search

abbra / freeipa

Mirror of FreeIPA, an integrated security information management solution
http://www.freeipa.org
GNU General Public License v3.0
2 stars 1 forks source link

when running GC uninstall manually it succeeds but does not fully clean up the tree #57

Closed abbra closed 3 years ago

abbra commented 3 years ago

If I manually remove the GC instance setup

[root@master ~]# ipa -e in_server=True console
(Custom IPA interactive Python console)
    api: IPA API object
    pp: pretty printer
>>> from ipaserver.install.gc import uninstall
>>> from ipalib import sysrestore
>>> from ipaplatform.paths import paths
>>> uninstall(sysrestore.FileStore(paths.SYSRESTORE))
>>>

and attempt to re-run ipa-adtrust-install again, then it fails at the configuration of one of GC steps:

Configuring global catalog server (globalcatalog)
  [1/20]: creating global catalog instance
  [2/20]: Enable objectGUID generator
  [3/20]: stopping global catalog
  [4/20]: updating configuration in dse.ldif
  [5/20]: starting global catalog
  [6/20]: adding default schema
  [7/20]: creating indices
  [8/20]: add global catalog service principal aliases
  [error] AlreadyContainsValueError: 'krbprincipalname' already contains one or more values
Unexpected error - see /var/log/ipaserver-adtrust-install.log for details:
AlreadyContainsValueError: 'krbprincipalname' already contains one or more values

2020-10-15T14:20:45Z DEBUG trust_find(None, sizelimit=0, all=False, raw=False, version='2.239', pkey_only=False)
2020-10-15T14:20:45Z DEBUG Traceback (most recent call last):
  File "/usr/lib/python3.8/site-packages/ipaserver/install/service.py", line 626, in start_creation
    run_step(full_msg, method)
  File "/usr/lib/python3.8/site-packages/ipaserver/install/service.py", line 612, in run_step
    method()
  File "/usr/lib/python3.8/site-packages/ipaserver/install/gcinstance.py", line 706, in __add_service_alias
    api.Command.service_add_principal(
  File "/usr/lib/python3.8/site-packages/ipalib/frontend.py", line 471, in __call__
    return self.__do_call(*args, **options)
  File "/usr/lib/python3.8/site-packages/ipalib/frontend.py", line 499, in __do_call
    ret = self.run(*args, **options)
  File "/usr/lib/python3.8/site-packages/ipalib/frontend.py", line 821, in run
    return self.execute(*args, **options)
  File "/usr/lib/python3.8/site-packages/ipaserver/plugins/baseldap.py", line 2396, in execute
    self._update_attrs(update, entry_attrs)
  File "/usr/lib/python3.8/site-packages/ipaserver/plugins/baseldap.py", line 2446, in _update_attrs
    raise errors.AlreadyContainsValueError(attr=name)
ipalib.errors.AlreadyContainsValueError: 'krbprincipalname' already contains one or more values

2020-10-15T14:20:45Z DEBUG   [error] AlreadyContainsValueError: 'krbprincipalname' already contains one or more values
2020-10-15T14:20:45Z DEBUG   File "/usr/lib/python3.8/site-packages/ipaserver/install/installutils.py", line 774, in run_script
    return_value = main_function()

  File "/usr/sbin/ipa-adtrust-install", line 228, in main
    gc.install(True, api, fstore, options)

  File "/usr/lib/python3.8/site-packages/ipaserver/install/gc.py", line 128, in install
    gc.create_instance(api.env.realm, api.env.host, api.env.domain,

  File "/usr/lib/python3.8/site-packages/ipaserver/install/gcinstance.py", line 273, in create_instance
    self.start_creation()

  File "/usr/lib/python3.8/site-packages/ipaserver/install/service.py", line 626, in start_creation
    run_step(full_msg, method)

  File "/usr/lib/python3.8/site-packages/ipaserver/install/service.py", line 612, in run_step
    method()

  File "/usr/lib/python3.8/site-packages/ipaserver/install/gcinstance.py", line 706, in __add_service_alias
    api.Command.service_add_principal(

  File "/usr/lib/python3.8/site-packages/ipalib/frontend.py", line 471, in __call__
    return self.__do_call(*args, **options)

  File "/usr/lib/python3.8/site-packages/ipalib/frontend.py", line 499, in __do_call
    ret = self.run(*args, **options)

  File "/usr/lib/python3.8/site-packages/ipalib/frontend.py", line 821, in run
    return self.execute(*args, **options)

  File "/usr/lib/python3.8/site-packages/ipaserver/plugins/baseldap.py", line 2396, in execute
    self._update_attrs(update, entry_attrs)

  File "/usr/lib/python3.8/site-packages/ipaserver/plugins/baseldap.py", line 2446, in _update_attrs
    raise errors.AlreadyContainsValueError(attr=name)

2020-10-15T14:20:45Z DEBUG The ipa-adtrust-install command failed, exception: AlreadyContainsValueError: 'krbprincipalname' already contains one or more values
flo-renaud commented 3 years ago

Potential fix in PR https://github.com/abbra/freeipa/pull/58