Description of problem: Installation fails with bad error description: [Errno 2] No such file or directory Version-Release number of selected component (if applicable): Installed Packages Name : ipa-server Arch : i686 Version : 1.2.2 Release : 4.fc14 Size : 1.5 M Repo : installed From repo : fedora Summary : The IPA authentication server URL : http://www.freeipa.org/ License : GPLv2 Description : IPA is an integrated solution to provide centrally managed Identity (machine, : user, virtual machines, groups, authentication credentials), Policy : (configuration settings, access control information) and Audit (events, : logs, analysis thereof). If you are installing an IPA server you need : to install this package (in other words, most people should NOT install : this package). Actual results: 2010-11-13 16:40:19,023 DEBUG [5/13]: configuring KDC 2010-11-13 16:40:19,031 DEBUG Backing up system configuration file '/var/kerberos/krb5kdc/kdc.conf' 2010-11-13 16:40:19,362 DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index' 2010-11-13 16:40:19,370 DEBUG Backing up system configuration file '/etc/krb5.conf' 2010-11-13 16:40:19,374 DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index' 2010-11-13 16:40:19,388 DEBUG Backing up system configuration file '/usr/share/ipa/html/krb5.ini' 2010-11-13 16:40:19,390 DEBUG -> Not backing up - '/usr/share/ipa/html/krb5.ini' doesn't exist 2010-11-13 16:40:19,394 DEBUG Backing up system configuration file '/usr/share/ipa/html/krb.con' 2010-11-13 16:40:19,395 DEBUG -> Not backing up - '/usr/share/ipa/html/krb.con' doesn't exist 2010-11-13 16:40:19,397 DEBUG Backing up system configuration file '/usr/share/ipa/html/krbrealm.con' 2010-11-13 16:40:19,403 DEBUG -> Not backing up - '/usr/share/ipa/html/krbrealm.con' doesn't exist 2010-11-13 16:40:19,570 DEBUG [Errno 2] No such file or directory File "/usr/sbin/ipa-server-install", line 609, in <module> sys.exit(main()) File "/usr/sbin/ipa-server-install", line 509, in main krb.create_instance(ds_user, realm_name, host_name, domain_name, dm_password, master_password) File "/usr/lib/python2.7/site-packages/ipaserver/krbinstance.py", line 151, in create_instance self.start_creation("Configuring Kerberos KDC") File "/usr/lib/python2.7/site-packages/ipaserver/service.py", line 139, in start_creation method() File "/usr/lib/python2.7/site-packages/ipaserver/krbinstance.py", line 317, in __create_instance ipautil.run(args) File "/usr/lib/python2.7/site-packages/ipa/ipautil.py", line 90, in run p = subprocess.Popen(args, stdout=subprocess.PIPE, stderr=subprocess.PIPE, close_fds=True) File "/usr/lib/python2.7/subprocess.py", line 672, in __init__ errread, errwrite) File "/usr/lib/python2.7/subprocess.py", line 1201, in _execute_child raise child_exception Expected results: Configuring Kerberos KDC [1/13]: setting KDC account password [2/13]: adding sasl mappings to the directory [3/13]: adding kerberos entries to the DS [4/13]: adding default ACIs [5/13]: configuring KDC [6/13]: adding default keytypes [7/13]: creating a keytab for the directory [8/13]: creating a keytab for the machine [9/13]: exporting the kadmin keytab [10/13]: adding the password extension to the directory [11/13]: adding the kerberos master key to the directory [12/13]: starting the KDC [13/13]: configuring KDC to start on boot done configuring krb5kdc. Additional info: Well, I'm not a python guy, so I took strace in use to figure it out. When looking at the log created by strace it became obvious that it was searching for tools under /usr/kerberos/sbin which simply doesnt exist. The different packages install under /usr/sbin directly. So, the workaround to fix it was simply: # mkdir -p /usr/kerberos/sbin ; cd /usr/sbin ; for FILE in $(ls k*) ; do ln -s /usr/sbin/$FILE /usr/kerberos/sbin ; done --- However, when I passed that small error I stumbled upon another one. It was trying to use /usr/lib/mozldap/ldappasswd when setting the admin password. But, this wasnt installed seeing as: # yum deplist ipa-server | grep -c mozldap-tools 0 The fix, being the obvious: # yum install mozldap-tools Then my ipa-server-install went through perfectly :-)
The following got me through the install with ipa-server-1.2.2-4.fc14.x86_64 In the directory /usr/lib/python2.7/site-packages/ipaserver The following two files and commands need to be corrected to change /usr/kerberos/sbin to /usr/sbin installutils.py: ipautil.run(["/usr/kerberos/sbin/kadmin.local", "-q", command]) krbinstance.py: args = ["/usr/kerberos/sbin/kdb5_ldap_util", "-D", "uid=kdc,cn=sysaccounts,cn=etc,"+self.suffix, "-w", self.kdc_password, "create", "-s", "-P", self.master_password, "-r", self.realm, "-subtrees", self.suffix, "-sscope", "sub"]
This is a partial duplicate, see bug https://bugzilla.redhat.com/show_bug.cgi?id=650725 I'll take a look at the dependencies issue.
Added dependency on mozldap-tools to ipa-server. I'm guessing this is because 389-ds-base is using openldap-client tools now.