Z DEBUG stderr= >>>> 2015-03-13T10:45:57Z DEBUG Starting external process >>>> 2015-03-13T10:45:57Z DEBUG args=/usr/sbin/httpd -t -D DUMP_VHOSTS >>>> 2015-03-13T10:45:57Z DEBUG Process finished, return code=0 >>>> 2015-03-13T10:45:57Z DEBUG stdout=VirtualHost configuration: >>>> *:8443 is a NameVirtualHost >>>> default server freeipa-2.cloud.domain.de >>>> (/etc/httpd/conf.d/nss.conf:86) >>>> port 8443 namevhost freeipa-2.cloud.domain.de >>>> (/etc/httpd/conf.d/nss.conf:86) >>>> port 8443 namevhost freeipa-2.cloud.domain.de >>>> (/etc/httpd/conf.d/nss.conf:86) >>>> >>>> 2015-03-13T10:45:57Z DEBUG stderr= >>>> 2015-03-13T10:45:57Z DEBUG Check if freeipa-2.cloud.domain.de is a >>>> primary hostname for localhost >>>> 2015-03-13T10:45:57Z DEBUG Primary hostname for localhost: >>>> freeipa-2.cloud.domain.de >>>> 2015-03-13T10:45:57Z DEBUG will use host_name: freeipa-2.cloud.domain.de >>>> >>>> 2015-03-13T10:45:57Z DEBUG Starting external process >>>> 2015-03-13T10:45:57Z DEBUG args=/sbin/ip -family inet -oneline address >>>> show >>>> 2015-03-13T10:45:57Z DEBUG Process finished, return code=0 >>>> 2015-03-13T10:45:57Z DEBUG stdout=1: lo inet 127.0.0.1/8 scope host >>>> lo\ valid_lft forever preferred_lft forever >>>> 2: eth0 inet 10.16.1.100/24 brd 10.16.1.255 scope global dynamic >>>> eth0\ valid_lft 2770sec preferred_lft 2770sec >>>> >>>> 2015-03-13T10:45:57Z DEBUG stderr= >>>> 2015-03-13T10:45:57Z DEBUG will use dns_forwarders: () >>>> >>>> 2015-03-13T10:45:57Z DEBUG importing all plugin modules in >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins'... >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/aci.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/automember.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/automount.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/baseldap.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/batch.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/cert.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/config.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/delegation.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/dns.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/group.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/hbacrule.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/hbacsvc.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/hbacsvcgroup.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/hbactest.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/host.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/hostgroup.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/idrange.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/internal.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/kerberos.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/krbtpolicy.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/migration.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/misc.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/netgroup.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/passwd.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/permission.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/ping.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/pkinit.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/privilege.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/pwpolicy.py' >>>> 2015-03-13T10:45:57Z DEBUG Starting external process >>>> 2015-03-13T10:45:57Z DEBUG args=klist -V >>>> 2015-03-13T10:45:57Z DEBUG Process finished, return code=0 >>>> 2015-03-13T10:45:57Z DEBUG stdout=Kerberos 5 version 1.11.3 >>>> >>>> 2015-03-13T10:45:57Z DEBUG stderr= >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/realmdomains.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/role.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/selfservice.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/selinuxusermap.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/service.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/sudocmd.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/sudocmdgroup.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/sudorule.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/trust.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/user.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/virtual.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipalib/plugins/xmlclient.py' >>>> 2015-03-13T10:45:57Z DEBUG importing all plugin modules in >>>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins'... >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/adtrust.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/baseupdate.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/dns.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/fix_replica_agreements.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/rename_managed.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/update_anonymous_aci.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/update_idranges.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/update_pacs.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/update_services.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/updateclient.py' >>>> 2015-03-13T10:45:57Z DEBUG importing plugin module >>>> '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/upload_cacrt.py' >>>> 2015-03-13T10:45:58Z DEBUG Adding DS group dirsrv >>>> 2015-03-13T10:45:58Z DEBUG Starting external process >>>> 2015-03-13T10:45:58Z DEBUG args=/usr/sbin/groupadd -r dirsrv >>>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0 >>>> 2015-03-13T10:45:58Z DEBUG stdout= >>>> 2015-03-13T10:45:58Z DEBUG stderr= >>>> 2015-03-13T10:45:58Z DEBUG Done adding DS group >>>> 2015-03-13T10:45:58Z DEBUG Starting external process >>>> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl is-enabled chronyd.service >>>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0 >>>> 2015-03-13T10:45:58Z DEBUG stdout=enabled >>>> >>>> 2015-03-13T10:45:58Z DEBUG stderr= >>>> 2015-03-13T10:45:58Z DEBUG Starting external process >>>> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl is-active chronyd.service >>>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0 >>>> 2015-03-13T10:45:58Z DEBUG stdout=active >>>> >>>> 2015-03-13T10:45:58Z DEBUG stderr= >>>> 2015-03-13T10:45:58Z DEBUG Saving StateFile to >>>> '/var/lib/ipa/sysrestore/sysrestore.state' >>>> 2015-03-13T10:45:58Z DEBUG Saving StateFile to >>>> '/var/lib/ipa/sysrestore/sysrestore.state' >>>> 2015-03-13T10:45:58Z DEBUG Starting external process >>>> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl stop chronyd.service >>>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0 >>>> 2015-03-13T10:45:58Z DEBUG stdout= >>>> 2015-03-13T10:45:58Z DEBUG stderr= >>>> 2015-03-13T10:45:58Z DEBUG Starting external process >>>> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl disable chronyd.service >>>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0 >>>> 2015-03-13T10:45:58Z DEBUG stdout= >>>> 2015-03-13T10:45:58Z DEBUG stderr=rm >>>> '/etc/systemd/system/multi-user.target.wants/chronyd.service' >>>> >>>> 2015-03-13T10:45:58Z DEBUG Loading StateFile from >>>> '/var/lib/ipa/sysrestore/sysrestore.state' >>>> 2015-03-13T10:45:58Z DEBUG Configuring NTP daemon (ntpd) >>>> 2015-03-13T10:45:58Z DEBUG [1/4]: stopping ntpd >>>> 2015-03-13T10:45:58Z DEBUG Starting external process >>>> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl is-active ntpd.service >>>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=3 >>>> 2015-03-13T10:45:58Z DEBUG stdout=unknown >>>> >>>> 2015-03-13T10:45:58Z DEBUG stderr= >>>> 2015-03-13T10:45:58Z DEBUG Saving StateFile to >>>> '/var/lib/ipa/sysrestore/sysrestore.state' >>>> 2015-03-13T10:45:58Z DEBUG Starting external process >>>> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl stop ntpd.service >>>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0 >>>> 2015-03-13T10:45:58Z DEBUG stdout= >>>> 2015-03-13T10:45:58Z DEBUG stderr= >>>> 2015-03-13T10:45:58Z DEBUG duration: 0 seconds >>>> 2015-03-13T10:45:58Z DEBUG [2/4]: writing configuration >>>> 2015-03-13T10:45:58Z DEBUG Backing up system configuration file >>>> '/etc/ntp.conf' >>>> 2015-03-13T10:45:58Z DEBUG Saving Index File to >>>> '/var/lib/ipa/sysrestore/sysrestore.index' >>>> 2015-03-13T10:45:58Z DEBUG Backing up system configuration file >>>> '/etc/sysconfig/ntpd' >>>> 2015-03-13T10:45:58Z DEBUG Saving Index File to >>>> '/var/lib/ipa/sysrestore/sysrestore.index' >>>> 2015-03-13T10:45:58Z DEBUG duration: 0 seconds >>>> 2015-03-13T10:45:58Z DEBUG [3/4]: configuring ntpd to start on boot >>>> 2015-03-13T10:45:58Z DEBUG Starting external process >>>> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl is-enabled ntpd.service >>>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=1 >>>> 2015-03-13T10:45:58Z DEBUG stdout=disabled >>>> >>>> 2015-03-13T10:45:58Z DEBUG stderr= >>>> 2015-03-13T10:45:58Z DEBUG Saving StateFile to >>>> '/var/lib/ipa/sysrestore/sysrestore.state' >>>> 2015-03-13T10:45:58Z DEBUG Starting external process >>>> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl enable ntpd.service >>>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0 >>>> 2015-03-13T10:45:58Z DEBUG stdout= >>>> 2015-03-13T10:45:58Z DEBUG stderr=ln -s >>>> '/usr/lib/systemd/system/ntpd.service' >>>> '/etc/systemd/system/multi-user.target.wants/ntpd.service' >>>> >>>> 2015-03-13T10:45:58Z DEBUG duration: 0 seconds >>>> 2015-03-13T10:45:58Z DEBUG [4/4]: starting ntpd >>>> 2015-03-13T10:45:58Z DEBUG Starting external process >>>> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl start ntpd.service >>>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0 >>>> 2015-03-13T10:45:58Z DEBUG stdout= >>>> 2015-03-13T10:45:58Z DEBUG stderr= >>>> 2015-03-13T10:45:58Z DEBUG Starting external process >>>> 2015-03-13T10:45:58Z DEBUG args=/bin/systemctl is-active ntpd.service >>>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0 >>>> 2015-03-13T10:45:58Z DEBUG stdout=active >>>> >>>> 2015-03-13T10:45:58Z DEBUG stderr= >>>> 2015-03-13T10:45:58Z DEBUG duration: 0 seconds >>>> 2015-03-13T10:45:58Z DEBUG Done configuring NTP daemon (ntpd). >>>> 2015-03-13T10:45:58Z DEBUG Loading StateFile from >>>> '/var/lib/ipa/sysrestore/sysrestore.state' >>>> 2015-03-13T10:45:58Z DEBUG Configuring directory server (dirsrv): >>>> Estimated time 1 minute >>>> 2015-03-13T10:45:58Z DEBUG [1/38]: creating directory server user >>>> 2015-03-13T10:45:58Z DEBUG Adding DS user dirsrv >>>> 2015-03-13T10:45:58Z DEBUG Starting external process >>>> 2015-03-13T10:45:58Z DEBUG args=/usr/sbin/useradd -g dirsrv -c DS System >>>> User -d /var/lib/dirsrv -s /sbin/nologin -M -r dirsrv >>>> 2015-03-13T10:45:58Z DEBUG Process finished, return code=0 >>>> 2015-03-13T10:45:58Z DEBUG stdout= >>>> 2015-03-13T10:45:58Z DEBUG stderr= >>>> 2015-03-13T10:45:58Z DEBUG Done adding DS user >>>> 2015-03-13T10:45:58Z DEBUG duration: 0 seconds >>>> 2015-03-13T10:45:58Z DEBUG [2/38]: creating directory server instance >>>> 2015-03-13T10:45:58Z DEBUG Saving StateFile to >>>> '/var/lib/ipa/sysrestore/sysrestore.state' >>>> 2015-03-13T10:45:58Z DEBUG Backing up system configuration file >>>> '/etc/sysconfig/dirsrv' >>>> 2015-03-13T10:45:58Z DEBUG Saving Index File to >>>> '/var/lib/ipa/sysrestore/sysrestore.index' >>>> 2015-03-13T10:45:58Z DEBUG >>>> dn: dc=cloud,dc=domain,dc=de >>>> objectClass: top >>>> objectClass: domain >>>> objectClass: pilotObject >>>> dc: cloud >>>> info: IPA V2.0 >>>> >>>> 2015-03-13T10:45:58Z DEBUG writing inf template >>>> 2015-03-13T10:45:58Z DEBUG >>>> [General] >>>> FullMachineName= freeipa-2.cloud.domain.de >>>> SuiteSpotUserID= dirsrv >>>> SuiteSpotGroup= dirsrv >>>> ServerRoot= /usr/lib64/dirsrv >>>> [slapd] >>>> ServerPort= 389 >>>> ServerIdentifier= CLOUD-DOMAIN-DE >>>> Suffix= dc=cloud,dc=domain,dc=de >>>> RootDN= cn=Directory Manager >>>> InstallLdifFile= /var/lib/dirsrv/boot.ldif >>>> inst_dir= /var/lib/dirsrv/scripts-CLOUD-DOMAIN-DE >>>> >>>> 2015-03-13T10:45:58Z DEBUG calling setup-ds.pl >>>> 2015-03-13T10:45:58Z DEBUG Starting external process >>>> 2015-03-13T10:45:58Z DEBUG args=/usr/sbin/setup-ds.pl --silent >>>> --logfile - -f /tmp/tmp5witgD >>>> 2015-03-13T10:45:59Z DEBUG Process finished, return code=1 >>>> 2015-03-13T10:45:59Z DEBUG stdout=[15/03/13:10:45:59] - [Setup] Info >>>> Could not import LDIF file '/var/lib/dirsrv/boot.ldif'. Error: 256. >>>> Output: importing data ... >>>> [13/Mar/2015:10:45:59 +0000] - Error - Unable to create >>>> /var/lock/dirsrv/slapd-CLOUD-DOMAIN-DE/imports, Netscape Portable Runtime >>>> error -5966 (Access Denied.) >>>> [13/Mar/2015:10:45:59 +0000] - Shutting down due to possible conflicts >>>> with other slapd processes >>>> >>>> Could not import LDIF file '/var/lib/dirsrv/boot.ldif'. Error: 256. >>>> Output: importing data ... >>>> [13/Mar/2015:10:45:59 +0000] - Error - Unable to create >>>> /var/lock/dirsrv/slapd-CLOUD-DOMAIN-DE/imports, Netscape Portable Runtime >>>> error -5966 (Access Denied.) >>>> [13/Mar/2015:10:45:59 +0000] - Shutting down due to possible conflicts >>>> with other slapd processes >>>> >>>> [15/03/13:10:45:59] - [Setup] Fatal Error: Could not create directory >>>> server instance 'CLOUD-DOMAIN-DE'. >>>> Error: Could not create directory server instance 'CLOUD-DOMAIN-DE'. >>>> [15/03/13:10:45:59] - [Setup] Fatal Exiting . . . >>>> Log file is '-' >>>> >>>> Exiting . . . >>>> Log file is '-' >>>> >>>> >>>> 2015-03-13T10:45:59Z DEBUG stderr= >>>> 2015-03-13T10:45:59Z CRITICAL failed to create ds instance Command >>>> '/usr/sbin/setup-ds.pl --silent --logfile - -f /tmp/tmp5witgD' returned >>>> non-zero exit status 1 >>>> 2015-03-13T10:45:59Z DEBUG restarting ds instance >>>> 2015-03-13T10:45:59Z DEBUG Starting external process >>>> 2015-03-13T10:45:59Z DEBUG args=/bin/systemctl --system daemon-reload >>>> 2015-03-13T10:45:59Z DEBUG Process finished, return code=0 >>>> 2015-03-13T10:45:59Z DEBUG stdout= >>>> 2015-03-13T10:45:59Z DEBUG stderr= >>>> 2015-03-13T10:45:59Z DEBUG Starting external process >>>> 2015-03-13T10:45:59Z DEBUG args=/bin/systemctl restart >>>> dirsrv@CLOUD-DOMAIN-DE.service >>>> 2015-03-13T10:45:59Z DEBUG Process finished, return code=0 >>>> 2015-03-13T10:45:59Z DEBUG stdout= >>>> 2015-03-13T10:45:59Z DEBUG stderr= >>>> 2015-03-13T10:45:59Z DEBUG Starting external process >>>> 2015-03-13T10:45:59Z DEBUG args=/bin/systemctl is-active >>>> dirsrv@CLOUD-DOMAIN-DE.service >>>> 2015-03-13T10:45:59Z DEBUG Process finished, return code=0 >>>> 2015-03-13T10:45:59Z DEBUG stdout=active >>>> >>>> 2015-03-13T10:45:59Z DEBUG stderr= >>>> 2015-03-13T10:45:59Z DEBUG wait_for_open_ports: localhost [389] timeout >>>> 300 >>>> 2015-03-13T10:50:59Z CRITICAL Failed to restart the directory server (). >>>> See the installation log for details. >>>> 2015-03-13T10:50:59Z DEBUG done restarting ds instance >>>> 2015-03-13T10:50:59Z DEBUG duration: 301 seconds >>>> 2015-03-13T10:50:59Z DEBUG [3/38]: adding default schema >>>> 2015-03-13T10:50:59Z DEBUG duration: 0 seconds >>>> 2015-03-13T10:50:59Z DEBUG [4/38]: enabling memberof plugin >>>> 2015-03-13T10:50:59Z DEBUG wait_for_open_ports: >>>> freeipa-2.cloud.domain.de [389] timeout 10 >>>> 2015-03-13T10:51:09Z DEBUG Could not connect to the Directory Server on >>>> freeipa-2.cloud.domain.de: >>>> 2015-03-13T10:51:09Z DEBUG File >>>> "/usr/lib/python2.7/site-packages/ipaserver/install/installutils.py", line >>>> 638, in run_script >>>> return_value = main_function() >>>> >>>> File "/usr/sbin/ipa-server-install", line 1059, in main >>>> hbac_allow=not options.hbac_allow) >>>> >>>> File >>>> "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py", line >>>> 323, in create_instance >>>> self.start_creation(runtime=60) >>>> >>>> File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", >>>> line 364, in start_creation >>>> method() >>>> >>>> File >>>> "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py", line >>>> 501, in __add_memberof_module >>>> self._ldap_mod("memberof-conf.ldif") >>>> >>>> File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", >>>> line 152, in _ldap_mod >>>> self.ldap_connect() >>>> >>>> File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", >>>> line 99, in ldap_connect >>>> conn.do_simple_bind(bindpw=self.dm_password) >>>> >>>> File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line >>>> 1735, in do_simple_bind >>>> self.__bind_with_wait(self.conn.simple_bind_s, timeout, binddn, >>>> bindpw) >>>> >>>> File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line >>>> 1730, in __bind_with_wait >>>> self.__wait_for_connection(timeout) >>>> >>>> File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line >>>> 1719, in __wait_for_connection >>>> wait_for_open_ports(host, int(port), timeout) >>>> >>>> File "/usr/lib/python2.7/site-packages/ipapython/ipautil.py", line >>>> 1096, in wait_for_open_ports >>>> raise socket.timeout() >>>> >>>> 2015-03-13T10:51:09Z DEBUG The ipa-server-install command failed, >>>> exception: timeout: >>>> >>>> -- >>>> Manage your subscription for the Freeipa-users mailing list: >>>> https://www.redhat.com/mailman/listinfo/freeipa-users >>>> Go to http://freeipa.org for more info on the project >>>> >>> >> > > > -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
