Created attachment 784938 [details] ipa restore log Description of problem: [root@localhost ~]# ipa-restore ipa-full-2013-08-08-14-53-38 Directory Manager (existing master) password: Preparing restore from /var/lib/ipa/backup/ipa-full-2013-08-08-14-53-38 on strider.home.pecknet.com 'getpwnam(): name not found: dirsrv' Version-Release number of selected component (if applicable): freeipa-server-3.2.2-1.fc19.i686 How reproducible: Everytime Steps to Reproduce: 1. Fresh install of F19 2. copy previous backup to /var/lib/ipa/backup 3. ipa-restore ipa-full-2013-08-08-14-53-38 Actual results: 'getpwnam(): name not found: dirsrv' Additional info: A workaround is to do an install then an uninstall. Then proceed with the restore.
The dirsrv user is created during the IPA server install process. A quicker workaround is to create the user prior to restoration: /usr/sbin/useradd -g dirsrv -c "DS System User" -d /var/lib/dirsrv -s /sbin/nologin -M -r dirsrv
I've also run into the issue that ipa-backup/ipa-restore blindly copies over /etc/group and /etc/passwd. Major problem is that groups can get created in different orders on different installs. In my situation ssh_keys and polkitd group id's are swapped. This causes sshd to freak out and prevent me from ssh'ing into the machine. Is there a better way to restore when doing so on a fresh install?
Upstream ticket: https://fedorahosted.org/freeipa/ticket/3856
Upstream ticket for the second Bill's remark: https://fedorahosted.org/freeipa/ticket/3866
Fixed upstream: master: https://fedorahosted.org/freeipa/changeset/de7b1f86dc5bc120e570a99e722a06865cad3fdd ipa-3-3: https://fedorahosted.org/freeipa/changeset/bc559c0b386cf6e55df6e60d6dcfbc39cf68b85e
This bug appears to have been reported against 'rawhide' during the Fedora 20 development cycle. Changing version to '20'. More information and reason for this action is here: https://fedoraproject.org/wiki/BugZappers/HouseKeeping/Fedora20
freeipa-3.3.2-1.fc20 has been submitted as an update for Fedora 20. https://admin.fedoraproject.org/updates/freeipa-3.3.2-1.fc20
Package freeipa-3.3.2-1.fc20: * should fix your issue, * was pushed to the Fedora 20 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing freeipa-3.3.2-1.fc20' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2013-18542/freeipa-3.3.2-1.fc20 then log in and leave karma (feedback).
freeipa-3.3.2-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
Bill's second remark was fixed upstream ipa-4-1: https://fedorahosted.org/freeipa/changeset/c210126a5d8b006f4e76d72979ef54e6f127c001 https://fedorahosted.org/freeipa/changeset/8359411509a60c8202769ad461f3073db5e03d08 https://fedorahosted.org/freeipa/changeset/eb4e472668759cf514858f5bf0af264d3dbd2be0 https://fedorahosted.org/freeipa/changeset/127e7a1dcc2ed0624f65597292ac58535ccc0602 master: https://fedorahosted.org/freeipa/changeset/5dfa1116c27e72d5b501daab89d05a20028ce507 https://fedorahosted.org/freeipa/changeset/5fef2ecb399129b7d4e96eb47ec1d03f586a2b52 https://fedorahosted.org/freeipa/changeset/06566cb62b00c10b9ef2fd210bb9b36c16649de5 https://fedorahosted.org/freeipa/changeset/abba25c8269f4928d659cfcaf8363ad2491bd736