Bug 757681 - ipa-replica-install fails when --no-host-dns option is provided.
Summary: ipa-replica-install fails when --no-host-dns option is provided.
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: ipa
Version: 6.2
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Rob Crittenden
QA Contact: IDM QE LIST
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-11-28 11:26 UTC by Gowrishankar Rajaiyan
Modified: 2012-06-20 13:17 UTC (History)
3 users (show)

Fixed In Version: ipa-2.2.0-1.el6
Doc Type: Bug Fix
Doc Text:
Cause: IPA installer did not process host IP address properly --no-host-dns option was passed. Consequence: When hostname was not resolvable and --no-host-dns option was used, ipa-replica-install failed in a middle of the installation and did not amend the host name resolution in the same way as ipa-server-install does. Fix: ipa-server-install and ipa-replica-install now share host IP address processing. They both add a record to /etc/hosts when the server/replica hostname is not resolvable. Result: ipa-replica-install is now more robust and prevents more user errors when replica hostname is not resolvable.
Clone Of:
Environment:
Last Closed: 2012-06-20 13:17:55 UTC
Target Upstream Version:


Attachments (Terms of Use)
test ouput (10.56 KB, text/plain)
2012-05-07 16:00 UTC, Namita Soman
no flags Details


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2012:0819 normal SHIPPED_LIVE ipa bug fix and enhancement update 2012-06-19 20:34:17 UTC

Description Gowrishankar Rajaiyan 2011-11-28 11:26:53 UTC
Description of problem:


Version-Release number of selected component (if applicable):
ipa-server-2.1.3-9.el6.x86_64

How reproducible:
Always

Steps to Reproduce:
1. Setup ipa-server.
2. Prepare a replica file.
3. ipa-replica-install with --no-host-dns option.
  
Actual results: replica install fails with "Unable to resolve IP address for hos name"

Expected results: Should not use hostname lookup during installation and replica install should be successful. 


Additional info:

Looking up master from slave:
[root@ratchet ~]# nslookup jetfire.testrelm
Server:		10.65.201.71
Address:	10.65.201.71#53

Name:	jetfire.testrelm
Address: 10.65.201.71

[root@ratchet ~]# 


Reverse lookup of master from slave:
[root@ratchet ~]# nslookup 10.65.201.71
Server:		10.65.201.71
Address:	10.65.201.71#53

71.201.65.10.in-addr.arpa	name = jetfire.testrelm.

[root@ratchet ~]# 


/etc/hosts of slave:
[root@ratchet ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
10.65.201.71    jetfire.testrelm        jetfire
#10.65.201.69    ratchet.testrelm        ratchet
[root@ratchet ~]# 


[root@ratchet ~]# ipa-replica-install  --skip-conncheck --no-host-dns  replica-info-ratchet.testrelm.gpg 
Directory Manager (existing master) password: 

Warning: skipping DNS resolution of host ratchet.testrelm
Configuring ntpd
  [1/4]: stopping ntpd
  [2/4]: writing configuration
  [3/4]: configuring ntpd to start on boot
  [4/4]: starting ntpd
done configuring ntpd.
Unable to resolve IP address for host name
[root@ratchet ~]# 



2011-11-28 16:31:06,897 DEBUG /usr/sbin/ipa-replica-install was invoked with argument "replica-info-ratchet.testrelm.gpg" and options: {'no_forwarders': False, 'ui_redirect': True, 'reverse_zone': None, 'unattended': False, 'no_host_dns': True, 'no_reverse': False, 'setup_dns': False, 'setup_ca': False, 'forwarders': None, 'debug': False, 'conf_ntp': True, 'skip_conncheck': True}
2011-11-28 16:31:06,897 DEBUG Loading Index file from '/var/lib/ipa-client/sysrestore/sysrestore.index'
2011-11-28 16:31:06,897 DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
2011-11-28 16:31:09,719 DEBUG args=/usr/bin/gpg --batch --homedir /tmp/tmpGMQtBLipa/ipa-RRyuKL/.gnupg --passphrase-fd 0 --yes --no-tty -o /tmp/tmpGMQtBLipa/files.tar -d replica-info-ratchet.testrelm.gpg
2011-11-28 16:31:09,719 DEBUG stdout=
2011-11-28 16:31:09,719 DEBUG stderr=gpg: WARNING: unsafe permissions on homedir `/tmp/tmpGMQtBLipa/ipa-RRyuKL/.gnupg'
gpg: keyring `/tmp/tmpGMQtBLipa/ipa-RRyuKL/.gnupg/secring.gpg' created
gpg: keyring `/tmp/tmpGMQtBLipa/ipa-RRyuKL/.gnupg/pubring.gpg' created
gpg: 3DES encrypted data
gpg: encrypted with 1 passphrase
gpg: WARNING: message was not integrity protected

2011-11-28 16:31:09,728 DEBUG args=tar xf /tmp/tmpGMQtBLipa/files.tar -C /tmp/tmpGMQtBLipa
2011-11-28 16:31:09,729 DEBUG stdout=
2011-11-28 16:31:09,729 DEBUG stderr=
2011-11-28 16:31:09,753 DEBUG importing all plugin modules in '/usr/lib/python2.6/site-packages/ipalib/plugins'...
2011-11-28 16:31:09,754 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/aci.py'
2011-11-28 16:31:09,764 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/automember.py'
2011-11-28 16:31:09,790 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/automount.py'
2011-11-28 16:31:09,797 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/baseldap.py'
2011-11-28 16:31:09,798 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/batch.py'
2011-11-28 16:31:09,799 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/cert.py'
2011-11-28 16:31:09,814 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/config.py'
2011-11-28 16:31:09,819 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/delegation.py'
2011-11-28 16:31:09,822 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/dns.py'
2011-11-28 16:31:09,830 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/group.py'
2011-11-28 16:31:09,834 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/hbacrule.py'
2011-11-28 16:31:09,844 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/hbacsvc.py'
2011-11-28 16:31:09,845 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/hbacsvcgroup.py'
2011-11-28 16:31:09,847 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/hbactest.py'
2011-11-28 16:31:09,850 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/host.py'
2011-11-28 16:31:09,859 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/hostgroup.py'
2011-11-28 16:31:09,860 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/internal.py'
2011-11-28 16:31:09,863 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/kerberos.py'
2011-11-28 16:31:09,863 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/krbtpolicy.py'
2011-11-28 16:31:09,865 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/migration.py'
2011-11-28 16:31:09,869 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/misc.py'
2011-11-28 16:31:09,870 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/netgroup.py'
2011-11-28 16:31:09,874 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/passwd.py'
2011-11-28 16:31:09,884 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/permission.py'
2011-11-28 16:31:09,888 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/ping.py'
2011-11-28 16:31:09,888 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/privilege.py'
2011-11-28 16:31:09,890 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/pwpolicy.py'
2011-11-28 16:31:09,900 DEBUG args=klist -V
2011-11-28 16:31:09,900 DEBUG stdout=Kerberos 5 version 1.9

2011-11-28 16:31:09,900 DEBUG stderr=
2011-11-28 16:31:09,905 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/role.py'
2011-11-28 16:31:09,906 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/selfservice.py'
2011-11-28 16:31:09,908 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/service.py'
2011-11-28 16:31:09,909 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/sudocmd.py'
2011-11-28 16:31:09,910 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/sudocmdgroup.py'
2011-11-28 16:31:09,912 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/sudorule.py'
2011-11-28 16:31:09,921 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/user.py'
2011-11-28 16:31:09,921 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/virtual.py'
2011-11-28 16:31:09,921 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/xmlclient.py'
2011-11-28 16:31:09,921 DEBUG importing all plugin modules in '/usr/lib/python2.6/site-packages/ipaserver/plugins'...
2011-11-28 16:31:09,922 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipaserver/plugins/dogtag.py'
2011-11-28 16:31:09,941 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipaserver/plugins/join.py'
2011-11-28 16:31:09,942 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipaserver/plugins/ldap2.py'
2011-11-28 16:31:09,942 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipaserver/plugins/rabase.py'
2011-11-28 16:31:09,942 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipaserver/plugins/selfsign.py'
2011-11-28 16:31:09,943 DEBUG skipping plugin module ipaserver.plugins.selfsign: selfsign is not selected as RA plugin, it is dogtag
2011-11-28 16:31:09,943 DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipaserver/plugins/xmlserver.py'
2011-11-28 16:31:10,022 DEBUG Mounting ipaserver.rpcserver.jsonserver() at 'json'
2011-11-28 16:31:10,033 DEBUG Mounting ipaserver.rpcserver.xmlserver() at 'xml'
2011-11-28 16:31:10,665 DEBUG ds group dirsrv exists
2011-11-28 16:31:10,665 DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state'
2011-11-28 16:31:10,680 DEBUG Created connection context.ldap2_35333584
2011-11-28 16:31:10,860 DEBUG Destroyed connection context.ldap2_35333584
2011-11-28 16:31:10,861 DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
2011-11-28 16:31:10,861 DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index'
2011-11-28 16:31:10,861 DEBUG Configuring ntpd
2011-11-28 16:31:10,862 DEBUG   [1/4]: stopping ntpd
2011-11-28 16:31:10,929 DEBUG args=/sbin/service ntpd status 
2011-11-28 16:31:10,930 DEBUG stdout=ntpd is stopped

2011-11-28 16:31:10,930 DEBUG stderr=
2011-11-28 16:31:10,930 DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state'
2011-11-28 16:31:10,979 DEBUG args=/sbin/service ntpd stop 
2011-11-28 16:31:10,980 DEBUG stdout=Shutting down ntpd:   [FAILED]

2011-11-28 16:31:10,980 DEBUG stderr=
2011-11-28 16:31:10,980 DEBUG   duration: 0 seconds
2011-11-28 16:31:10,980 DEBUG   [2/4]: writing configuration
2011-11-28 16:31:10,980 DEBUG Backing up system configuration file '/etc/ntp.conf'
2011-11-28 16:31:10,981 DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index'
2011-11-28 16:31:10,981 DEBUG Backing up system configuration file '/etc/sysconfig/ntpd'
2011-11-28 16:31:10,982 DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index'
2011-11-28 16:31:10,983 DEBUG   duration: 0 seconds
2011-11-28 16:31:10,983 DEBUG   [3/4]: configuring ntpd to start on boot
2011-11-28 16:31:10,996 DEBUG args=/sbin/chkconfig ntpd
2011-11-28 16:31:10,996 DEBUG stdout=
2011-11-28 16:31:10,996 DEBUG stderr=
2011-11-28 16:31:10,996 DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state'
2011-11-28 16:31:11,385 DEBUG args=/sbin/chkconfig ntpd on
2011-11-28 16:31:11,386 DEBUG stdout=
2011-11-28 16:31:11,386 DEBUG stderr=
2011-11-28 16:31:11,386 DEBUG   duration: 0 seconds
2011-11-28 16:31:11,386 DEBUG   [4/4]: starting ntpd
2011-11-28 16:31:11,429 DEBUG args=/sbin/service ntpd start 
2011-11-28 16:31:11,429 DEBUG stdout=Starting ntpd:        [  OK  ]

2011-11-28 16:31:11,429 DEBUG stderr=
2011-11-28 16:31:11,430 DEBUG   duration: 0 seconds
2011-11-28 16:31:11,430 DEBUG done configuring ntpd.
2011-11-28 16:31:11,431 DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
2011-11-28 16:31:11,452 DEBUG Created connection context.ldap2
2011-11-28 16:31:11,452 DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'
2011-11-28 16:31:11,453 DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index'

Comment 2 Martin Kosek 2011-11-28 11:52:57 UTC
Upstream ticket:
https://fedorahosted.org/freeipa/ticket/2139

Comment 3 Martin Kosek 2012-01-13 08:36:33 UTC
Fixed upstream:

master:
5550ee16071e5a1cf6c3a0f58c15865d730fe1e4
649d13b59746582ee19a7b40e454bc268b1b9be9
bc5085699d92369460c04050fad11bf64978fbd3
95f3ec5d7053a54a393daf1f7d9a93be9d8a64fe

ipa-2-2:
6bb719be5c7b126931310432d604cda4e4e56d3b
61ad6e09b15f84655a8f91183f5aebe7d117fa56
8413882dabdd511fff5435ae820f1bd599c1f13b
4b7d430b29c897e768ce10c1d7e9e5ecf79c575a

Comment 5 Martin Kosek 2012-04-19 12:44:07 UTC
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
Cause: IPA installer did not process host IP address properly  --no-host-dns option was passed.
Consequence: When hostname was not resolvable and --no-host-dns option was used, ipa-replica-install failed in a middle of the installation and did not amend the host name resolution in the same way as ipa-server-install does.
Fix: ipa-server-install and ipa-replica-install now share host IP address processing. They both add a record to /etc/hosts when the server/replica hostname is not resolvable.
Result: ipa-replica-install is now more robust and prevents more user errors when replica hostname is not resolvable.

Comment 6 Namita Soman 2012-05-07 16:00:53 UTC
Created attachment 582707 [details]
test ouput

tests run on ipa-server.x86_64 0:2.2.0-12.el6 pass. Attaching test output

Comment 8 errata-xmlrpc 2012-06-20 13:17:55 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2012-0819.html


Note You need to log in before you can comment on or make changes to this bug.