Running ipa-server-install on Fedora rawhide fails with
Configuring certificate server (pki-tomcatd): Estimated time 3 minutes 30 seconds [1/22]: creating certificate server user [2/22]: configuring certificate server instance ipa : CRITICAL failed to configure ca instance Command '/usr/sbin/pkispawn -s CA -f /tmp/tmpz9dOsT' returned non-zero exit status 1 Configuration of CA failed
Version-Release number of selected component (if applicable):
pki-server-10.2.0-0.1.fc21.noarch jettison-1.3.4-3.fc21.noarch
How reproducible:
Seen once, assume deterministic.
Steps to Reproduce: 1. Run ipa-server-install with freeipa-server and dependencies installed from Fedora rawhide repo.
Actual results:
ipa : CRITICAL failed to configure ca instance Command '/usr/sbin/pkispawn -s CA -f /tmp/tmpz9dOsT' returned non-zero exit status 1
and /var/log/ipaserver-install.log ends with
2014-05-30T13:27:41Z DEBUG Starting external process 2014-05-30T13:27:41Z DEBUG args=/usr/sbin/pkispawn -s CA -f /tmp/tmpz9dOsT 2014-05-30T13:27:42Z DEBUG Process finished, return code=1 2014-05-30T13:27:42Z DEBUG stdout=Loading deployment configuration from /tmp/tmpz9dOsT. Installing CA into /var/lib/pki/pki-tomcat. Storing deployment configuration into /etc/sysconfig/pki/tomcat/pki-tomcat/ca/deployment.cfg.
Installation failed.
2014-05-30T13:27:42Z DEBUG stderr=pkispawn : WARNING ....... Dangling symlink '/var/lib/pki/pki-tomcat/common/lib/jettison.jar'-->'/usr/share/java/je ttison.jar'
2014-05-30T13:27:42Z CRITICAL failed to configure ca instance Command '/usr/sbin/pkispawn -s CA -f /tmp/tmpz9dOsT' returned non-zero exit status 1 2014-05-30T13:27:42Z DEBUG File "/usr/lib/python2.7/site-packages/ipaserver/install/installutils.py", line 638, in run_script return_value = main_function()
File "/usr/sbin/ipa-server-install", line 1074, in main dm_password, subject_base=options.subject)
File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 478, in configure_instance self.start_creation(runtime=210)
File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 364, in start_creation method()
File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 604, in __spawn_instance raise RuntimeError('Configuration of CA failed')
2014-05-30T13:27:42Z DEBUG The ipa-server-install command failed, exception: RuntimeError: Configuration of CA failed
Expected results:
No error.
Additional info:
The /usr/share/java/jettison.jar does not exist. It is now in /usr/share/java/jettison/jettison.jar, it seems.
The SRPM utilized in this bug/ticket was built by me on 2013-12-19 22:11:25, and contained the following changelog message:
* Fri Nov 22 2013 Dogtag Team <pki-devel@redhat.com> 10.2.0-0.1 - Updated version number to 10.2.0-0.1. - Added option to build without server packages.
However, the current source on the master branch contains the following changelog message:
* Fri Nov 22 2013 Dogtag Team <pki-devel@redhat.com> 10.2.0-0.1 - Added option to build without server packages. - Replaced Jettison with Jackson. - Added python-nss build requirement - Bugzilla Bug #1057959 - pkispawn requires policycoreutils-python - TRAC Ticket #840 - pkispawn requires policycoreutils-python - Updated requirements for resteasy - Added template files for archive, retrieve and generate key requests to the client package.
Therefore, it is my belief that since 'Jettison' has been replaced by 'Jackson', and upgrade scripts have been provided to deal with legacy instances, this problem should go away once PKI TRAC Ticket #1029 - pki-core FTBFS has been resolved, and the next build has been successfully generated.
It is an unfortunate coincidence that the SRPM changelog message is dated the same date as the source changelog message and each contains a slightly different message.
I will leave this ticket in the assigned state until such time as a valid new build can be tested to verify that this problem is no longer an issue.
Closing this ticket per previous comment since PKI TRAC Ticket #1029 - pki-core FTBFS has now been closed.
Metadata Update from @mharmsen: - Issue assigned to mharmsen - Issue set to the milestone: 10.2 - 06/14 (June)
Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.
This issue has been cloned to GitHub and is available here: https://github.com/dogtagpki/pki/issues/1595
If you want to receive further updates on the issue, please navigate to the GitHub issue and click on Subscribe button.
Subscribe
Thank you for understanding, and we apologize for any inconvenience.
Login to comment on this ticket.