This service will be undergoing maintenance at 00:00 UTC, 2016-09-28. It is expected to last about 1 hours
Bug 704235 - Installing ipa-client indicates an error when updating DNS
Installing ipa-client indicates an error when updating DNS
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: ipa-client (Show other bugs)
5.7
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: Rob Crittenden
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2011-05-12 10:00 EDT by Namita Soman
Modified: 2011-07-21 03:05 EDT (History)
2 users (show)

See Also:
Fixed In Version: ipa-client-2.0-14.el5
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2011-07-21 03:05:28 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
ipaclient-install.log (6.14 KB, text/plain)
2011-05-12 10:02 EDT, Namita Soman
no flags Details

  None (edit)
Description Namita Soman 2011-05-12 10:00:08 EDT
Description of problem:
Installing ipa-client on RHEL5.7 seems to have succeeded but threw error at end of install:
Warning: Hostname (ipaqa64vma.testrelm) not found in DNS
Traceback (most recent call last):
  File "/usr/sbin/ipa-client-install", line 986, in ?
    sys.exit(main())
  File "/usr/sbin/ipa-client-install", line 904, in main
    client_dns(cli_server, hostname, options.dns_updates)
  File "/usr/sbin/ipa-client-install", line 659, in client_dns
    update_dns(server, hostname)
  File "/usr/sbin/ipa-client-install", line 626, in update_dns
    env={'KRB5CCNAME':CCACHE_FILE})
  File "/usr/lib/python2.4/site-packages/ipaclient/ipapython/ipautil.py", line 132, in run
    close_fds=True, env=env)
  File "/usr/lib64/python2.4/subprocess.py", line 550, in __init__
    errread, errwrite)
  File "/usr/lib64/python2.4/subprocess.py", line 996, in _execute_child
    raise child_exception
OSError: [Errno 2] No such file or directory

Was able to kinit from the client, then used single sign on - and ssh'd to server. install log didn't have any errors logged. 

Host record and dns record are created on server.

Version-Release number of selected component (if applicable):
ipa-client-2.0-13.el5


How reproducible:


Steps to Reproduce:
1. install ipa-client

  
Actual results:
error at end of install

Expected results:
no errors

Additional info:
[root@ipaqa64vma ~]# ipa-client-install --domain=testrelm --realm=TESTRELM -p admin -w Secret123
Discovery was successful!
Realm: TESTRELM
DNS Domain: testrelm
IPA Server: ipaqa64vmb.testrelm
BaseDN: dc=testrelm


Continue to configure the system with these values? [no]: y

Enrolled in IPA realm TESTRELM
Created /etc/ipa/default.conf
Configured /etc/sssd/sssd.conf
Configured /etc/krb5.conf for IPA realm TESTRELM
Warning: Hostname (ipaqa64vma.testrelm) not found in DNS
Traceback (most recent call last):
  File "/usr/sbin/ipa-client-install", line 986, in ?
    sys.exit(main())
  File "/usr/sbin/ipa-client-install", line 904, in main
    client_dns(cli_server, hostname, options.dns_updates)
  File "/usr/sbin/ipa-client-install", line 659, in client_dns
    update_dns(server, hostname)
  File "/usr/sbin/ipa-client-install", line 626, in update_dns
    env={'KRB5CCNAME':CCACHE_FILE})
  File "/usr/lib/python2.4/site-packages/ipaclient/ipapython/ipautil.py", line 132, in run
    close_fds=True, env=env)
  File "/usr/lib64/python2.4/subprocess.py", line 550, in __init__
    errread, errwrite)
  File "/usr/lib64/python2.4/subprocess.py", line 996, in _execute_child
    raise child_exception
OSError: [Errno 2] No such file or directory
Comment 1 Namita Soman 2011-05-12 10:02:31 EDT
Created attachment 498547 [details]
ipaclient-install.log
Comment 2 Rob Crittenden 2011-05-12 10:09:07 EDT
I wonder if bind-utils isn't installed. Do you have the command /usr/bin/nsupdate?
Comment 3 Namita Soman 2011-05-12 10:55:34 EDT
correction: in comment 1, i mentioned that dns record was created. But it
actually, is not created.


bind-utils-9.3.6-16.P1.el5

# which nsupdate
/usr/bin/nsupdate
Comment 4 Rob Crittenden 2011-05-12 12:02:56 EDT
The problem is a hardcoded invocation of /usr/bin/kinit. On RHEL-5 systems this is in /usr/kerberos/bin. This is a one-line patch to fix, we just need to drop the path from the kinit invocation. ipautil.run() sets PATH to include /usr/kerberos/bin.

The patch is:

diff -up --recursive freeipa-2.0.0.rc3.orig/ipa-client/ipa-install/ipa-client-install freeipa-2.0.0.rc3/ipa-client/ipa-install/ipa-client-install
--- freeipa-2.0.0.rc3.orig/ipa-client/ipa-install/ipa-client-install    2011-03-10 10:04:45.000000000 -0500
+++ freeipa-2.0.0.rc3/ipa-client/ipa-install/ipa-client-install 2011-05-12 12:02:17.000000000 -0400
@@ -619,7 +619,7 @@ def update_dns(server, hostname):
     update_fd.close()
 
     try:
-        ipautil.run(['/usr/bin/kinit', '-k', '-t', '/etc/krb5.keytab', princ],
+        ipautil.run(['kinit', '-k', '-t', '/etc/krb5.keytab', princ],
                     env={'KRB5CCNAME':CCACHE_FILE})
     except CalledProcessError, e:
         print >>sys.stderr, "Failed to obtain host TGT."
Comment 5 Rob Crittenden 2011-05-12 14:43:08 EDT
Final path used /usr/kerboros/bin/kinit rather than straight kinit. Since we are passing an env the PATH is not set in ipautil.run. This is fixed in upstream IPA, so I'm going with a RHEL-5 specific fix, just changing the path to the binary.
Comment 7 Namita Soman 2011-05-12 15:42:06 EDT
verified using ipa-client-2.0-14.el5
Comment 8 errata-xmlrpc 2011-07-21 03:05:28 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-0990.html

Note You need to log in before you can comment on or make changes to this bug.