hi,
a bit late, apologies.
I found that I do have a replica, so the pressure is off, so this is nice
:-). Still, if you are still willing to investigate why this happened, I am
too (just curious). Otherwise we can drop this issue.
I see no dogtag-jss or dogtag-tomcat-jss packages, but I guess
What version of dogtag-jss and dogtag-tomcat-jss are you running? I
wonder if there is some requirement that it be in sync with the rest of
the dogtag packages.
rob
Natxo Asenjo wrote:
> hi,
>
> digging further, the tomcat service does not start because the of this
> error:
>
> server[48368]:
hi,
digging further, the tomcat service does not start because the of this
error:
server[48368]: org.xml.sax.SAXParseException; systemId:
file:/var/lib/pki/pki-tomcat/conf/server.xml; lineNumber: 86; columnNumber:
861; Error at line [86] column [861]: [Cannot invoke "Object.getClass()"
because
On Wed, May 29, 2024 at 3:03 PM Rob Crittenden wrote:
> Since it starts directly as root perhaps check for SELinux AVCs? Maybe a
> relabel would help (or try permissive to catch the full set).
>
> rob
unfortunately selinux was already in permissive mode and no recent avcs:
# ausearch -m avc
Since it starts directly as root perhaps check for SELinux AVCs? Maybe a
relabel would help (or try permissive to catch the full set).
rob
Natxo Asenjo wrote:
> hi,
>
> yes, there was something wrong with another file :-):
>
> # grep -r "11.5.0" /etc/pki/
hi,
yes, there was something wrong with another file :-):
# grep -r "11.5.0" /etc/pki/
/etc/pki/pki-tomcat/tomcat.conf: PKI_VERSION="11.5.0"
So I modified that to
PKI_VERSION=11.4.2
And now I have another error :-), it fails to start because of this (I know
I should not start this from
On Срд, 29 мая 2024, Natxo Asenjo wrote:
hi,
indeed, sorry.
# cat
/etc/pki/pki.version
│
Configuration-Version: 11.5.0
# ipactl restart
Restarting Directory Service
Restarting krb5kdc Service
Restarting kadmin Service
Restarting named Service
Restarting httpd Service
Restarting ipa-custodia
hi,
indeed, sorry.
# cat
/etc/pki/pki.version
│
Configuration-Version: 11.5.0
# ipactl restart
Restarting Directory Service
Restarting krb5kdc Service
Restarting kadmin Service
Restarting named Service
Restarting httpd Service
Restarting ipa-custodia Service
Restarting pki-tomcatd Service
Natxo Asenjo via FreeIPA-users wrote:
> hi,
>
> no, it's without quotes but the rolledback version:
>
> Configuration-Version: 11.4.2
>
> I tried modifiying it to 11.5.0 and ipactl restart, but it does not help
> (reset it to the proper value 11.4.2 now)
Did the error change when you switched
hi,
no, it's without quotes but the rolledback version:
Configuration-Version: 11.4.2
I tried modifiying it to 11.5.0 and ipactl restart, but it does not help
(reset it to the proper value 11.4.2 now)
On Fri, May 24, 2024 at 5:14 PM Alexander Bokovoy
wrote:
> On Fri, 24 May 2024, Natxo
On Fri, 24 May 2024, Natxo Asenjo via FreeIPA-users wrote:
hi,
after a botched update (https://access.redhat.com/solutions/7065748) and
rolling back the changes, this service will not start:
# ipactl status
Directory Service: RUNNING
krb5kdc Service: RUNNING
kadmin Service: RUNNING
named
to
upgrade to something far newer. That is going to require a number of
step upgrades so it will take some time.
rob
>
>
> Regards
> Sai
>
>
> -Original Message-
> From: Rob Crittenden
> Sent: 07 July 2023 22:44
> To: FreeIPA users list ; Florence
> Bl
22:44
To: FreeIPA users list ; Florence
Blanc-Renaud
Cc: Polavarapu Manideep Sai
Subject: Re: [Freeipa-users] Re: pki-tomcatd service stopped
CAUTION. This email originated from outside the organization. Please exercise
caution before clicking on links or attachments in case of suspicion
Polavarapu Manideep Sai via FreeIPA-users wrote:
> Hi Florence
>
>
>
> I have multiple ipa servers, actually the master server should be a CA
> renewal master, but when I checked now it is not, now CA renewal master
> showing as replica server, the same replica server where I am facing
> this
Hi Florence
I have multiple ipa servers, actually the master server should be a CA renewal
master, but when I checked now it is not, now CA renewal master showing as
replica server, the same replica server where I am facing this pki-tomcatd
service failure issue
Not sure how it got changed
Hi,
we need more details in order to help you. Do you have a single IPA server
or multiple servers? Which one is the CA renewal master?
flo
On Fri, Jul 7, 2023 at 10:02 AM Polavarapu Manideep Sai via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:
> Hi Team,
>
>
>
> As we checked
16 matches
Mail list logo
