| Summary: | ipa-replica-install fails when --no-host-dns option is provided. | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Gowrishankar Rajaiyan <grajaiya> | ||||
| Component: | ipa | Assignee: | Rob Crittenden <rcritten> | ||||
| Status: | CLOSED ERRATA | QA Contact: | IDM QE LIST <seceng-idm-qe-list> | ||||
| Severity: | unspecified | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | 6.2 | CC: | jgalipea, mkosek, nsoman | ||||
| Target Milestone: | rc | ||||||
| Target Release: | --- | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | ipa-2.2.0-1.el6 | Doc Type: | Bug Fix | ||||
| Doc Text: |
Cause: IPA installer did not process host IP address properly --no-host-dns option was passed.
Consequence: When hostname was not resolvable and --no-host-dns option was used, ipa-replica-install failed in a middle of the installation and did not amend the host name resolution in the same way as ipa-server-install does.
Fix: ipa-server-install and ipa-replica-install now share host IP address processing. They both add a record to /etc/hosts when the server/replica hostname is not resolvable.
Result: ipa-replica-install is now more robust and prevents more user errors when replica hostname is not resolvable.
|
Story Points: | --- | ||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2012-06-20 13:17:55 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Attachments: |
|
||||||
Upstream ticket: https://fedorahosted.org/freeipa/ticket/2139 Fixed upstream: master: 5550ee16071e5a1cf6c3a0f58c15865d730fe1e4 649d13b59746582ee19a7b40e454bc268b1b9be9 bc5085699d92369460c04050fad11bf64978fbd3 95f3ec5d7053a54a393daf1f7d9a93be9d8a64fe ipa-2-2: 6bb719be5c7b126931310432d604cda4e4e56d3b 61ad6e09b15f84655a8f91183f5aebe7d117fa56 8413882dabdd511fff5435ae820f1bd599c1f13b 4b7d430b29c897e768ce10c1d7e9e5ecf79c575a
Technical note added. If any revisions are required, please edit the "Technical Notes" field
accordingly. All revisions will be proofread by the Engineering Content Services team.
New Contents:
Cause: IPA installer did not process host IP address properly --no-host-dns option was passed.
Consequence: When hostname was not resolvable and --no-host-dns option was used, ipa-replica-install failed in a middle of the installation and did not amend the host name resolution in the same way as ipa-server-install does.
Fix: ipa-server-install and ipa-replica-install now share host IP address processing. They both add a record to /etc/hosts when the server/replica hostname is not resolvable.
Result: ipa-replica-install is now more robust and prevents more user errors when replica hostname is not resolvable.
Created attachment 582707 [details]
test ouput
tests run on ipa-server.x86_64 0:2.2.0-12.el6 pass. Attaching test output
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2012-0819.html |
Description of problem: Version-Release number of selected component (if applicable): ipa-server-2.1.3-9.el6.x86_64 How reproducible: Always Steps to Reproduce: 1. Setup ipa-server. 2. Prepare a replica file. 3. ipa-replica-install with --no-host-dns option. Actual results: replica install fails with "Unable to resolve IP address for hos name" Expected results: Should not use hostname lookup during installation and replica install should be successful. Additional info: Looking up master from slave: [root@ratchet ~]# nslookup jetfire.testrelm Server: 10.65.201.71 Address: 10.65.201.71#53 Name: jetfire.testrelm Address: 10.65.201.71 [root@ratchet ~]# Reverse lookup of master from slave: [root@ratchet ~]# nslookup 10.65.201.71 Server: 10.65.201.71 Address: 10.65.201.71#53 71.201.65.10.in-addr.arpa name = jetfire.testrelm. [root@ratchet ~]# /etc/hosts of slave: [root@ratchet ~]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 10.65.201.71 jetfire.testrelm jetfire #10.65.201.69 ratchet.testrelm ratchet [root@ratchet ~]# [root@ratchet ~]# ipa-replica-install --skip-conncheck --no-host-dns replica-info-ratchet.testrelm.gpg Directory Manager (existing master) password: Warning: skipping DNS resolution of host ratchet.testrelm Configuring ntpd [1/4]: stopping ntpd [2/4]: writing configuration [3/4]: configuring ntpd to start on boot [4/4]: starting ntpd done configuring ntpd. Unable to resolve IP address for host name [root@ratchet ~]# 2011-11-28 16:31:06,897 DEBUG /usr/sbin/ipa-replica-install was invoked with argument "replica-info-ratchet.testrelm.gpg" and options: {'no_forwarders': False, 'ui_redirect': True, 'reverse_zone': None, 'unattended': False, 'no_host_dns': True, 'no_reverse': False, 'setup_dns': False, 'setup_ca': False, 'forwarders': None, 'debug': False, 'conf_ntp': True, 'skip_conncheck': True} 2011-11-28 16:31:06,897 DEBUG Loading Index file from '/var/lib/ipa-client/sysrestore/sysrestore.index' 2011-11-28 16:31:06,897 DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' 2011-11-28 16:31:09,719 DEBUG args=/usr/bin/gpg --batch --homedir /tmp/tmpGMQtBLipa/ipa-RRyuKL/.gnupg --passphrase-fd 0 --yes --no-tty -o /tmp/tmpGMQtBLipa/files.tar -d replica-info-ratchet.testrelm.gpg 2011-11-28 16:31:09,719 DEBUG stdout= 2011-11-28 16:31:09,719 DEBUG stderr=gpg: WARNING: unsafe permissions on homedir `/tmp/tmpGMQtBLipa/ipa-RRyuKL/.gnupg' gpg: keyring `/tmp/tmpGMQtBLipa/ipa-RRyuKL/.gnupg/secring.gpg' created gpg: keyring `/tmp/tmpGMQtBLipa/ipa-RRyuKL/.gnupg/pubring.gpg' created gpg: 3DES encrypted data gpg: encrypted with 1 passphrase gpg: WARNING: message was not integrity protected 2011-11-28 16:31:09,728 DEBUG args=tar xf /tmp/tmpGMQtBLipa/files.tar -C /tmp/tmpGMQtBLipa 2011-11-28 16:31:09,729 DEBUG stdout= 2011-11-28 16:31:09,729 DEBUG stderr= 2011-11-28 16:31:09,753 DEBUG importing all plugin modules in '/usr/lib/python2.6/site-packages/ipalib/plugins'... 2011-11-28 16:31:09,754 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/aci.py' 2011-11-28 16:31:09,764 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/automember.py' 2011-11-28 16:31:09,790 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/automount.py' 2011-11-28 16:31:09,797 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/baseldap.py' 2011-11-28 16:31:09,798 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/batch.py' 2011-11-28 16:31:09,799 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/cert.py' 2011-11-28 16:31:09,814 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/config.py' 2011-11-28 16:31:09,819 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/delegation.py' 2011-11-28 16:31:09,822 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/dns.py' 2011-11-28 16:31:09,830 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/group.py' 2011-11-28 16:31:09,834 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/hbacrule.py' 2011-11-28 16:31:09,844 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/hbacsvc.py' 2011-11-28 16:31:09,845 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/hbacsvcgroup.py' 2011-11-28 16:31:09,847 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/hbactest.py' 2011-11-28 16:31:09,850 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/host.py' 2011-11-28 16:31:09,859 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/hostgroup.py' 2011-11-28 16:31:09,860 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/internal.py' 2011-11-28 16:31:09,863 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/kerberos.py' 2011-11-28 16:31:09,863 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/krbtpolicy.py' 2011-11-28 16:31:09,865 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/migration.py' 2011-11-28 16:31:09,869 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/misc.py' 2011-11-28 16:31:09,870 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/netgroup.py' 2011-11-28 16:31:09,874 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/passwd.py' 2011-11-28 16:31:09,884 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/permission.py' 2011-11-28 16:31:09,888 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/ping.py' 2011-11-28 16:31:09,888 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/privilege.py' 2011-11-28 16:31:09,890 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/pwpolicy.py' 2011-11-28 16:31:09,900 DEBUG args=klist -V 2011-11-28 16:31:09,900 DEBUG stdout=Kerberos 5 version 1.9 2011-11-28 16:31:09,900 DEBUG stderr= 2011-11-28 16:31:09,905 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/role.py' 2011-11-28 16:31:09,906 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/selfservice.py' 2011-11-28 16:31:09,908 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/service.py' 2011-11-28 16:31:09,909 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/sudocmd.py' 2011-11-28 16:31:09,910 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/sudocmdgroup.py' 2011-11-28 16:31:09,912 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/sudorule.py' 2011-11-28 16:31:09,921 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/user.py' 2011-11-28 16:31:09,921 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/virtual.py' 2011-11-28 16:31:09,921 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/xmlclient.py' 2011-11-28 16:31:09,921 DEBUG importing all plugin modules in '/usr/lib/python2.6/site-packages/ipaserver/plugins'... 2011-11-28 16:31:09,922 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipaserver/plugins/dogtag.py' 2011-11-28 16:31:09,941 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipaserver/plugins/join.py' 2011-11-28 16:31:09,942 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipaserver/plugins/ldap2.py' 2011-11-28 16:31:09,942 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipaserver/plugins/rabase.py' 2011-11-28 16:31:09,942 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipaserver/plugins/selfsign.py' 2011-11-28 16:31:09,943 DEBUG skipping plugin module ipaserver.plugins.selfsign: selfsign is not selected as RA plugin, it is dogtag 2011-11-28 16:31:09,943 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipaserver/plugins/xmlserver.py' 2011-11-28 16:31:10,022 DEBUG Mounting ipaserver.rpcserver.jsonserver() at 'json' 2011-11-28 16:31:10,033 DEBUG Mounting ipaserver.rpcserver.xmlserver() at 'xml' 2011-11-28 16:31:10,665 DEBUG ds group dirsrv exists 2011-11-28 16:31:10,665 DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state' 2011-11-28 16:31:10,680 DEBUG Created connection context.ldap2_35333584 2011-11-28 16:31:10,860 DEBUG Destroyed connection context.ldap2_35333584 2011-11-28 16:31:10,861 DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' 2011-11-28 16:31:10,861 DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index' 2011-11-28 16:31:10,861 DEBUG Configuring ntpd 2011-11-28 16:31:10,862 DEBUG [1/4]: stopping ntpd 2011-11-28 16:31:10,929 DEBUG args=/sbin/service ntpd status 2011-11-28 16:31:10,930 DEBUG stdout=ntpd is stopped 2011-11-28 16:31:10,930 DEBUG stderr= 2011-11-28 16:31:10,930 DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state' 2011-11-28 16:31:10,979 DEBUG args=/sbin/service ntpd stop 2011-11-28 16:31:10,980 DEBUG stdout=Shutting down ntpd: [FAILED] 2011-11-28 16:31:10,980 DEBUG stderr= 2011-11-28 16:31:10,980 DEBUG duration: 0 seconds 2011-11-28 16:31:10,980 DEBUG [2/4]: writing configuration 2011-11-28 16:31:10,980 DEBUG Backing up system configuration file '/etc/ntp.conf' 2011-11-28 16:31:10,981 DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index' 2011-11-28 16:31:10,981 DEBUG Backing up system configuration file '/etc/sysconfig/ntpd' 2011-11-28 16:31:10,982 DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index' 2011-11-28 16:31:10,983 DEBUG duration: 0 seconds 2011-11-28 16:31:10,983 DEBUG [3/4]: configuring ntpd to start on boot 2011-11-28 16:31:10,996 DEBUG args=/sbin/chkconfig ntpd 2011-11-28 16:31:10,996 DEBUG stdout= 2011-11-28 16:31:10,996 DEBUG stderr= 2011-11-28 16:31:10,996 DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state' 2011-11-28 16:31:11,385 DEBUG args=/sbin/chkconfig ntpd on 2011-11-28 16:31:11,386 DEBUG stdout= 2011-11-28 16:31:11,386 DEBUG stderr= 2011-11-28 16:31:11,386 DEBUG duration: 0 seconds 2011-11-28 16:31:11,386 DEBUG [4/4]: starting ntpd 2011-11-28 16:31:11,429 DEBUG args=/sbin/service ntpd start 2011-11-28 16:31:11,429 DEBUG stdout=Starting ntpd: [ OK ] 2011-11-28 16:31:11,429 DEBUG stderr= 2011-11-28 16:31:11,430 DEBUG duration: 0 seconds 2011-11-28 16:31:11,430 DEBUG done configuring ntpd. 2011-11-28 16:31:11,431 DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' 2011-11-28 16:31:11,452 DEBUG Created connection context.ldap2 2011-11-28 16:31:11,452 DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' 2011-11-28 16:31:11,453 DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index'