Bug 759100
| Summary: | Unable to install ipa-server on a specified interface in dual nic machines. | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Gowrishankar Rajaiyan <grajaiya> |
| Component: | ipa | Assignee: | Rob Crittenden <rcritten> |
| Status: | CLOSED ERRATA | QA Contact: | IDM QE LIST <seceng-idm-qe-list> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 6.2 | CC: | jgalipea, mkosek, sgoveas |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | ipa-2.2.0-1.el6 | Doc Type: | Bug Fix |
| Doc Text: |
Cause: IPA server installation script does not expect a situation when a server has 2 IP addresses assigned.
Consequence: IPA server installation fails to proceed in a dual-NIC configuration when the server has 2 IP addresses.
Fix: Install script was fixed to handle this use case properly.
Result: User is able to install IPA server in a dual-NIC configuration.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2012-06-20 13:18:00 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
I'd suggest trying with --no-host-dns. Still no prompt.
[root@jetfire ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
:1 localhost localhost.localdomain localhost6 localhost6.localdomain6
[root@jetfire ~]#
[root@jetfire ~]# ipa-server-install --no-host-dns
The log file for this installation can be found in /var/log/ipaserver-install.log
==============================================================================
This program will set up the IPA Server.
This includes:
* Configure a stand-alone CA (dogtag) for certificate management
* Configure the Network Time Daemon (ntpd)
* Create and configure an instance of Directory Server
* Create and configure a Kerberos Key Distribution Center (KDC)
* Configure Apache (httpd)
To accept the default shown in brackets, press the Enter key.
Enter the fully qualified domain name of the computer
on which you're setting up server software. Using the form
<hostname>.<domainname>
Example: master.example.com.
Server host name [jetfire.testrelm]:
Warning: skipping DNS resolution of host jetfire.testrelm
The domain name has been calculated based on the host name.
Please confirm the domain name [testrelm]:
The IPA Master Server will be configured with
Hostname: jetfire.testrelm
IP address: 10.65.201.113
Domain name: testrelm
The kerberos protocol requires a Realm name to be defined.
This is typically the domain name converted to uppercase.
Please provide a realm name [TESTRELM]:
...
2011-12-01 16:50:31,880 DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
2011-12-01 16:50:31,880 DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index'
2011-12-01 16:50:31,880 DEBUG httpd is not configured
2011-12-01 16:50:31,880 DEBUG ipa_kpasswd is not configured
2011-12-01 16:50:31,880 DEBUG dirsrv is not configured
2011-12-01 16:50:31,881 DEBUG pki-cad is not configured
2011-12-01 16:50:31,881 DEBUG pkids is not configured
2011-12-01 16:50:31,881 DEBUG install is not configured
2011-12-01 16:50:31,881 DEBUG krb5kdc is not configured
2011-12-01 16:50:31,881 DEBUG ntpd is not configured
2011-12-01 16:50:31,881 DEBUG named is not configured
2011-12-01 16:50:31,881 DEBUG filestore is tracking no files
2011-12-01 16:50:31,882 DEBUG Loading Index file from '/var/lib/ipa-client/sysrestore/sysrestore.index'
2011-12-01 16:50:31,882 DEBUG /usr/sbin/ipa-server-install was invoked with options: {'reverse_zone': None, 'realm_name': None, 'zone_refresh': 30, 'conf_ntp': True, 'subject': None, 'no_forwarders': False, 'ui_redirect': True, 'domain_name': None, 'idmax': 0, 'hbac_allow': False, 'no_reverse': False, 'dirsrv_pkcs12': None, 'unattended': False, 'selfsign': False, 'external_ca_file': None, 'no_host_dns': True, 'http_pkcs12': None, 'forwarders': None, 'idstart': 911000000, 'external_ca': False, 'ip_address': None, 'zonemgr': None, 'setup_dns': False, 'host_name': None, 'debug': False, 'external_cert_file': None, 'uninstall': False}
2011-12-01 16:50:31,882 DEBUG missing options might be asked for interactively later
2011-12-01 16:50:31,882 DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index'
2011-12-01 16:50:31,882 DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
2011-12-01 16:50:34,424 DEBUG will use host_name: jetfire.testrelm
2011-12-01 16:50:35,255 DEBUG read domain_name: testrelm
2011-12-01 16:50:35,259 DEBUG args=/sbin/ip -family inet -oneline address show
2011-12-01 16:50:35,259 DEBUG stdout=1: lo inet 127.0.0.1/8 scope host lo
2: eth0 inet 10.65.201.71/24 brd 10.65.201.255 scope global eth0
3: eth1 inet 10.65.201.113/24 brd 10.65.201.255 scope global eth1
2011-12-01 16:50:35,259 DEBUG stderr=
Additional info:
However, I was prompted to enter IP address on a single interface system.
[root@ratchet ~]# ipa-server-install --no-host-dns
The log file for this installation can be found in /var/log/ipaserver-install.log
==============================================================================
This program will set up the IPA Server.
This includes:
* Configure a stand-alone CA (dogtag) for certificate management
* Configure the Network Time Daemon (ntpd)
* Create and configure an instance of Directory Server
* Create and configure a Kerberos Key Distribution Center (KDC)
* Configure Apache (httpd)
To accept the default shown in brackets, press the Enter key.
Enter the fully qualified domain name of the computer
on which you're setting up server software. Using the form
<hostname>.<domainname>
Example: master.example.com.
Server host name [ratchet.testrelm]:
Warning: skipping DNS resolution of host ratchet.testrelm
The domain name has been calculated based on the host name.
Please confirm the domain name [testrelm]:
Unable to resolve IP address for host name
Please provide the IP address to be used for this host name:
Upstream ticket: https://fedorahosted.org/freeipa/ticket/2154 Fixed upstream. master: 6141919fba30487e3c4eb19b0c87a10384fd9d20 ipa-2-2: 5a77f2d1ff545cb92e57d26e569e01246e75dece
Technical note added. If any revisions are required, please edit the "Technical Notes" field
accordingly. All revisions will be proofread by the Engineering Content Services team.
New Contents:
Cause: IPA server installation script does not expect a situation when a server has 2 IP addresses assigned.
Consequence: IPA server installation fails to proceed in a dual-NIC configuration when the server has 2 IP addresses.
Fix: Install script was fixed to handle this use case properly.
Result: User is able to install IPA server in a dual-NIC configuration.
# Both IPv4s of host is resolvable through DNS [root@ratchet ~]# host ratchet.lab.eng.pnq.redhat.com ; host 10.65.201.209 ; host 10.65.201.69 ratchet.lab.eng.pnq.redhat.com has address 10.65.201.69 ratchet.lab.eng.pnq.redhat.com has address 10.65.201.209 209.201.65.10.in-addr.arpa domain name pointer ratchet.lab.eng.pnq.redhat.com. 69.201.65.10.in-addr.arpa domain name pointer ratchet.lab.eng.pnq.redhat.com. [root@ratchet ~]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 [root@ratchet ~]# ipa-server-install The log file for this installation can be found in /var/log/ipaserver-install.log ============================================================================== This program will set up the IPA Server. This includes: * Configure a stand-alone CA (dogtag) for certificate management * Configure the Network Time Daemon (ntpd) * Create and configure an instance of Directory Server * Create and configure a Kerberos Key Distribution Center (KDC) * Configure Apache (httpd) To accept the default shown in brackets, press the Enter key. Enter the fully qualified domain name of the computer on which you're setting up server software. Using the form . Example: master.example.com. Server host name [ratchet.lab.eng.pnq.redhat.com]: The domain name has been calculated based on the host name. Please confirm the domain name [lab.eng.pnq.redhat.com]: The server hostname resolves to more than one address: 10.65.201.209 10.65.201.69 Please provide the IP address to be used for this host name: 10.65.201.69 The kerberos protocol requires a Realm name to be defined. This is typically the domain name converted to uppercase. Please provide a realm name [LAB.ENG.PNQ.REDHAT.COM]: Certain directory server operations require an administrative user. This user is referred to as the Directory Manager and has full access to the Directory for system management tasks and will be added to the instance of directory server created for IPA. The password must be at least 8 characters long. Directory Manager password: Password (confirm): The IPA server requires an administrative user, named 'admin'. This user is a regular system account used for IPA server administration. IPA admin password: Password (confirm): The IPA Master Server will be configured with: Hostname: ratchet.lab.eng.pnq.redhat.com IP address: 10.65.201.69 Domain name: lab.eng.pnq.redhat.com Realm name: LAB.ENG.PNQ.REDHAT.COM Continue to configure the system with these values? [no]: yes # Both IPv6s of host is resolvable through DNS [root@wheeljack ~]# ping 2620:52:0:41c9:5054:ff:fec5:3047 ping: unknown host 2620:52:0:41c9:5054:ff:fec5:3047 [root@wheeljack ~]# ping6 2620:52:0:41c9:5054:ff:fec5:3047 PING 2620:52:0:41c9:5054:ff:fec5:3047(2620:52:0:41c9:5054:ff:fec5:3047) 56 data bytes 64 bytes from 2620:52:0:41c9:5054:ff:fec5:3047: icmp_seq=1 ttl=64 time=2.20 ms ^C --- 2620:52:0:41c9:5054:ff:fec5:3047 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 999ms rtt min/avg/max/mdev = 2.203/2.203/2.203/0.000 ms [root@wheeljack ~]# ping6 2620:52:0:41c9:5054:ff:fea6:ec8 PING 2620:52:0:41c9:5054:ff:fea6:ec8(2620:52:0:41c9:5054:ff:fea6:ec8) 56 data bytes 64 bytes from 2620:52:0:41c9:5054:ff:fea6:ec8: icmp_seq=1 ttl=64 time=1.95 ms ^C --- 2620:52:0:41c9:5054:ff:fea6:ec8 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 973ms rtt min/avg/max/mdev = 1.951/1.951/1.951/0.000 ms [root@wheeljack ~]# ping6 ratchet.lab.eng.pnq.redhat.com PING ratchet.lab.eng.pnq.redhat.com(ratchet.lab.eng.pnq.redhat.com) 56 data bytes 64 bytes from ratchet.lab.eng.pnq.redhat.com: icmp_seq=1 ttl=64 time=2.38 ms 64 bytes from ratchet.lab.eng.pnq.redhat.com: icmp_seq=2 ttl=64 time=0.402 ms 64 bytes from ratchet.lab.eng.pnq.redhat.com: icmp_seq=3 ttl=64 time=0.339 ms 64 bytes from ratchet.lab.eng.pnq.redhat.com: icmp_seq=4 ttl=64 time=0.327 ms 64 bytes from ratchet.lab.eng.pnq.redhat.com: icmp_seq=5 ttl=64 time=0.331 ms ^C --- ratchet.lab.eng.pnq.redhat.com ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 4639ms rtt min/avg/max/mdev = 0.327/0.756/2.381/0.812 ms [root@ratchet ~]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 [root@ratchet ~]# cat /etc/resolv.conf search lab.eng.pnq.redhat.com pnq.redhat.com redhat.com nameserver 10.65.201.245 [root@ratchet ~]# host ratchet.lab.eng.pnq.redhat.com ; host 2620:52:0:41c9:5054:ff:fea6:ec8 ; host 2620:52:0:41c9:5054:ff:fec5:3047 ratchet.lab.eng.pnq.redhat.com has IPv6 address 2620:52:0:41c9:5054:ff:fec5:3047 ratchet.lab.eng.pnq.redhat.com has IPv6 address 2620:52:0:41c9:5054:ff:fea6:ec8 8.c.e.0.6.a.e.f.f.f.0.0.4.5.0.5.9.c.1.4.0.0.0.0.2.5.0.0.0.2.6.2.ip6.arpa domain name pointer ratchet.lab.eng.pnq.redhat.com. 7.4.0.3.5.c.e.f.f.f.0.0.4.5.0.5.9.c.1.4.0.0.0.0.2.5.0.0.0.2.6.2.ip6.arpa domain name pointer ratchet.lab.eng.pnq.redhat.com. [root@ratchet ~]# ipa-server-install The log file for this installation can be found in /var/log/ipaserver-install.log ============================================================================== This program will set up the IPA Server. This includes: * Configure a stand-alone CA (dogtag) for certificate management * Configure the Network Time Daemon (ntpd) * Create and configure an instance of Directory Server * Create and configure a Kerberos Key Distribution Center (KDC) * Configure Apache (httpd) To accept the default shown in brackets, press the Enter key. Enter the fully qualified domain name of the computer on which you're setting up server software. Using the form . Example: master.example.com. Server host name [ratchet.lab.eng.pnq.redhat.com]: The domain name has been calculated based on the host name. Please confirm the domain name [lab.eng.pnq.redhat.com]: The server hostname resolves to more than one address: 2620:52:0:41c9:5054:ff:fea6:ec8 2620:52:0:41c9:5054:ff:fec5:3047 Please provide the IP address to be used for this host name: 2620:52:0:41c9:5054:ff:fea6:ec8 The kerberos protocol requires a Realm name to be defined. This is typically the domain name converted to uppercase. Please provide a realm name [LAB.ENG.PNQ.REDHAT.COM]: Certain directory server operations require an administrative user. This user is referred to as the Directory Manager and has full access to the Directory for system management tasks and will be added to the instance of directory server created for IPA. The password must be at least 8 characters long. Directory Manager password: Password (confirm): The IPA server requires an administrative user, named 'admin'. This user is a regular system account used for IPA server administration. IPA admin password: Password (confirm): The IPA Master Server will be configured with: Hostname: ratchet.lab.eng.pnq.redhat.com IP address: 2620:52:0:41c9:5054:ff:fea6:ec8 Domain name: lab.eng.pnq.redhat.com Realm name: LAB.ENG.PNQ.REDHAT.COM Continue to configure the system with these values? [no]: yes # All 4 IPs (2 v4 and 2 v6) are resolvable and reachable [root@wheeljack ~]# ping6 ratchet.lab.eng.pnq.redhat.com PING ratchet.lab.eng.pnq.redhat.com(ratchet.lab.eng.pnq.redhat.com) 56 data bytes 64 bytes from ratchet.lab.eng.pnq.redhat.com: icmp_seq=1 ttl=64 time=1.53 ms 64 bytes from ratchet.lab.eng.pnq.redhat.com: icmp_seq=2 ttl=64 time=0.311 ms 64 bytes from ratchet.lab.eng.pnq.redhat.com: icmp_seq=3 ttl=64 time=0.363 ms ^C --- ratchet.lab.eng.pnq.redhat.com ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2015ms rtt min/avg/max/mdev = 0.311/0.734/1.530/0.563 ms [root@wheeljack ~]# ping ratchet.lab.eng.pnq.redhat.com PING ratchet.lab.eng.pnq.redhat.com (10.65.201.209) 56(84) bytes of data. 64 bytes from ratchet.lab.eng.pnq.redhat.com (10.65.201.209): icmp_seq=1 ttl=64 time=2.06 ms 64 bytes from ratchet.lab.eng.pnq.redhat.com (10.65.201.209): icmp_seq=2 ttl=64 time=0.339 ms ^C --- ratchet.lab.eng.pnq.redhat.com ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1402ms rtt min/avg/max/mdev = 0.339/1.200/2.062/0.862 ms [root@wheeljack ~]# ping ratchet.lab.eng.pnq.redhat.com PING ratchet.lab.eng.pnq.redhat.com (10.65.201.69) 56(84) bytes of data. 64 bytes from ratchet.lab.eng.pnq.redhat.com (10.65.201.69): icmp_seq=1 ttl=64 time=0.334 ms ^C --- ratchet.lab.eng.pnq.redhat.com ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 859ms rtt min/avg/max/mdev = 0.334/0.334/0.334/0.000 ms [root@wheeljack ~]# ping 10.65.201.69 PING 10.65.201.69 (10.65.201.69) 56(84) bytes of data. 64 bytes from 10.65.201.69: icmp_seq=1 ttl=64 time=0.429 ms ^C --- 10.65.201.69 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 878ms rtt min/avg/max/mdev = 0.429/0.429/0.429/0.000 ms [root@wheeljack ~]# ping 10.65.201.209 PING 10.65.201.209 (10.65.201.209) 56(84) bytes of data. 64 bytes from 10.65.201.209: icmp_seq=1 ttl=64 time=0.205 ms ^C --- 10.65.201.209 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 910ms rtt min/avg/max/mdev = 0.205/0.205/0.205/0.000 ms [root@wheeljack ~]# ping6 2620:52:0:41c9:5054:ff:fea6:ec8 PING 2620:52:0:41c9:5054:ff:fea6:ec8(2620:52:0:41c9:5054:ff:fea6:ec8) 56 data bytes 64 bytes from 2620:52:0:41c9:5054:ff:fea6:ec8: icmp_seq=1 ttl=64 time=0.356 ms ^C --- 2620:52:0:41c9:5054:ff:fea6:ec8 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 560ms rtt min/avg/max/mdev = 0.356/0.356/0.356/0.000 ms [root@wheeljack ~]# ping6 2620:52:0:41c9:5054:ff:fec5:3047 PING 2620:52:0:41c9:5054:ff:fec5:3047(2620:52:0:41c9:5054:ff:fec5:3047) 56 data bytes 64 bytes from 2620:52:0:41c9:5054:ff:fec5:3047: icmp_seq=1 ttl=64 time=1.33 ms ^C --- 2620:52:0:41c9:5054:ff:fec5:3047 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 782ms rtt min/avg/max/mdev = 1.338/1.338/1.338/0.000 ms [root@ratchet ~]# host ratchet.lab.eng.pnq.redhat.com ; host 2620:52:0:41c9:5054:ff:fea6:ec8 ; host 2620:52:0:41c9:5054:ff:fec5:3047; host 10.65.201.209 ; host 10.65.201.69 ratchet.lab.eng.pnq.redhat.com has address 10.65.201.209 ratchet.lab.eng.pnq.redhat.com has address 10.65.201.69 ratchet.lab.eng.pnq.redhat.com has IPv6 address 2620:52:0:41c9:5054:ff:fec5:3047 ratchet.lab.eng.pnq.redhat.com has IPv6 address 2620:52:0:41c9:5054:ff:fea6:ec8 8.c.e.0.6.a.e.f.f.f.0.0.4.5.0.5.9.c.1.4.0.0.0.0.2.5.0.0.0.2.6.2.ip6.arpa domain name pointer ratchet.lab.eng.pnq.redhat.com. 7.4.0.3.5.c.e.f.f.f.0.0.4.5.0.5.9.c.1.4.0.0.0.0.2.5.0.0.0.2.6.2.ip6.arpa domain name pointer ratchet.lab.eng.pnq.redhat.com. 209.201.65.10.in-addr.arpa domain name pointer ratchet.lab.eng.pnq.redhat.com. 69.201.65.10.in-addr.arpa domain name pointer ratchet.lab.eng.pnq.redhat.com. [root@ratchet ~]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 [root@ratchet ~]# cat /etc/resolv.conf search lab.eng.pnq.redhat.com pnq.redhat.com redhat.com nameserver 10.65.201.245 [root@ratchet ~]# ipa-server-install The log file for this installation can be found in /var/log/ipaserver-install.log ============================================================================== This program will set up the IPA Server. This includes: * Configure a stand-alone CA (dogtag) for certificate management * Configure the Network Time Daemon (ntpd) * Create and configure an instance of Directory Server * Create and configure a Kerberos Key Distribution Center (KDC) * Configure Apache (httpd) To accept the default shown in brackets, press the Enter key. Enter the fully qualified domain name of the computer on which you're setting up server software. Using the form . Example: master.example.com. Server host name [ratchet.lab.eng.pnq.redhat.com]: The domain name has been calculated based on the host name. Please confirm the domain name [lab.eng.pnq.redhat.com]: The server hostname resolves to more than one address: 2620:52:0:41c9:5054:ff:fea6:ec8 2620:52:0:41c9:5054:ff:fec5:3047 10.65.201.209 10.65.201.69 Please provide the IP address to be used for this host name: 2620:52:0:41c9:5054:ff:fec5:3047 The kerberos protocol requires a Realm name to be defined. This is typically the domain name converted to uppercase. Please provide a realm name [LAB.ENG.PNQ.REDHAT.COM]: Certain directory server operations require an administrative user. This user is referred to as the Directory Manager and has full access to the Directory for system management tasks and will be added to the instance of directory server created for IPA. The password must be at least 8 characters long. Directory Manager password: Password (confirm): The IPA server requires an administrative user, named 'admin'. This user is a regular system account used for IPA server administration. IPA admin password: Password (confirm): The IPA Master Server will be configured with: Hostname: ratchet.lab.eng.pnq.redhat.com IP address: 2620:52:0:41c9:5054:ff:fec5:3047 Domain name: lab.eng.pnq.redhat.com Realm name: LAB.ENG.PNQ.REDHAT.COM Continue to configure the system with these values? [no]: yes Verified in version ipa-server-2.2.0-14.el6.x86_64 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2012-0819.html |
Description of problem: Version-Release number of selected component (if applicable): ipa-server-2.1.3-9.el6.x86_64 How reproducible: Always Steps to Reproduce: 1. Configure DNS to have multiple A records for a single hostname. [root@jetfire ~]# dig jetfire.testrelm ... ;; QUESTION SECTION: ;jetfire.testrelm. IN A ;; ANSWER SECTION: jetfire.testrelm. 86400 IN A 10.65.201.113 jetfire.testrelm. 86400 IN A 10.65.201.71 ;; AUTHORITY SECTION: testrelm. 86400 IN NS bumblebee.lab.eng.pnq.redhat.com. ;; ADDITIONAL SECTION: bumblebee.lab.eng.pnq.redhat.com. 86400 IN A 10.65.201.64 ... [root@jetfire ~]# 2. Install ipa-server on a machine with multiple nic's which resolves to the same hostname as in step 1. [root@jetfire ~]# ipa-server-install The log file for this installation can be found in /var/log/ipaserver-install.log ... Server host name [jetfire.testrelm]: Unexpected error - see ipaserver-install.log for details: The network address 10.65.201.113 does not match the DNS lookup 10.65.201.71. Check /etc/hosts and ensure that 10.65.201.113 is the IP address for jetfire.testrelm [root@jetfire ~]# 3. Update /etc/hosts as: [root@jetfire ~]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 :1 localhost localhost.localdomain localhost6 localhost6.localdomain6 10.65.201.71 jetfire.testrelm jetfire [root@jetfire ~]# 4. And re-run the installer [root@jetfire ~]# ipa-server-install --ip-address=10.65.201.71 --hostname=jetfire.testrelm The log file for this installation can be found in /var/log/ipaserver-install.log ... Server host name [jetfire.testrelm]: The domain name has been calculated based on the host name. Please confirm the domain name [testrelm]: Error: the hostname resolves to an IP address that is different from the one provided on the command line. Please fix your DNS or /etc/hosts file and restart the installation. [root@jetfire ~]# Actual results: Unable to install ipa-server on a specified interface (eth0 in this case). Expected results: Should provide a way to select the interface to install ipa-server on. Additional info: 2011-12-01 13:28:25,849 DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' 2011-12-01 13:28:25,849 DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index' 2011-12-01 13:28:25,849 DEBUG httpd is not configured 2011-12-01 13:28:25,850 DEBUG ipa_kpasswd is not configured 2011-12-01 13:28:25,850 DEBUG dirsrv is not configured 2011-12-01 13:28:25,850 DEBUG pki-cad is not configured 2011-12-01 13:28:25,850 DEBUG pkids is not configured 2011-12-01 13:28:25,850 DEBUG install is not configured 2011-12-01 13:28:25,850 DEBUG krb5kdc is not configured 2011-12-01 13:28:25,850 DEBUG ntpd is not configured 2011-12-01 13:28:25,851 DEBUG named is not configured 2011-12-01 13:28:25,851 DEBUG filestore is tracking no files 2011-12-01 13:28:25,851 DEBUG Loading Index file from '/var/lib/ipa-client/sysrestore/sysrestore.index' 2011-12-01 13:28:25,851 DEBUG /usr/sbin/ipa-server-install was invoked with options: {'reverse_zone': None, 'realm_name': None, 'zone_refresh': 30, 'conf_ntp': True, 'subject': None, 'no_forwarders': False, 'ui_redirect': True, 'domain_name': None, 'idmax': 0, 'hbac_allow': False, 'no_reverse': False, 'dirsrv_pkcs12': None, 'unattended': False, 'selfsign': False, 'external_ca_file': None, 'no_host_dns': False, 'http_pkcs12': None, 'forwarders': None, 'idstart': 102000000, 'external_ca': False, 'ip_address': None, 'zonemgr': None, 'setup_dns': False, 'host_name': None, 'debug': False, 'external_cert_file': None, 'uninstall': False} 2011-12-01 13:28:25,851 DEBUG missing options might be asked for interactively later 2011-12-01 13:28:25,851 DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index' 2011-12-01 13:28:25,852 DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' 2011-12-01 13:28:26,877 DEBUG The network address 10.65.201.113 does not match the DNS lookup 10.65.201.71. Check /etc/hosts and ensure that 10.65.201.113 is the IP address for jetfire.testrelm File "/usr/sbin/ipa-server-install", line 1151, in <module> sys.exit(main()) File "/usr/sbin/ipa-server-install", line 743, in main host_name = read_host_name(host_default,options.no_host_dns) File "/usr/sbin/ipa-server-install", line 381, in read_host_name verify_fqdn(host_name,no_host_dns) File "/usr/lib/python2.6/site-packages/ipaserver/install/installutils.py", line 196, in verify_fqdn verify_dns_records(host_name, rs, resaddr, 'ipv4') File "/usr/lib/python2.6/site-packages/ipaserver/install/installutils.py", line 113, in verify_dns_records raise RuntimeError("The network address %s does not match the DNS lookup %s. Check /etc/hosts and ensure that %s is the IP address for %s" % (dns_addr.format(), resaddr, dns_addr.format(), host_name))