upgrade from xenial multiple crashes

Bug #1703051 reported by tduehr on 2017-07-07
This bug affects 1 person
Affects Status Importance Assigned to Milestone
freeipa (Ubuntu)

Bug Description

upgrading FreeIPA from xenial to yakkity or directly to zesty breaks in several spots.

/etc/pki/pki.version has an invalid version (10.2.6+git20160317) in xenial

changing this to 10.2.6 gets past this error.

default port for nss in apache starting in yakkety is 8443. Conflicts with pki-tomcat if maintainer version of config file is installed.

/<email address hidden> and /etc/systemd/system/apache2.service.d/ipa.conf reference files in /usr/libexec which doesn't exist. The files are installed at /usr/lib. Linking /usr/libexec to /usr/lib works around this.

GssapiDelegCcacheUnique is not available in the version of mod-auth-gssapi available on yakkity. It is available in zesty.

in yakkety the jaxrs jar changed names.
ln -sf /usr/share/java/javax.ws.rs-api.jar /usr/share/java/jaxrs-api.jar
yakkety was missing the dependency libscannotation-java

ipa-server-upgrade crashes if freeipa-server-trust-ad isn't installed

  File "/usr/lib/python2.7/dist-packages/ipaserver/install/server/upgrade.py", line 49, in <module>
    from ipaserver.install import adtrustinstance
ImportError: cannot import name adtrustinstance

after fixing these, upgrading from xenial directly to the zesty version seems to work. Upgrding to yakkity may work as well but I haven't tested it since sorting out the libexec bug.

tduehr (tduehr) wrote :

Additionally, upgrading opendnssec from 1.4.9 in Xenial directly to 2.0.3 in Zesty is not supported by opendnssec. Migration to 2.0.x+ is only supported from 1.4.10+.

Timo Aaltonen (tjaalton) wrote :

all these should be fixed in the latest package in eoan, or likely already in bionic

Changed in freeipa (Ubuntu):
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers