Bug 1364377
| Summary: | ipa-server-install fails with failed to create ds instance | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Jan Pazdziora <jpazdziora> |
| Component: | 389-ds-base | Assignee: | Noriko Hosoi <nhosoi> |
| Status: | CLOSED DUPLICATE | QA Contact: | Viktor Ashirov <vashirov> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 7.3 | CC: | jpazdziora, nkinder, rmeggins |
| Target Milestone: | rc | Keywords: | Regression |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2016-08-11 15:26:56 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
This is regression against 389-ds-base-1.3.5.10-5.el7.x86_64. There are also new AVC denials that I did not see before. They are about SSSD but neither SSSD nor selinux-policy version changed from working installations:
type=AVC msg=audit(1470385620.907:199): avc: denied { write } for pid=21669 comm="sssd" path="/etc/sssd/sssd.conf" dev="dm-0" ino=68557311 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:sssd_conf_t:s0 tclass=file
type=AVC msg=audit(1470385620.907:199): avc: denied { create } for pid=21669 comm="sssd" name="sssd.conf" scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:sssd_conf_t:s0 tclass=file
type=AVC msg=audit(1470385620.907:199): avc: denied { add_name } for pid=21669 comm="sssd" name="sssd.conf" scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:sssd_conf_t:s0 tclass=dir
type=AVC msg=audit(1470385620.907:199): avc: denied { write } for pid=21669 comm="sssd" name="sssd" dev="dm-0" ino=68005492 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:sssd_conf_t:s0 tclass=dir
type=AVC msg=audit(1470385620.907:200): avc: denied { setattr } for pid=21669 comm="sssd" name="sssd.conf" dev="dm-0" ino=68557311 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:sssd_conf_t:s0 tclass=file
type=AVC msg=audit(1470385621.493:201): avc: denied { create } for pid=21670 comm="sssd" name="sbus-monitor" scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:sssd_conf_t:s0 tclass=sock_file
type=AVC msg=audit(1470385621.493:202): avc: denied { setattr } for pid=21670 comm="sssd" name="sbus-monitor" dev="dm-0" ino=598583 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:sssd_conf_t:s0 tclass=sock_file
type=AVC msg=audit(1470385621.493:203): avc: denied { getattr } for pid=21670 comm="sssd" path="/var/lib/sss/pipes/private/sbus-monitor" dev="dm-0" ino=598583 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:sssd_conf_t:s0 tclass=sock_file
type=AVC msg=audit(1470385621.505:204): avc: denied { write } for pid=21679 comm="sssd_be" name="sbus-monitor" dev="dm-0" ino=598583 scontext=system_u:system_r:sssd_t:s0 tcontext=system_u:object_r:sssd_conf_t:s0 tclass=sock_file
Hi Jan, Hopefully, 389-ds-base-1.3.5.10-7.el7 fixes your problem, too... We got 3 bug reports on the day 389-ds-base-1.3.5.10-6.el7 was built and ready for testing... Just in case -7 works for you, since this bug is not acked yet and it is a regression introduced by bug 1316580 which is being implemented for rhel-7.3, could you please close this bug as a duplicate of bug 1316580? Thanks & sorry for blocking your test. --noriko I confirm that installations with 389-ds-base-1.3.5.10-7.el7.x86_64 pass. (In reply to Jan Pazdziora from comment #11) > I confirm that installations with 389-ds-base-1.3.5.10-7.el7.x86_64 pass. Thank you so much, Jan!! Closing this bug as dup of bz1316580. *** This bug has been marked as a duplicate of bug 1316580 *** |
Description of problem: Configuring IdM with ipa-server-install fails with [error] RuntimeError: failed to create ds instance Command '/usr/sbin/setup-ds.pl --silent --logfile - -f /tmp/tmpNrnoDc' returned non-zero exit status 1 ipa.ipapython.install.cli.install_tool(Server): ERROR failed to create ds instance Command '/usr/sbin/setup-ds.pl --silent --logfile - -f /tmp/tmpNrnoDc' returned non-zero exit status 1 ipa.ipapython.install.cli.install_tool(Server): ERROR The ipa-server-install command failed. See /var/log/ipaserver-install.log for more information Version-Release number of selected component (if applicable): 389-ds-base-1.3.5.10-6.el7.x86_64 How reproducible: Deterministic. Steps to Reproduce: 1. Run /usr/sbin/ipa-server-install --setup-dns --forwarder=10.11.12.13 --hostname=ipa.example.test -r EXAMPLE.TEST -n example.test -p Secret123 -a Secret123 -U Actual results: Configuring NTP daemon (ntpd) [1/4]: stopping ntpd [2/4]: writing configuration [3/4]: configuring ntpd to start on boot [4/4]: starting ntpd Done configuring NTP daemon (ntpd). Configuring directory server (dirsrv). Estimated time: 1 minute [1/47]: creating directory server user [2/47]: creating directory server instance [error] RuntimeError: failed to create ds instance Command '/usr/sbin/setup-ds.pl --silent --logfile - -f /tmp/tmpNrnoDc' returned non-zero exit status 1 ipa.ipapython.install.cli.install_tool(Server): ERROR failed to create ds instance Command '/usr/sbin/setup-ds.pl --silent --logfile - -f /tmp/tmpNrnoDc' returned non-zero exit status 1 ipa.ipapython.install.cli.install_tool(Server): ERROR The ipa-server-install command failed. See /var/log/ipaserver-install.log for more information Expected results: No error. Additional info: The ipaserver-install.log ends with 2016-08-05T08:16:55Z DEBUG calling setup-ds.pl 2016-08-05T08:16:55Z DEBUG Starting external process 2016-08-05T08:16:55Z DEBUG args=/usr/sbin/setup-ds.pl --silent --logfile - -f /tmp/tmpNrnoDc 2016-08-05T08:26:58Z DEBUG Process finished, return code=1 2016-08-05T08:26:58Z DEBUG stdout=Process returned 256 [16/08/05:04:26:58] - [Setup] Info Could not start the directory server using command '/bin/systemctl start dirsrv'. The last line from the error log was '[05/Aug/2016:04:16:57.952525880 -0400] import userRoot: Import complete. Processed 1 entries in 1 seconds. (1.00 entries/sec) '. Error: Unknown error 256 Could not start the directory server using command '/bin/systemctl start dirsrv'. The last line from the error log was '[05/Aug/2016:04:16:57.952525880 -0400] import userRoot: Import complete. Processed 1 entries in 1 seconds. (1.00 entries/sec) '. Error: Unknown error 256 [16/08/05:04:26:58] - [Setup] Fatal Error: Could not create directory server instance 'EXAMPLE-TEST'. Error: Could not create directory server instance 'EXAMPLE-TEST'. [16/08/05:04:26:58] - [Setup] Fatal Exiting . . . Log file is '-' Exiting . . . Log file is '-' 2016-08-05T08:26:58Z DEBUG stderr=Process returned 256 2016-08-05T08:26:58Z DEBUG Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 448, in start_creation run_step(full_msg, method) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 438, in run_step method() File "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py", line 547, in __create_instance raise RuntimeError("failed to create ds instance %s" % e) RuntimeError: failed to create ds instance Command '/usr/sbin/setup-ds.pl --silent --logfile - -f /tmp/tmpNrnoDc' returned non-zero exit status 1 2016-08-05T08:26:58Z DEBUG [error] RuntimeError: failed to create ds instance Command '/usr/sbin/setup-ds.pl --silent --logfile - -f /tmp/tmpNrnoDc' returned non-zero exit status 1 2016-08-05T08:26:58Z DEBUG File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 171, in execute return_value = self.run() File "/usr/lib/python2.7/site-packages/ipapython/install/cli.py", line 318, in run cfgr.run() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 310, in run self.execute() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 332, in execute for nothing in self._executor(): File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 372, in __runner self._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 394, in _handle_exception six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 362, in __runner step() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 359, in <lambda> step = lambda: next(self.__gen) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from value = gen.send(prev_value) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 586, in _configure next(executor) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 372, in __runner self._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 449, in _handle_exception self.__parent._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 394, in _handle_exception six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 446, in _handle_exception super(ComponentBase, self)._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 394, in _handle_exception six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 362, in __runner step() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 359, in <lambda> step = lambda: next(self.__gen) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from value = gen.send(prev_value) File "/usr/lib/python2.7/site-packages/ipapython/install/common.py", line 63, in _install for nothing in self._installer(self.parent): File "/usr/lib/python2.7/site-packages/ipaserver/install/server/install.py", line 1358, in main install(self) File "/usr/lib/python2.7/site-packages/ipaserver/install/server/install.py", line 266, in decorated func(installer) File "/usr/lib/python2.7/site-packages/ipaserver/install/server/install.py", line 748, in install hbac_allow=not options.no_hbac_allow) File "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py", line 341, in create_instance self.start_creation(runtime=60) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 448, in start_creation run_step(full_msg, method) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 438, in run_step method() File "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py", line 547, in __create_instance raise RuntimeError("failed to create ds instance %s" % e) 2016-08-05T08:26:58Z DEBUG The ipa-server-install command failed, exception: RuntimeError: failed to create ds instance Command '/usr/sbin/setup-ds.pl --silent --logfile - -f /tmp/tmpNrnoDc' returned non-zero exit status 1 2016-08-05T08:26:58Z ERROR failed to create ds instance Command '/usr/sbin/setup-ds.pl --silent --logfile - -f /tmp/tmpNrnoDc' returned non-zero exit status 1 2016-08-05T08:26:58Z ERROR The ipa-server-install command failed. See /var/log/ipaserver-install.log for more information