After an upgrade to 2.1.90: doing a kinit admin and trying to browse to the webui yields an "internal error":
[Mon Feb 06 14:04:11 2012] [notice] Apache/2.2.21 (Unix) DAV/2 mod_auth_kerb/5.4 mod_nss/2.2.17 NSS/3.12.9.0 mod_wsgi/3.2 Python/2.7.1 configured -- resuming normal operations [Mon Feb 06 14:04:13 2012] [error] ipa: INFO: *** PROCESS START *** [Mon Feb 06 14:04:13 2012] [error] ipa: INFO: *** PROCESS START *** [Mon Feb 06 14:16:02 2012] [error] [client 10.22.34.57] gss_accept_sec_context() failed: An unsupported mechanism was requested (, ), referer: https://authstage1.example.com/ipa/ui/ [Mon Feb 06 14:17:20 2012] [error] ipa: INFO: admin@EXAMPLE.COM: batch: i18n_messages(): SUCCESS [Mon Feb 06 14:17:20 2012] [error] ipa: INFO: admin@EXAMPLE.COM: batch: user_find(None, whoami=True, all=True): SUCCESS [Mon Feb 06 14:17:20 2012] [error] ipa: INFO: admin@EXAMPLE.COM: batch: env(None): SUCCESS [Mon Feb 06 14:17:20 2012] [error] ipa: INFO: admin@EXAMPLE.COM: batch: dns_is_enabled(): SUCCESS [Mon Feb 06 14:17:20 2012] [error] ipa: INFO: admin@EXAMPLE.COM: batch(({u'params': [[], {}], u'method': u'i18n_messages'}, {u'params': [[], {u'all': True, u'whoami': True}], u'method': u'user_find'}, {u'params': [[], {}], u'method': u'env'}, {u'params': [[], {}], u'method': u'dns_is_enabled'})): SUCCESS [Mon Feb 06 14:17:21 2012] [error] ipa: INFO: admin@EXAMPLE.COM: json_metadata(None, None, command=u'all'): SUCCESS [Mon Feb 06 14:17:21 2012] [error] ipa: ERROR: non-public: KeyError: 'ipaselinuxusermap' [Mon Feb 06 14:17:21 2012] [error] Traceback (most recent call last): [Mon Feb 06 14:17:21 2012] [error] File "/usr/lib/python2.7/site-packages/ipaserver/rpcserver.py", line 230, in wsgi_execute [Mon Feb 06 14:17:21 2012] [error] result = self.Command[name](*args, **options) [Mon Feb 06 14:17:21 2012] [error] File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 438, in __call__ [Mon Feb 06 14:17:21 2012] [error] ret = self.run(*args, **options) [Mon Feb 06 14:17:21 2012] [error] File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 696, in run [Mon Feb 06 14:17:21 2012] [error] return self.execute(*args, **options) [Mon Feb 06 14:17:21 2012] [error] File "/usr/lib/python2.7/site-packages/ipalib/plugins/internal.py", line 119, in execute [Mon Feb 06 14:17:21 2012] [error] (o.name, json_serialize(o)) for o in self.api.Object() [Mon Feb 06 14:17:21 2012] [error] File "/usr/lib/python2.7/site-packages/ipalib/plugins/internal.py", line 119, in <genexpr> [Mon Feb 06 14:17:21 2012] [error] (o.name, json_serialize(o)) for o in self.api.Object() [Mon Feb 06 14:17:21 2012] [error] File "/usr/lib/python2.7/site-packages/ipalib/util.py", line 49, in json_serialize [Mon Feb 06 14:17:21 2012] [error] return json_serialize(obj.__json__()) [Mon Feb 06 14:17:21 2012] [error] File "/usr/lib/python2.7/site-packages/ipalib/plugins/baseldap.py", line 490, in __json__ [Mon Feb 06 14:17:21 2012] [error] attrs = self.api.Backend.ldap2.schema.attribute_types(objectclasses) [Mon Feb 06 14:17:21 2012] [error] File "/usr/lib64/python2.7/site-packages/ldap/schema/subentry.py", line 277, in attribute_types [Mon Feb 06 14:17:21 2012] [error] object_class = self.sed[ObjectClass][object_class_oid] [Mon Feb 06 14:17:21 2012] [error] KeyError: 'ipaselinuxusermap' [Mon Feb 06 14:17:21 2012] [error] ipa: INFO: admin@EXAMPLE.COM: json_metadata(None, None, object=u'all'): KeyError
attachment freeipa-rcrit-944-selinux.patch
Tested upgrade from freeipa-server-2.1.4-3
master: 0086a3f[[BR]] ipa-2-2: 03de4df
Metadata Update from @jraquino: - Issue assigned to rcritten - Issue set to the milestone: FreeIPA 2.2 Core Effort - 2012/02
Login to comment on this ticket.