Ubuntu
oddjob package

ipa-replica-install fails: "an internal error has occurred" on Remote master - DBusException: org.freedesktop.DBus.Error.ServiceUnknown: The name org.freeipa.server was not provided by any .service files

Bug #1657134 reported by Alexander Skwar
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
oddjob (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

Using freeipa 4.3.1-0ubuntu1 on Ubuntu 16.04 servers.

I have setup a FreeIPA master server with the following commands:

    apt install freeipa-server

    ipa-server-install --setup-dns --mkhomedir --auto-forwarders \
      --no-reverse --hostname=ewserv-auth01-prod.unix.ewadmin.ch \
      --ip-address=192.168.251.51 \
      --ds-password='dspassword' --admin-password='adminpassword' \
      --realm=UNIX.EWADMIN.CH --domain=unix.ewadmin.ch \
      --unattended

On a different server, I'm now trying to setup a replica. The
connection tests are good, see replica-master-conncheck.txt and
master-replica-conncheck.txt.

But ipa-replica-install fails (see ipa-replica-install.log.txt):

    $ sudo ipa-replica-install -P admin -w adminpassword --domain=unix.ewadmin.ch --server=ewserv-auth01-prod.unix.ewadmin.ch --realm=UNIX.EWADMIN.CH --hostname=ewserv-auth02-prod.unix.ewadmin.ch
    …
    Client configuration complete.

    Run connection check to master
    Removing client side components
    Unenrolling client from IPA server
    …
    ipa.ipapython.install.cli.install_tool(Replica): ERROR Connection check failed!
    Please fix your network settings according to error messages above.
    If the check results are not valid it can be skipped with --skip-conncheck parameter.
    ipa.ipapython.install.cli.install_tool(Replica): ERROR The ipa-replica-install command failed. See /var/log/ipareplica-install.log for more information

In /var/log/ipareplica-install.log (attached as well), I find:

    […]
       Kerberos Kpasswd: UDP (464): SKIPPED

    Connection from replica to master is OK.
    Start listening on required ports for remote master check
    Get credentials to log in to remote master
    Check RPC connection to remote master
    Execute check on remote master

    2017-01-17T14:48:00Z DEBUG stderr=Remote master check failed with following error message(s):
    an internal error has occurred

    2017-01-17T14:48:00Z DEBUG Starting external process
    2017-01-17T14:48:00Z DEBUG args=/usr/sbin/ipa-client-install --unattended --uninstall
    2017-01-17T14:48:06Z DEBUG Process finished, return code=0
    […]

In /var/log/apache2/error.log, I find an error:

    [Tue Jan 17 16:06:05.825724 2017] [wsgi:error] [pid 21773:tid 139626190206720] ipa: INFO: [jsonserver_kerb] <email address hidden>: ping(version=u'2.164'): SUCCESS
    ERROR:dbus.proxies:Introspect error on org.freeipa.server:/: dbus.exceptions.DBusException: org.freedesktop.DBus.Error.ServiceUnknown: The name org.freeipa.server was not provided by any .service files
    [Tue Jan 17 16:06:05.941909 2017] [wsgi:error] [pid 21772:tid 139626190206720] ipa: ERROR: non-public: DBusException: org.freedesktop.DBus.Error.ServiceUnknown: The name org.freeipa.server was not provided by any .service files
    [Tue Jan 17 16:06:05.942141 2017] [wsgi:error] [pid 21772:tid 139626190206720] Traceback (most recent call last):
    [Tue Jan 17 16:06:05.942325 2017] [wsgi:error] [pid 21772:tid 139626190206720] File "/usr/lib/python2.7/dist-packages/ipaserver/rpcserver.py", line 350, in wsgi_execute
    [Tue Jan 17 16:06:05.942543 2017] [wsgi:error] [pid 21772:tid 139626190206720] result = self.Command[name](*args, **options)
    [Tue Jan 17 16:06:05.942946 2017] [wsgi:error] [pid 21772:tid 139626190206720] File "/usr/lib/python2.7/dist-packages/ipalib/frontend.py", line 446, in __call__
    [Tue Jan 17 16:06:05.944110 2017] [wsgi:error] [pid 21772:tid 139626190206720] ret = self.run(*args, **options)
    [Tue Jan 17 16:06:05.944272 2017] [wsgi:error] [pid 21772:tid 139626190206720] File "/usr/lib/python2.7/dist-packages/ipalib/frontend.py", line 763, in run
    [Tue Jan 17 16:06:05.944459 2017] [wsgi:error] [pid 21772:tid 139626190206720] return self.execute(*args, **options)
    [Tue Jan 17 16:06:05.944638 2017] [wsgi:error] [pid 21772:tid 139626190206720] File "/usr/lib/python2.7/dist-packages/ipalib/plugins/server.py", line 247, in execute
    [Tue Jan 17 16:06:05.944825 2017] [wsgi:error] [pid 21772:tid 139626190206720] ret, stdout, stderr = server.conncheck(keys[-1])
    [Tue Jan 17 16:06:05.945075 2017] [wsgi:error] [pid 21772:tid 139626190206720] File "/usr/lib/python2.7/dist-packages/dbus/proxies.py", line 70, in __call__
    [Tue Jan 17 16:06:05.945245 2017] [wsgi:error] [pid 21772:tid 139626190206720] return self._proxy_method(*args, **keywords)
    [Tue Jan 17 16:06:05.945394 2017] [wsgi:error] [pid 21772:tid 139626190206720] File "/usr/lib/python2.7/dist-packages/dbus/proxies.py", line 145, in __call__
    [Tue Jan 17 16:06:05.945567 2017] [wsgi:error] [pid 21772:tid 139626190206720] **keywords)
    [Tue Jan 17 16:06:05.945734 2017] [wsgi:error] [pid 21772:tid 139626190206720] File "/usr/lib/python2.7/dist-packages/dbus/connection.py", line 651, in call_blocking
    [Tue Jan 17 16:06:05.945914 2017] [wsgi:error] [pid 21772:tid 139626190206720] message, timeout)
    [Tue Jan 17 16:06:05.946074 2017] [wsgi:error] [pid 21772:tid 139626190206720] DBusException: org.freedesktop.DBus.Error.ServiceUnknown: The name org.freeipa.server was not provided by any .service files
    [Tue Jan 17 16:06:05.946989 2017] [wsgi:error] [pid 21772:tid 139626190206720] ipa: INFO: [jsonserver_kerb] <email address hidden>: server_conncheck(u'ewserv-auth01-prod.unix.ewadmin.ch', u'ewserv-auth02-prod.unix.ewadmin.ch', version=u'2.162'): DBusException
    [Tue Jan 17 16:06:10.595846 2017] [wsgi:error] [pid 21773:tid 139626190206720] ipa: INFO: [xmlserver] <email address hidden>: host_disable(u'ewserv-auth02-prod.unix.ewadmin.ch', version=u'2.51'): SUCCESS

Revision history for this message
Alexander Skwar (alexander-skwar) wrote :
Revision history for this message
Alexander Skwar (alexander-skwar) wrote :
Revision history for this message
Alexander Skwar (alexander-skwar) wrote :
Revision history for this message
Alexander Skwar (alexander-skwar) wrote :
Revision history for this message
Timo Aaltonen (tjaalton) wrote :

what if you run:

systemctl reload-or-try-restart dbus

Changed in freeipa (Ubuntu):
status: New → Incomplete
Revision history for this message
Alexander Skwar (alexander-skwar) wrote :

No difference.

local@ewserv-auth01-prod ~ % dbus-send --system --dest=org.freedesktop.DBus --type=method_call --print-reply /org/freedesktop/DBus org.freedesktop.DBus.ListNames
method return time=1484670866.341799 sender=org.freedesktop.DBus -> destination=:1.15 serial=3 reply_serial=2
   array [
      string "org.freedesktop.DBus"
      string "org.freedesktop.login1"
      string "org.fedorahosted.certmonger"
      string ":1.8"
      string "org.freedesktop.systemd1"
      string "com.redhat.oddjob"
      string "com.redhat.oddjob_mkhomedir"
      string ":1.11"
      string ":1.12"
      string ":1.0"
      string ":1.1"
      string ":1.15"
      string ":1.2"
      string "org.freedesktop.Accounts"
      string ":1.5"
      string ":1.6"
   ]

local@ewserv-auth01-prod ~ % sudo systemctl reload-or-try-restart dbus

local@ewserv-auth01-prod ~ % dbus-send --system --dest=org.freedesktop.DBus --type=method_call --print-reply /org/freedesktop/DBus org.freedesktop.DBus.ListNames
method return time=1484670876.464901 sender=org.freedesktop.DBus -> destination=:1.17 serial=3 reply_serial=2
   array [
      string "org.freedesktop.DBus"
      string "org.freedesktop.login1"
      string "org.fedorahosted.certmonger"
      string ":1.8"
      string "org.freedesktop.systemd1"
      string "com.redhat.oddjob"
      string "com.redhat.oddjob_mkhomedir"
      string ":1.11"
      string ":1.12"
      string ":1.0"
      string ":1.1"
      string ":1.2"
      string ":1.17"
      string "org.freedesktop.Accounts"
      string ":1.5"
      string ":1.6"
   ]

Revision history for this message
Timo Aaltonen (tjaalton) wrote :

and same for oddjob?

Revision history for this message
Alexander Skwar (alexander-skwar) wrote :

This has helped.

local@ewserv-auth01-prod ~ % sudo systemctl reload-or-try-restart oddjobd

local@ewserv-auth01-prod ~ % dbus-send --system --dest=org.freedesktop.DBus --type=method_call --print-reply /org/freedesktop/DBus org.freedesktop.DBus.ListNames
method return time=1484671935.066180 sender=org.freedesktop.DBus -> destination=:1.22 serial=3 reply_serial=2
   array [
      string "org.freedesktop.DBus"
      string "org.freedesktop.login1"
      string "org.fedorahosted.certmonger"
      string ":1.8"
      string "org.freedesktop.systemd1"
      string ":1.20"
      string "com.redhat.oddjob"
      string "com.redhat.oddjob_mkhomedir"
      string ":1.21"
      string ":1.22"
      string ":1.11"
      string ":1.12"
      string ":1.0"
      string ":1.1"
      string ":1.2"
      string "org.freeipa.server"
      string "org.freedesktop.Accounts"
      string ":1.19"
   ]

Revision history for this message
Timo Aaltonen (tjaalton) wrote :

I see that the rpm packages reload these on postinst, so that needs to be done here too..

Changed in freeipa (Ubuntu):
status: Incomplete → Triaged
Revision history for this message
Timo Aaltonen (tjaalton) wrote :

this is actually better handled in oddjob by adding a dpkg trigger to reload the daemon when config files are installed in /etc/oddjobd.conf.d

affects: freeipa (Ubuntu) → oddjob (Ubuntu)
Revision history for this message
Timo Aaltonen (tjaalton) wrote :

and was actually fixed already in zesty with 0.34.3-3

oddjob (0.34.3-3) unstable; urgency=medium

  * Add a trigger to restart the daemon when packages install files to
    the config directory. (LP: #1657134)

 -- Timo Aaltonen <email address hidden> Wed, 18 Jan 2017 02:32:45 +0200

Changed in oddjob (Ubuntu):
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.