Ticket was cloned from Red Hat Bugzilla (product Fedora): Bug 965989
Description of problem: When running ipa-server-install on F19: [snip] one configuring certificate server (pki-tomcatd). Configuring Kerberos KDC (krb5kdc): Estimated time 30 seconds [1/10]: adding sasl mappings to the directory [2/10]: adding kerberos container to the directory [3/10]: configuring KDC [4/10]: initialize kerberos container [5/10]: adding default ACIs [6/10]: creating a keytab for the directory Unexpected error - see /var/log/ipaserver-install.log for details: CalledProcessError: Command 'kadmin.local -q addprinc -randkey ldap/vm-001.ipa.com@IPA.COM -x ipa-setup-override-restrictions' returned non-zero exit status 1 The relevant part of ipaserver-install.log tells us that credential cache directory does not exist. 2013-05-22T08:32:25Z DEBUG [6/10]: creating a keytab for the directory 2013-05-22T08:32:25Z DEBUG Starting external process 2013-05-22T08:32:25Z DEBUG args=kadmin.local -q addprinc -randkey ldap/vm-001.ipa.com@IPA.COM -x ipa-setup-override-restrictions 2013-05-22T08:32:25Z DEBUG Process finished, return code=1 2013-05-22T08:32:25Z DEBUG stdout= 2013-05-22T08:32:25Z DEBUG stderr=kadmin.local: Credential cache directory /run/user/0/krb5cc does not exist while opening default credentials cache Version-Release number of selected component (if applicable): [tbabej@vm-001 labtool]$ rpm -qa | grep krb krb5-server-1.11.2-5.fc19.x86_64 krb5-workstation-1.11.2-5.fc19.x86_64 krb5-pkinit-1.11.2-5.fc19.x86_64 krb5-devel-1.11.2-5.fc19.x86_64 python-krbV-1.0.90-6.fc19.x86_64 pam_krb5-2.4.5-1.fc19.x86_64 krb5-libs-1.11.2-5.fc19.x86_64 Steps to reproduce: 1. Install freeipa-server from sources (current HEAD 89be148580169d9a8dbafa8a72f8c23034e3b601) 2. run ipa-server-install
Regression, we need to address this now.
This is a F19 development regression, moving to right bucket.
master: 6f51f92[[BR]] ipa-3-2: 4ec1de1
Metadata Update from @mkosek: - Issue assigned to tbabej - Issue set to the milestone: FreeIPA 3.2.x - 2013/06 (bug fixing)
Login to comment on this ticket.