Bug 952756
| Summary: | [RFE] Installer wizard should prompt for DNS | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Dmitri Pal <dpal> |
| Component: | ipa | Assignee: | Rob Crittenden <rcritten> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | IDM QE LIST <seceng-idm-qe-list> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | medium | ||
| Version: | 7.0 | CC: | ksiddiqu, mkosek, mpolovka, nsoman, pspacek |
| Target Milestone: | rc | Keywords: | FutureFeature |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | ipa-3.2.1-1.el7 | Doc Type: | Enhancement |
| Doc Text: |
Feature:
A user is asked if he wants to install DNS during interative install.
Reason:
Previously, DNS feature was installed when --setup-dns option was passed to the installer. As a result, some users were not aware of DNS feature.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2014-06-13 12:41:18 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Dmitri Pal
2013-04-16 15:46:10 UTC
Fixed upstream: master: 3ea8dabeb9e21b255bb75287743a2bbb350f61bd Verified using ipa-server-3.3.3-5 Automated test results: :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: BZ952756_tc1 - [RFE] Installer wizard should prompt for DNS :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ 16:13:04 ] :: Uninstall for next test Shutting down all IPA services Removing IPA client configuration Unconfiguring ntpd Unconfiguring CA Unconfiguring named Unconfiguring web server MARK-LWD-LOOP -- 2013-12-03 16:14:45 -- Unconfiguring krb5kdc Unconfiguring kadmin Unconfiguring directory server Unconfiguring ipa_memcached Unconfiguring ipa-otpd :: [ PASS ] :: Uninstalling ipa server for next test (Expected 0, got 0) ls: cannot access /etc/sssd/sssd.conf: No such file or directory :: [ PASS ] :: Making sure that /etc/sssd/sssd.conf does not exist. BZ 819982 (Expected 2, got 2) Loaded plugins: product-id, subscription-manager This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register. Resolving Dependencies --> Running transaction check ---> Package bind.x86_64 32:9.9.4-4.el7 will be erased ---> Package bind-dyndb-ldap.x86_64 0:3.5-2.el7 will be erased --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Removing: bind x86_64 32:9.9.4-4.el7 @beaker-Server 4.3 M bind-dyndb-ldap x86_64 3.5-2.el7 @beaker-Server 225 k Transaction Summary ================================================================================ Remove 2 Packages Installed size: 4.5 M Downloading packages: Running transaction check Running transaction test Transaction test succeeded Running transaction Erasing : bind-dyndb-ldap-3.5-2.el7.x86_64 1/2 Erasing : 32:bind-9.9.4-4.el7.x86_64 2/2 Verifying : bind-dyndb-ldap-3.5-2.el7.x86_64 1/2 Verifying : 32:bind-9.9.4-4.el7.x86_64 2/2 Removed: bind.x86_64 32:9.9.4-4.el7 bind-dyndb-ldap.x86_64 0:3.5-2.el7 Complete! :: [ PASS ] :: Removing bind and bind-dyndb-ldap packages (Expected 0, got 0) :: [ PASS ] :: Running '/usr/bin/expect /tmp/remote_exec.exp >> /tmp/remote_exec.out 2>&1' (Expected 0, got 0) set timeout 30 set send_slow {1 .1} spawn ipa-server-install --hostname=qeblade6.testrelm.com --mkhomedir -r TESTRELM.COM -n testrelm.com -p Secret123 -P Secret123 -a Secret123 match_max 100000 sleep 2 expect "Do you want to configure integrated DNS*" send "yes" send "\r" expect eof :: [ PASS ] :: Running 'cat /tmp/remote_exec.exp' (Expected 0, got 0) spawn ipa-server-install --hostname=qeblade6.testrelm.com --mkhomedir -r TESTRELM.COM -n testrelm.com -p Secret123 -P Secret123 -a Secret123 The log file for this installation can be found in /var/log/ipaserver-install.log ============================================================================== This program will set up the IPA Server. This includes: * Configure a stand-alone CA (dogtag) for certificate management * Configure the Network Time Daemon (ntpd) * Create and configure an instance of Directory Server * Create and configure a Kerberos Key Distribution Center (KDC) * Configure Apache (httpd) To accept the default shown in brackets, press the Enter key. WARNING: conflicting time&date synchronization service 'chronyd' will be disabled in favor of ntpd Do you want to configure integrated DNS (BIND)? [no]: yes BIND was not found on this system Please install the 'bind' package and start the installation again The BIND LDAP plug-in was not found on this system Please install the 'bind-dyndb-ldap' package and start the installation again Aborting installation :: [ PASS ] :: Running 'cat /tmp/remote_exec.out' (Expected 0, got 0) :: [ PASS ] :: File '/tmp/remote_exec.out' should contain 'BIND was not found on this system :: [ PASS ] :: Please install the 'bind' package and start the installation again :: [ PASS ] :: The BIND LDAP plug-in was not found on this system :: [ PASS ] :: Please install the 'bind-dyndb-ldap' package and start the installation again :: [ PASS ] :: Aborting installation' Loaded plugins: product-id, subscription-manager This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register. Resolving Dependencies --> Running transaction check ---> Package bind.x86_64 32:9.9.4-4.el7 will be installed ---> Package bind-dyndb-ldap.x86_64 0:3.5-2.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: bind x86_64 32:9.9.4-4.el7 beaker-Server 1.8 M bind-dyndb-ldap x86_64 3.5-2.el7 beaker-Server 91 k Transaction Summary ================================================================================ Install 2 Packages Total download size: 1.8 M Installed size: 4.5 M Downloading packages: -------------------------------------------------------------------------------- Total 5.7 MB/s | 1.8 MB 00:00 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : 32:bind-9.9.4-4.el7.x86_64 1/2 Installing : bind-dyndb-ldap-3.5-2.el7.x86_64 2/2 Verifying : bind-dyndb-ldap-3.5-2.el7.x86_64 1/2 Verifying : 32:bind-9.9.4-4.el7.x86_64 2/2 Installed: bind.x86_64 32:9.9.4-4.el7 bind-dyndb-ldap.x86_64 0:3.5-2.el7 Complete! :: [ PASS ] :: Installing bind and bind-dyndb-ldap packages (Expected 0, got 0) '02ed48c5-ac07-499f-9ae6-3717be39f6e1' BZ952756-tc1-RFE-Installer-wizard-should-prompt-for-DNS result: PASS metric: 0 Log: /var/tmp/beakerlib-17694502/journal.txt DMesg: /mnt/testarea/dmesg.log Info: Searching AVC errors produced since 1386105183.94 (Tue Dec 3 16:13:03 2013) Searching logs... Fail: AVC messages found. Checking for errors... Using stronger AVC checks. Define empty RHTS_OPTION_STRONGER_AVC parameter if this causes any problems. Info: No AVC messages found. Info: No AVC messages found. Writing to /mnt/testarea/tmp.UpIGfn : AvcLog: /mnt/testarea/tmp.UpIGfn :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: BZ952756_tc2 - [RFE] Installer wizard should prompt for DNS :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: MARK-LWD-LOOP -- 2013-12-03 16:19:46 -- :: [ PASS ] :: Running '/usr/bin/expect /tmp/remote_exec.exp >> /tmp/remote_exec.out 2>&1' (Expected 0, got 0) set timeout 360 set send_slow {1 .1} spawn ipa-server-install --hostname=qeblade6.testrelm.com --mkhomedir -r TESTRELM.COM -n testrelm.com -p Secret123 -P Secret123 -a Secret123 match_max 100000 sleep 2 expect "Do you want to configure integrated DNS*" send "yes" send "\r" expect "Existing BIND configuration detected*" send "yes" send "\r" expect "Do you want to configure DNS forwarders*" send "yes" send "\r" expect "Enter IP address for a DNS forwarder:" send "10.10.160.1" send "\r" expect "Enter IP address for a DNS forwarder:" send "\r" expect "Do you want to configure the reverse zone*" send "no" send "\r" expect "Continue to configure the system with these values*" send "yes" send "\r" expect eof :: [ PASS ] :: Running 'cat /tmp/remote_exec.exp' (Expected 0, got 0) spawn ipa-server-install --hostname=qeblade6.testrelm.com --mkhomedir -r TESTRELM.COM -n testrelm.com -p Secret123 -P Secret123 -a Secret123 The log file for this installation can be found in /var/log/ipaserver-install.log ============================================================================== This program will set up the IPA Server. This includes: * Configure a stand-alone CA (dogtag) for certificate management * Configure the Network Time Daemon (ntpd) * Create and configure an instance of Directory Server * Create and configure a Kerberos Key Distribution Center (KDC) * Configure Apache (httpd) To accept the default shown in brackets, press the Enter key. WARNING: conflicting time&date synchronization service 'chronyd' will be disabled in favor of ntpd Do you want to configure integrated DNS (BIND)? [no]: yes Existing BIND configuration detected, overwrite? [no]: yes Warning: skipping DNS resolution of host qeblade6.testrelm.com Do you want to configure DNS forwarders? [yes]: yes Enter the IP address of DNS forwarder to use, or press Enter to finish. Enter IP address for a DNS forwarder: 10.10.160.1 DNS forwarder 10.10.160.1 added Enter IP address for a DNS forwarder: Do you want to configure the reverse zone? [yes]: no The IPA Master Server will be configured with: Hostname: qeblade6.testrelm.com IP address: 10.16.4.29 Domain name: testrelm.com Realm name: TESTRELM.COM BIND DNS server will be configured to serve IPA domain with: Forwarders: 10.10.160.1 Reverse zone: No reverse zone Continue to configure the system with these values? [no]: yes The following operations may take some minutes to complete. Please wait until the prompt is returned. Configuring NTP daemon (ntpd) [1/4]: stopping ntpd <..snip..> Be sure to back up the CA certificate stored in /root/cacert.p12 This file is required to create replicas. The password for this file is the Directory Manager password :: [ PASS ] :: Running 'cat /tmp/remote_exec.out' (Expected 0, got 0) :: [ 16:21:05 ] :: Verify kinit :: [ 16:21:06 ] :: execute expect file: /tmp/kinit.16137.exp set timeout 30 set force_conservative 0 set send_slow {1 .001} spawn /usr/bin/kinit -V admin expect Password for * send -s -- Secret123\r expect eof spawn /usr/bin/kinit -V admin SecretUsing existing cache: persistent:0:krb_ccache_N2bBK6M Using principal: admin 123 Password for admin: Authenticated to Kerberos v5 Default principal: admin :: [ 16:21:06 ] :: Success: kinit as [admin] with password [Secret123] was successful. :: [ PASS ] :: Get administrator credentials after installing (Expected 0, got 0) :: [ 16:21:06 ] :: Verify ipactl status ipa: INFO: The ipactl command was successful ./lib.ipaserververify.sh: line 278: [: too many arguments :: [ PASS ] :: ipactl status not as expected for DS, KDC, KPASSWD, DNS, HTTP :: [ 16:21:09 ] :: ipactl status: Directory Service: RUNNING krb5kdc Service: RUNNING kadmin Service: RUNNING named Service: RUNNING ipa_memcached Service: RUNNING httpd Service: RUNNING pki-tomcatd Service: RUNNING ipa-otpd Service: RUNNING :: [ PASS ] :: ipctl status as expected for CA :: [ 16:21:09 ] :: Verify sssd.conf :: [ PASS ] :: [cache_credentials ] matches :[True] :: [ PASS ] :: [krb5_realm ] matches :[] :: [ PASS ] :: [ipa_domain ] matches :[testrelm.com] :: [ PASS ] :: [id_provider ] matches :[ipa] :: [ PASS ] :: [auth_provider ] matches :[ipa] :: [ PASS ] :: [access_provider ] matches :[ipa] :: [ PASS ] :: [chpass_provider ] matches :[ipa] :: [ PASS ] :: [ipa_server ] matches :[qeblade6.testrelm.com] :: [ PASS ] :: File '/etc/sssd/sssd.conf' should not contain 'ldap_sasl_authid' :: [ PASS ] :: File '/var/log/messages' should not contain 'sssd_be\[.*\]: segfault' :: [ PASS ] :: BZ 878420 not found :: [ PASS ] :: BZ 878288 not found Note: Forwarding request to 'systemctl is-enabled sssd.service'. enabled :: [ PASS ] :: BZ 888124 not found :: [ 16:21:12 ] :: Verify default.conf :: [ PASS ] :: /etc/ipa/default.conf created :: [ 16:21:12 ] :: Verify ntp config :: [ PASS ] :: [ntpserver: ] matches :[server 127.127.1.0] :: [ PASS ] :: [ntpfudgeserver: ] matches :[fudge 127.127.1.0 stratum 10] :: [ 16:21:13 ] :: Verify zonemgr addr :: [ PASS ] :: [Administrator e-mail address: ] matches :[hostmaster.testrelm.com.] :: [ 16:21:14 ] :: Verify forwarder :: [ PASS ] :: [Forwarder: ] matches :[--- engineering.redhat.com ping statistics ---] :: [ 16:21:15 ] :: Verify Cerificate Subject base for server install :: [ PASS ] :: [Certificate Subject base] matches :[O=TESTRELM.COM] :: [ PASS ] :: ldapsearch accepted password - Secret123 :: [ 16:21:16 ] :: Verify kinit :: [ 16:21:16 ] :: execute expect file: /tmp/kinit.10007.exp set timeout 30 set force_conservative 0 set send_slow {1 .001} spawn /usr/bin/kinit -V admin expect Password for * send -s -- Secret123\r expect eof spawn /usr/bin/kinit -V admin SecreUsing existing cache: persistent:0:krb_ccache_N2bBK6M Using principal: admin t123 Password for admin: Authenticated to Kerberos v5 Default principal: admin :: [ 16:21:17 ] :: Success: kinit as [admin] with password [Secret123] was successful. :: [ PASS ] :: Get administrator credentials after installing (Expected 0, got 0) :: [ PASS ] :: Reverse DNS found : :: [ 16:21:18 ] :: Verify krb5.conf :: [ PASS ] :: [default_realm ] matches :[TESTRELM.COM] :: [ PASS ] :: [forwardable ] matches :[yes] :: [ PASS ] :: [pkinit_anchors ] matches :[FILE:/etc/ipa/ca.crt] :: [ PASS ] :: [renew_lifetime ] matches :[] :: [ PASS ] :: [ticket_lifetime ] matches :[24h] :: [ PASS ] :: [debug ] matches :[] :: [ PASS ] :: [krb4_convert ] matches :[] :: [ 16:21:20 ] :: Verify HBAC rules :: [ 16:21:20 ] :: EXECUTING: ipa hbacrule-find --name=allow_all ------------------- 1 HBAC rule matched ------------------- Rule name: allow_all User category: all Host category: all <sourcehostcategory>: all Service category: all Description: Allow all users to access any host from any host Enabled: TRUE ---------------------------- Number of entries returned 1 ---------------------------- :: [ PASS ] :: hbac rule - allow_all is installed (Expected 0, got 0) :: [ 16:21:21 ] :: Verify ipa-rewrite to verify for redirect :: [ PASS ] :: Redirect line is not commented :: [ 16:21:21 ] :: Test for BZ 833515 :: permissions of replica files should be 0600 drwx------. 2 root root 4096 Dec 3 16:20 sysrestore :: [ PASS ] :: Ensure that /var/lib/ipa/sysrestore appears to be set to a 600 permission set BZ 833515 (Expected 0, got 0) drwx------. 2 root root 29 Dec 3 16:15 sysupgrade :: [ PASS ] :: Ensure that /var/lib/ipa/sysupgrade appears to be set to a 600 permission set BZ 833515 (Expected 0, got 0) :: [ 16:21:22 ] :: Test for BZ 782920 - Make life easier to admins by configuring /etc/openldap/ldap.conf /etc/openldap/ldap.conf :: [ PASS ] :: Make sure that ldap.conf was created (Expected 0, got 0) BASE dc=testrelm,dc=com :: [ PASS ] :: Check to see if the Base DN seems to be in ldap.conf (Expected 0, got 0) URI ldaps://qeblade6.testrelm.com :: [ PASS ] :: Check to see the MASTER dns seems to be in ldap.conf (Expected 0, got 0) :: [ 16:21:23 ] :: Test for BZ 819629 - Enable persistent search in bind-dyndb-ldap during IPA upgrade :: [ PASS ] :: Make sure a psearch is not disabled anywhere in named.conf (Expected 1, got 1) :: [ 16:21:23 ] :: Errors file to check is /var/log/dirsrv/slapd-TESTRELM-COM/errors :: [ PASS ] :: Ensure that offending error message is not coming up in the slapd error log (Expected 1, got 1) :: [ PASS ] :: File '/tmp/tmpout.verify_bz1018804' should contain '8443' :: [ PASS ] :: File '/tmp/tmpout.verify_bz1018804' should contain 'wait on local port' :: [ PASS ] :: BZ 1018804 not found '98df0ad2-c696-4eb8-af5b-0c1c9acd7959' BZ952756-tc2-RFE-Installer-wizard-should-prompt-for-DNS result: PASS metric: 0 Log: /var/tmp/beakerlib-17694502/journal.txt DMesg: /mnt/testarea/dmesg.log Info: Searching AVC errors produced since 1386105319.11 (Tue Dec 3 16:15:19 2013) Searching logs... Fail: AVC messages found. Checking for errors... Using stronger AVC checks. Define empty RHTS_OPTION_STRONGER_AVC parameter if this causes any problems. Info: No AVC messages found. Info: No AVC messages found. Writing to /mnt/testarea/tmp.UpIGfn : AvcLog: /mnt/testarea/tmp.UpIGfn This request was resolved in Red Hat Enterprise Linux 7.0. Contact your manager or support representative in case you have further questions about the request. |