When /etc/pki/pki-tomcat already exists, running ipa-server-install fails.
Steps to Reproduce:
1. yum install -y ipa-server 2. mkdir /etc/pki/pki-tomcat 3. ipa-server-install -r EXAMPLE.TEST -n example.test -p Secret123 -a Secret123 -U
Actual results:
[37/47]: adding entries for topology management [38/47]: initializing group membership [39/47]: adding master entry [40/47]: initializing domain level [41/47]: configuring Posix uid/gid generation [42/47]: adding replication acis [43/47]: enabling compatibility plugin [44/47]: activating sidgen plugin [45/47]: activating extdom plugin [46/47]: tuning directory server [47/47]: configuring directory to start on boot Done configuring directory server (dirsrv). Configuring certificate server (pki-tomcatd). Estimated time: 3 minutes 30 seconds [1/31]: creating certificate server user [2/31]: configuring certificate server instance ipa.ipaserver.install.cainstance.CAInstance: CRITICAL Failed to configure CA instance: Command '/usr/sbin/pkispawn -s CA -f /tmp/tmpdoJ4Dm' returned non-zero exit status 1 ipa.ipaserver.install.cainstance.CAInstance: CRITICAL See the installation logs and the following files/directories for more information: ipa.ipaserver.install.cainstance.CAInstance: CRITICAL /var/log/pki/pki-tomcat [error] RuntimeError: CA configuration failed. ipa.ipapython.install.cli.install_tool(Server): ERROR CA configuration failed. ipa.ipapython.install.cli.install_tool(Server): ERROR The ipa-server-install command failed. See /var/log/ipaserver-install.log for more information The /var/log/ipaserver-install.log ends with 2017-01-03T13:25:15Z DEBUG Starting external process 2017-01-03T13:25:15Z DEBUG args=/usr/sbin/pkispawn -s CA -f /tmp/tmpdoJ4Dm 2017-01-03T13:25:16Z DEBUG Process finished, return code=1 2017-01-03T13:25:16Z DEBUG stdout=Log file: /var/log/pki/pki-ca-spawn.20170103082515.log Loading deployment configuration from /tmp/tmpdoJ4Dm. Installing CA into /var/lib/pki/pki-tomcat. Storing deployment configuration into /etc/sysconfig/pki/tomcat/pki-tomcat/ca/deployment.cfg. Installation failed: Directory '/etc/pki/pki-tomcat' already exists! 2017-01-03T13:25:16Z DEBUG stderr=pkispawn : ERROR ....... Directory '/etc/pki/pki-tomcat' already exists! 2017-01-03T13:25:16Z CRITICAL Failed to configure CA instance: Command '/usr/sbin/pkispawn -s CA -f /tmp/tmpdoJ4Dm' returned non-zero exit status 1 2017-01-03T13:25:16Z CRITICAL See the installation logs and the following files/directories for more information: 2017-01-03T13:25:16Z CRITICAL /var/log/pki/pki-tomcat 2017-01-03T13:25:16Z DEBUG Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 448, in start_creation run_step(full_msg, method) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 438, in run_step method() File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 590, in __spawn_instance DogtagInstance.spawn_instance(self, cfg_file) File "/usr/lib/python2.7/site-packages/ipaserver/install/dogtaginstance.py", line 181, in spawn_instance self.handle_setup_error(e) File "/usr/lib/python2.7/site-packages/ipaserver/install/dogtaginstance.py", line 420, in handle_setup_error raise RuntimeError("%s configuration failed." % self.subsystem) RuntimeError: CA configuration failed. 2017-01-03T13:25:16Z DEBUG [error] RuntimeError: CA configuration failed. 2017-01-03T13:25:16Z DEBUG File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 171, in execute return_value = self.run() File "/usr/lib/python2.7/site-packages/ipapython/install/cli.py", line 318, in run cfgr.run() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 310, in run self.execute() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 332, in execute for nothing in self._executor(): File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 372, in __runner self._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 394, in _handle_exception six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 362, in __runner step() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 359, in <lambda> step = lambda: next(self.__gen) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from value = gen.send(prev_value) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 586, in _configure next(executor) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 372, in __runner self._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 449, in _handle_exception self.__parent._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 394, in _handle_exception six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 446, in _handle_exception super(ComponentBase, self)._handle_exception(exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 394, in _handle_exception six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 362, in __runner step() File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 359, in <lambda> step = lambda: next(self.__gen) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from six.reraise(*exc_info) File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from value = gen.send(prev_value) File "/usr/lib/python2.7/site-packages/ipapython/install/common.py", line 63, in _install for nothing in self._installer(self.parent): File "/usr/lib/python2.7/site-packages/ipaserver/install/server/install.py", line 1357, in main install(self) File "/usr/lib/python2.7/site-packages/ipaserver/install/server/install.py", line 267, in decorated func(installer) File "/usr/lib/python2.7/site-packages/ipaserver/install/server/install.py", line 773, in install ca.install_step_0(False, None, options) File "/usr/lib/python2.7/site-packages/ipaserver/install/ca.py", line 161, in install_step_0 ca_signing_algorithm=options.ca_signing_algorithm) File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 437, in configure_instance self.start_creation(runtime=210) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 448, in start_creation run_step(full_msg, method) File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 438, in run_step method() File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 590, in __spawn_instance DogtagInstance.spawn_instance(self, cfg_file) File "/usr/lib/python2.7/site-packages/ipaserver/install/dogtaginstance.py", line 181, in spawn_instance self.handle_setup_error(e) File "/usr/lib/python2.7/site-packages/ipaserver/install/dogtaginstance.py", line 420, in handle_setup_error raise RuntimeError("%s configuration failed." % self.subsystem) 2017-01-03T13:25:16Z DEBUG The ipa-server-install command failed, exception: RuntimeError: CA configuration failed. 2017-01-03T13:25:16Z ERROR CA configuration failed. 2017-01-03T13:25:16Z ERROR The ipa-server-install command failed. See /var/log/ipaserver-install.log for more information
Expected results:
No error.
Additional info:
This issue causes problem especially in containerized environments when we might want that directory bind-mounted or symlinked to some volume. Filing against ipa even if pki* might be the ultimate component, since we likely want to keep this as dependency for future ipa-server-docker work.
Metadata Update from @jpazdziora: - Issue set to the milestone: 0.0 NEEDS_TRIAGE
Metadata Update from @mharmsen: - Custom field feature adjusted to '' - Custom field proposedmilestone adjusted to '' - Custom field proposedpriority adjusted to '' - Custom field reviewer adjusted to '' - Custom field version adjusted to '' - Issue close_status updated to: None - Issue set to the milestone: 10.4 (was: 0.0 NEEDS_TRIAGE)
Per CS/DS Meeting of August 7, 2017, it was determined to move this issue from 10.4 ==> FUTURE.
Metadata Update from @mharmsen: - Issue set to the milestone: FUTURE (was: 10.4)
Metadata Update from @mharmsen: - Issue set to the milestone: 10.5 (was: FUTURE)
Metadata Update from @mharmsen: - Custom field lowhangingfruit adjusted to vakwetu: X
[20171025] - Offline Triage ==> 10.6
Metadata Update from @mharmsen: - Issue set to the milestone: 10.6 (was: 10.5)
2018-02-21 21:53:52 pkispawn : ERROR ....... Directory '/etc/pki/pki-tomcat' already exists! 2018-02-21 21:53:52 pkispawn : DEBUG ....... Error Type: Exception 2018-02-21 21:53:52 pkispawn : DEBUG ....... Error Message: Directory '/etc/pki/pki-tomcat' already exists! 2018-02-21 21:53:52 pkispawn : DEBUG ....... File "/usr/sbin/pkispawn", line 533, in main scriptlet.spawn(deployer) File "/usr/lib/python2.7/site-packages/pki/server/deployment/scriptlets/instance_layout.py", line 57, in spawn ignore_cb=file_ignore_callback_src_server) File "/usr/lib/python2.7/site-packages/pki/server/deployment/pkihelper.py", line 1402, in copy log.PKI_DIRECTORY_ALREADY_EXISTS_1 % new_name)
Metadata Update from @mharmsen: - Issue assigned to edewata - Issue set to the milestone: 10.5 (was: 10.6)
Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.
This issue has been cloned to GitHub and is available here: https://github.com/dogtagpki/pki/issues/2709
If you want to receive further updates on the issue, please navigate to the GitHub issue and click on Subscribe button.
Subscribe
Thank you for understanding, and we apologize for any inconvenience.
Metadata Update from @dmoluguw: - Issue close_status updated to: migrated - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.