Description of problem:
Installation fails with bad error description:
[Errno 2] No such file or directory
Version-Release number of selected component (if applicable):
Name : ipa-server
Arch : i686
Version : 1.2.2
Release : 4.fc14
Size : 1.5 M
Repo : installed
From repo : fedora
Summary : The IPA authentication server
URL : http://www.freeipa.org/
License : GPLv2
Description : IPA is an integrated solution to provide centrally managed Identity (machine,
: user, virtual machines, groups, authentication credentials), Policy
: (configuration settings, access control information) and Audit (events,
: logs, analysis thereof). If you are installing an IPA server you need
: to install this package (in other words, most people should NOT install
: this package).
2010-11-13 16:40:19,023 DEBUG [5/13]: configuring KDC
2010-11-13 16:40:19,031 DEBUG Backing up system configuration file '/var/kerberos/krb5kdc/kdc.conf'
2010-11-13 16:40:19,362 DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index'
2010-11-13 16:40:19,370 DEBUG Backing up system configuration file '/etc/krb5.conf'
2010-11-13 16:40:19,374 DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index'
2010-11-13 16:40:19,388 DEBUG Backing up system configuration file '/usr/share/ipa/html/krb5.ini'
2010-11-13 16:40:19,390 DEBUG -> Not backing up - '/usr/share/ipa/html/krb5.ini' doesn't exist
2010-11-13 16:40:19,394 DEBUG Backing up system configuration file '/usr/share/ipa/html/krb.con'
2010-11-13 16:40:19,395 DEBUG -> Not backing up - '/usr/share/ipa/html/krb.con' doesn't exist
2010-11-13 16:40:19,397 DEBUG Backing up system configuration file '/usr/share/ipa/html/krbrealm.con'
2010-11-13 16:40:19,403 DEBUG -> Not backing up - '/usr/share/ipa/html/krbrealm.con' doesn't exist
2010-11-13 16:40:19,570 DEBUG [Errno 2] No such file or directory
File "/usr/sbin/ipa-server-install", line 609, in <module>
File "/usr/sbin/ipa-server-install", line 509, in main
krb.create_instance(ds_user, realm_name, host_name, domain_name, dm_password, master_password)
File "/usr/lib/python2.7/site-packages/ipaserver/krbinstance.py", line 151, in create_instance
self.start_creation("Configuring Kerberos KDC")
File "/usr/lib/python2.7/site-packages/ipaserver/service.py", line 139, in start_creation
File "/usr/lib/python2.7/site-packages/ipaserver/krbinstance.py", line 317, in __create_instance
File "/usr/lib/python2.7/site-packages/ipa/ipautil.py", line 90, in run
p = subprocess.Popen(args, stdout=subprocess.PIPE, stderr=subprocess.PIPE, close_fds=True)
File "/usr/lib/python2.7/subprocess.py", line 672, in __init__
File "/usr/lib/python2.7/subprocess.py", line 1201, in _execute_child
Configuring Kerberos KDC
[1/13]: setting KDC account password
[2/13]: adding sasl mappings to the directory
[3/13]: adding kerberos entries to the DS
[4/13]: adding default ACIs
[5/13]: configuring KDC
[6/13]: adding default keytypes
[7/13]: creating a keytab for the directory
[8/13]: creating a keytab for the machine
[9/13]: exporting the kadmin keytab
[10/13]: adding the password extension to the directory
[11/13]: adding the kerberos master key to the directory
[12/13]: starting the KDC
[13/13]: configuring KDC to start on boot
done configuring krb5kdc.
Well, I'm not a python guy, so I took strace in use to figure it out. When looking at the log created by strace it became obvious that it was searching for tools under /usr/kerberos/sbin which simply doesnt exist.
The different packages install under /usr/sbin directly.
So, the workaround to fix it was simply:
# mkdir -p /usr/kerberos/sbin ; cd /usr/sbin ; for FILE in $(ls k*) ; do ln -s /usr/sbin/$FILE /usr/kerberos/sbin ; done
However, when I passed that small error I stumbled upon another one.
It was trying to use /usr/lib/mozldap/ldappasswd when setting the admin password. But, this wasnt installed seeing as:
# yum deplist ipa-server | grep -c mozldap-tools
The fix, being the obvious:
# yum install mozldap-tools
Then my ipa-server-install went through perfectly :-)
The following got me through the install with ipa-server-1.2.2-4.fc14.x86_64
In the directory
The following two files and commands need to be corrected to change /usr/kerberos/sbin to /usr/sbin
installutils.py: ipautil.run(["/usr/kerberos/sbin/kadmin.local", "-q", command])
krbinstance.py: args = ["/usr/kerberos/sbin/kdb5_ldap_util", "-D", "uid=kdc,cn=sysaccounts,cn=etc,"+self.suffix, "-w", self.kdc_password, "create", "-s", "-P", self.master_password, "-r", self.realm, "-subtrees", self.suffix, "-sscope", "sub"]
This is a partial duplicate, see bug https://bugzilla.redhat.com/show_bug.cgi?id=650725
I'll take a look at the dependencies issue.
Added dependency on mozldap-tools to ipa-server. I'm guessing this is because 389-ds-base is using openldap-client tools now.