[Freeipa-devel] [PATCH] Patch to allow IPA to work with dogtag 10 on f18
Ade Lee
alee at redhat.com
Mon Sep 17 14:25:22 UTC 2012
On Mon, 2012-09-17 at 14:32 +0200, Petr Viktorin wrote:
> On 09/14/2012 11:19 PM, Rob Crittenden wrote:
> > Petr Viktorin wrote:
> >> On 09/12/2012 06:40 PM, Petr Viktorin wrote:
> >>> A new Dogtag build with changed pkispawn/pkidestroy locations should be
> >>> out later today. The attached patch should work with that build.
> >
> > Fresh install is failing in F-18.
> >
> > ki-tools-10.0.0-0.33.a1.20120914T0536zgit69c0684.fc18.i686
> > pki-base-10.0.0-0.33.a1.20120914T0536zgit69c0684.fc18.noarch
> > pki-server-10.0.0-0.33.a1.20120914T0536zgit69c0684.fc18.noarch
> > pki-silent-10.0.0-0.33.a1.20120914T0536zgit69c0684.fc18.noarch
> > pki-symkey-9.0.21-1.fc18.x86_64
> > dogtag-pki-ca-theme-10.0.0-0.1.a1.20120914T0604zgit69c0684.fc18.noarch
> > pki-selinux-10.0.0-0.33.a1.20120914T0536zgit69c0684.fc18.noarch
> > pki-ca-10.0.0-0.33.a1.20120914T0536zgit69c0684.fc18.noarch
> > pki-setup-9.0.21-1.fc18.noarch
> >
> >
> > rob
> >
> >
>
> Ade, your patch adds a step of moving
> /var/lib/pki/pki-tomcat/alias/ca_admin_cert.p12 to /root/ca-agent.p12
> right after calling pkispawn.
> It seems the file is not created on f18. Did something change in Dogtag
> or are we calling it incorrectly?
>
The failure of that step often indicates a failure of the previous
configure() step. That is - moving that file fails because it was not
created, because configuration fails.
Rob's logs seem to indicate some kind of classpath issue with the jython
code in pkispawn which calls configure() on the server. I set up an f18
machine and was able to configure an instance (outside of IPA) Will now
try with the ipa code (and your patches) to see if I can reproduce.
Ade
>
More information about the Freeipa-devel
mailing list