Bug 802396 - Syntax Errors restart IPA services /var/lib/pki-ca/pki-ca: line 91
Summary: Syntax Errors restart IPA services /var/lib/pki-ca/pki-ca: line 91
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: tomcat6
Version: 6.3
Hardware: Unspecified
OS: Unspecified
urgent
urgent
Target Milestone: rc
: ---
Assignee: David Knox
QA Contact: tomcat-qe
URL:
Whiteboard:
Depends On:
Blocks: 806046
TreeView+ depends on / blocked
 
Reported: 2012-03-12 13:15 UTC by Jenny Severance
Modified: 2015-11-02 00:17 UTC (History)
5 users (show)

Fixed In Version: tomcat6-6.0.24-44.el6
Doc Type: Bug Fix
Doc Text:
No tech note needed
Clone Of:
: 806046 (view as bug list)
Environment:
Last Closed: 2012-06-20 14:35:55 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2012:0945 normal SHIPPED_LIVE tomcat6 bug fix and enhancement update 2012-06-19 21:00:00 UTC

Description Jenny Severance 2012-03-12 13:15:15 UTC 
Description of problem:

# ipactl restart
Restarting Directory Service
Shutting down dirsrv: 
    PKI-IPA...                                             [  OK  ]
    TESTRELM-COM...                                        [  OK  ]
Starting dirsrv: 
    PKI-IPA...                                             [  OK  ]
    TESTRELM-COM...                                        [  OK  ]
Restarting KDC Service
Stopping Kerberos 5 KDC:                                   [  OK  ]
Starting Kerberos 5 KDC:                                   [  OK  ]
Restarting KPASSWD Service
Stopping Kerberos 5 Admin Server:                          [  OK  ]
Starting Kerberos 5 Admin Server:                          [  OK  ]
Restarting DNS Service
Stopping named: .                                          [  OK  ]
Starting named:                                            [  OK  ]
Restarting MEMCACHE Service
Stopping ipa_memcached:                                    [  OK  ]
Starting ipa_memcached:                                    [  OK  ]
Restarting HTTP Service
Stopping httpd:                                            [  OK  ]
Starting httpd: [Mon Mar 12 09:09:59 2012] [warn] worker ajp://localhost:9447/ already used by another worker
[Mon Mar 12 09:09:59 2012] [warn] worker ajp://localhost:9447/ already used by another worker
                                                           [  OK  ]
Restarting CA Service
/var/lib/pki-ca/pki-ca: line 91: syntax error near unexpected token `('
/var/lib/pki-ca/pki-ca: line 91: `functonn version() {'
/var/lib/pki-ca/pki-ca: line 91: syntax error near unexpected token `('
/var/lib/pki-ca/pki-ca: line 91: `functonn version() {'
Failed to restart CA Service
Shutting down
Stopping Kerberos 5 KDC:                                   [  OK  ]
Stopping Kerberos 5 Admin Server:                          [  OK  ]
Stopping named: .                                          [  OK  ]
Stopping ipa_memcached:                                    [  OK  ]
Stopping httpd:                                            [  OK  ]
/var/lib/pki-ca/pki-ca: line 91: syntax error near unexpected token `('
/var/lib/pki-ca/pki-ca: line 91: `functonn version() {'
Shutting down dirsrv: 
    PKI-IPA...                                             [  OK  ]
    TESTRELM-COM...                                        [  OK  ]
Aborting ipactl


Version-Release number of selected component (if applicable):
ipa-server-2.2.0-3.el6.x86_64
389-ds-base-1.2.10.2-2.el6.x86_64
pki-ca-9.0.3-23.el6.noarch

How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 2 Jenny Severance 2012-03-12 13:26:51 UTC 
Please start the configuration by accessing:

https://ipaqavmd.testrelm.com:9445/ca/admin/console/config/login?pin=X1GMoj6VeBIKA5polWUc

After configuration, the server can be operated by the command:

    /sbin/service pki-cad restart pki-ca


2012-03-12T13:20:37Z DEBUG stderr=[error] FAILED run_command("/sbin/service pki-cad restart pki-ca"), exit status=2 output="/var/lib/pki-ca/pki-ca: line 91: syntax error near unexpected token `('
/var/lib/pki-ca/pki-ca: line 91: `functonn version() {'
/var/lib/pki-ca/pki-ca: line 91: syntax error near unexpected token `('
/var/lib/pki-ca/pki-ca: line 91: `functonn version() {'"

2012-03-12T13:20:37Z DEBUG   duration: 9 seconds
2012-03-12T13:20:37Z DEBUG   [3/17]: configuring certificate server instance
2012-03-12T13:20:38Z DEBUG args=/usr/bin/perl /usr/bin/pkisilent 'ConfigureCA' '-cs_hostname' 'ipaqavmd.testrelm.com' '-cs_port' '9445' '-client_certdb_dir' '/tmp/tmp-SDs8JX' '-client_certdb_pwd' XXXXXXXX '-preop_pin' 'X1GMoj6VeBIKA5polWUc' '-domain_name' 'IPA' '-admin_user' 'admin' '-admin_email' 'root@localhost' '-admin_password' XXXXXXXX '-agent_name' 'ipa-ca-agent' '-agent_key_size' '2048' '-agent_key_type' 'rsa' '-agent_cert_subject' 'CN=ipa-ca-agent,O=TESTRELM.COM' '-ldap_host' 'ipaqavmd.testrelm.com' '-ldap_port' '7389' '-bind_dn' 'cn=Directory Manager' '-bind_password' XXXXXXXX '-base_dn' 'o=ipaca' '-db_name' 'ipaca' '-key_size' '2048' '-key_type' 'rsa' '-key_algorithm' 'SHA256withRSA' '-save_p12' 'true' '-backup_pwd' XXXXXXXX '-subsystem_name' 'pki-cad' '-token_name' 'internal' '-ca_subsystem_cert_subject_name' 'CN=CA Subsystem,O=TESTRELM.COM' '-ca_ocsp_cert_subject_name' 'CN=OCSP Subsystem,O=TESTRELM.COM' '-ca_server_cert_subject_name' 'CN=ipaqavmd.testrelm.com,O=TESTRELM.COM' '-ca_audit_signing_cert_subject_name' 'CN=CA Audit,O=TESTRELM.COM' '-ca_sign_cert_subject_name' 'CN=Certificate Authority,O=TESTRELM.COM' '-external' 'false' '-clone' 'false'
2012-03-12T13:20:38Z DEBUG stdout=libpath=/usr/lib64
#######################################################################

#######################################################################

2012-03-12T13:20:38Z DEBUG stderr=Exception in thread "main" java.lang.NoClassDefFoundError: 'ConfigureCA'
Caused by: java.lang.ClassNotFoundException: 'ConfigureCA'
	at java.net.URLClassLoader$1.run(URLClassLoader.java:217)
	at java.security.AccessController.doPrivileged(Native Method)
	at java.net.URLClassLoader.findClass(URLClassLoader.java:205)
	at java.lang.ClassLoader.loadClass(ClassLoader.java:321)
	at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:294)
	at java.lang.ClassLoader.loadClass(ClassLoader.java:266)
Could not find the main class: 'ConfigureCA'. Program will exit.

2012-03-12T13:20:38Z CRITICAL failed to configure ca instance Command '/usr/bin/perl /usr/bin/pkisilent 'ConfigureCA' '-cs_hostname' 'ipaqavmd.testrelm.com' '-cs_port' '9445' '-client_certdb_dir' '/tmp/tmp-SDs8JX' '-client_certdb_pwd' XXXXXXXX '-preop_pin' 'X1GMoj6VeBIKA5polWUc' '-domain_name' 'IPA' '-admin_user' 'admin' '-admin_email' 'root@localhost' '-admin_password' XXXXXXXX '-agent_name' 'ipa-ca-agent' '-agent_key_size' '2048' '-agent_key_type' 'rsa' '-agent_cert_subject' 'CN=ipa-ca-agent,O=TESTRELM.COM' '-ldap_host' 'ipaqavmd.testrelm.com' '-ldap_port' '7389' '-bind_dn' 'cn=Directory Manager' '-bind_password' XXXXXXXX '-base_dn' 'o=ipaca' '-db_name' 'ipaca' '-key_size' '2048' '-key_type' 'rsa' '-key_algorithm' 'SHA256withRSA' '-save_p12' 'true' '-backup_pwd' XXXXXXXX '-subsystem_name' 'pki-cad' '-token_name' 'internal' '-ca_subsystem_cert_subject_name' 'CN=CA Subsystem,O=TESTRELM.COM' '-ca_ocsp_cert_subject_name' 'CN=OCSP Subsystem,O=TESTRELM.COM' '-ca_server_cert_subject_name' 'CN=ipaqavmd.testrelm.com,O=TESTRELM.COM' '-ca_audit_signing_cert_subject_name' 'CN=CA Audit,O=TESTRELM.COM' '-ca_sign_cert_subject_name' 'CN=Certificate Authority,O=TESTRELM.COM' '-external' 'false' '-clone' 'false'' returned non-zero exit status 255
2012-03-12T13:20:38Z DEBUG Configuration of CA failed
  File "/usr/sbin/ipa-server-install", line 1092, in <module>
    rval = main()

  File "/usr/sbin/ipa-server-install", line 883, in main
    subject_base=options.subject)

  File "/usr/lib/python2.6/site-packages/ipaserver/install/cainstance.py", line 531, in configure_instance
    self.start_creation("Configuring certificate server", 210)

  File "/usr/lib/python2.6/site-packages/ipaserver/install/service.py", line 257, in start_creation
    method()

  File "/usr/lib/python2.6/site-packages/ipaserver/install/cainstance.py", line 670, in __configure_instance
    raise RuntimeError('Configuration of CA failed')
Comment 3 Jenny Severance 2012-03-12 14:10:15 UTC 
Here's the problem that fixes the issue ::

# diff /var/lib/pki-ca/pki-ca /var/lib/pki-ca/pki-ca.orig 
91c91
< function version() {
---
> functonn version() {
Comment 4 Rob Crittenden 2012-03-12 14:18:33 UTC 
This is apparently a bug in tomcat6. Re-assigning to CS team for tracking.
Comment 5 Dmitri Pal 2012-03-12 14:35:56 UTC 
# ls -l /var/lib/pki-ca/pki-ca
lrwxrwxrwx. 1 root root 24 Mar  5 12:52 /var/lib/pki-ca/pki-ca -> /etc/rc.d/init.d/tomcat6
Comment 6 Jenny Severance 2012-03-12 14:47:16 UTC 
additional permissions issues found with this file, need to uncomment

124     [ "$RETVAL" -eq "0" ] && touch $TOMCAT_LOG 2>&1 || RETVAL="4"
125     if [ "$RETVAL" -eq "0" -a "$?" -eq "0" ]; then
126       chown ${TOMCAT_USER}:${TOMCAT_USER} $TOMCAT_LOG
127     fi


changing component to Tomcat6 this is a blocking issue for IPA testing of RHEL 6.3
Comment 8 David Knox 2012-05-01 21:38:45 UTC 
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
No tech note needed
Comment 9 Michal Haško 2012-05-30 11:13:03 UTC 
Corresponding patches present and applied in srpm.
Package tomcat6-6.0.24-45.el6 has passed sanity testing.
Comment 11 errata-xmlrpc 2012-06-20 14:35:55 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2012-0945.html
Note You need to log in before you can comment on or make changes to this bug.