Bug 733009
Summary: | ipa-client-install says system configured after an unsuccessful run | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Marko Myllynen <myllynen> |
Component: | ipa | Assignee: | Rob Crittenden <rcritten> |
Status: | CLOSED ERRATA | QA Contact: | Chandrasekar Kannan <ckannan> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 6.2 | CC: | benl, dpal, jgalipea, mkosek, nsoman |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | ipa-2.1.1-1.el6 | Doc Type: | Bug Fix |
Doc Text: |
Do not document
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2011-12-06 18:30:25 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Marko Myllynen
2011-08-24 13:03:11 UTC
Can you provide details on where the client installer failed? Can you attach /var/lib/ipa-client/sysrestore/sysrestore.index > Can you provide details on where the client installer failed? After entering the admin password this is printed: "Joining realm failed: HTTP response code is 500, not 200" This was caused by the known issue with A/PTR mismatch as discussed in bug 732468. > Can you attach /var/lib/ipa-client/sysrestore/sysrestore.index It only has: [files] 63b72c9e823af994-network = 33188,0,0,/etc/sysconfig/network Thanks. Upstream ticket: https://fedorahosted.org/freeipa/ticket/1704 Would it be sufficient to fix by adding more text to the message: "IPA client is already configured on this system. If you want to repair a broken installation run 'ipa-client-install --uninstall --U' to uninstall client software and then try again." The problem is that /etc/sysconfig/network gets set before we attempt to enroll. This isn't getting rolled-back on unsuccessful enrollment attempts. So we need to either set network after enrollment or roll back that change when installation fails. Fixed upstream. master: ad717bff3c8c176f2c3c983d1a743eac00af426e ipa-2-1: 4cd65a1d6e432945ae3c86a49ebc236d845d9cbd Tested using ipa-server-2.1.2-2.el6.x86_64 Steps taken: 1. the client doesn't have a host entry for the server in /etc/hosts. 2. install client, and the installation is unsuccessful 3. check /etc/sysconfig/network, and verify it is restored. 4. reinstall, and see same behaviour as above, and not the reported error that "when running ipa-client-install for the second time it says "IPA client is already configured on this system." test result outputs: # ipa-client-install --hostname namita.testrelm Discovery was successful! Hostname: namita.testrelm Realm: TESTRELM DNS Domain: testrelm IPA Server: rhel62-server1.testrelm BaseDN: dc=testrelm Continue to configure the system with these values? [no]: y User authorized to enroll computers: admin Synchronizing time with KDC... Password for admin@TESTRELM: Joining realm failed: HTTP response code is 500, not 200 Installation failed. Rolling back changes. # cat /etc/sysconfig/network NETWORKING=yes HOSTNAME=rhel62-server2.testrelm # ipa-client-install --hostname namita.testrelm Discovery was successful! Hostname: namita.testrelm Realm: TESTRELM DNS Domain: testrelm IPA Server: rhel62-server1.testrelm BaseDN: dc=testrelm Continue to configure the system with these values? [no]: y User authorized to enroll computers: admin Synchronizing time with KDC... Password for admin@TESTRELM: Joining realm failed: HTTP response code is 500, not 200 Installation failed. Rolling back changes. A 500 error means that something bad happened on the server side. Can you see if a backtrace is in /var/log/httpd/error_log on the IPA server and include it here? Not getting the 500 error since then...but it was very timely to see the error to help verify this bug. Verified that when this error was thrown, client was uninstalled, and all files were restored successfully. Tested with ipa-server-2.1.2-2.el6.x86_64 Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: Do not document Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHSA-2011-1533.html |