search

fedora-infra / freeipa-fas

IPA schema extensions for FAS
GNU General Public License v3.0
12 stars 16 forks source link

installing with install.sh fresh #119

Closed ryanlerch closed 4 years ago

ryanlerch commented 4 years ago

After the agreements work was merged, our vagrant setup for noggin (installed via this ansible playbook) fails on the installation of freeipa-fas step with errors (dump at the bottom of issue desc).

After the playbook fails, i can SSH into the vagrant box, and run the following to get things working:

sudo ipactl start
cd /tmp/freeipa-fas/
sudo ./install.sh

Note too that if the vagrant box was installed from before the agreements were added to the master branch, and i manually updated that box to the latest freeipa-fas code, the upgrade works without issue.

Truncated error log:

2020-06-10T01:06:11Z DEBUG Updating ACI for managed permission: System: Add FAS Agreement
2020-06-10T01:06:11Z DEBUG Adding ACI '(targetfilter = "(objectclass=fasagreement)")(version 3.0;acl "permission:System: Add FAS Agreement";allow (add) groupdn = "ldap:///cn=System: Add FA
S Agreement,cn=permissions,cn=pbac,dc=example,dc=com";)' to cn=fasagreements,dc=example,dc=com
2020-06-10T01:06:11Z DEBUG Destroyed connection context.ldap2_139986739119184
2020-06-10T01:06:11Z ERROR Upgrade failed with no such entry
2020-06-10T01:06:11Z DEBUG Traceback (most recent call last):
  File "/usr/lib/python3.7/site-packages/ipapython/ipaldap.py", line 1076, in error_handler
    yield
  File "/usr/lib/python3.7/site-packages/ipapython/ipaldap.py", line 1697, in update_entry
    self.conn.modify_s(str(entry.dn), modlist)
  File "/usr/lib64/python3.7/site-packages/ldap/ldapobject.py", line 629, in modify_s
    return self.modify_ext_s(dn,modlist,None,None)
  File "/usr/lib64/python3.7/site-packages/ldap/ldapobject.py", line 602, in modify_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib64/python3.7/site-packages/ldap/ldapobject.py", line 749, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib64/python3.7/site-packages/ldap/ldapobject.py", line 756, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib64/python3.7/site-packages/ldap/ldapobject.py", line 329, in _ldap_call
    reraise(exc_type, exc_value, exc_traceback)
  File "/usr/lib64/python3.7/site-packages/ldap/compat.py", line 44, in reraise
    raise exc_value
  File "/usr/lib64/python3.7/site-packages/ldap/ldapobject.py", line 313, in _ldap_call
    result = func(*args,**kwargs)
ldap.NO_SUCH_OBJECT: {'desc': 'No such object'}

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3.7/site-packages/ipaserver/install/upgradeinstance.py", line 276, in __upgrade
    self.modified = (ld.update(self.files) or self.modified)
  File "/usr/lib/python3.7/site-packages/ipaserver/install/ldapupdate.py", line 974, in update
    self._run_updates(all_updates)
  File "/usr/lib/python3.7/site-packages/ipaserver/install/ldapupdate.py", line 935, in _run_updates
    self._run_update_plugin(update['plugin'])
  File "/usr/lib/python3.7/site-packages/ipaserver/install/ldapupdate.py", line 910, in _run_update_plugin
    restart_ds, updates = self.api.Updater[plugin_name]()
  File "/usr/lib/python3.7/site-packages/ipalib/frontend.py", line 1479, in __call__
    return self.execute(**options)
  File "/usr/lib/python3.7/site-packages/ipaserver/install/plugins/update_managed_permissions.py", line 381, in execute
    anonymous_read_aci)
  File "/usr/lib/python3.7/site-packages/ipaserver/install/plugins/update_managed_permissions.py", line 484, in update_permission
    permission_plugin.update_aci(entry)
  File "/usr/lib/python3.7/site-packages/ipaserver/plugins/permission.py", line 643, in update_aci
    return self._replace_aci(permission_entry, old_name, new_acistring)
  File "/usr/lib/python3.7/site-packages/ipaserver/plugins/permission.py", line 668, in _replace_aci
    ldap.update_entry(acientry)
  File "/usr/lib/python3.7/site-packages/ipapython/ipaldap.py", line 1697, in update_entry
    self.conn.modify_s(str(entry.dn), modlist)
  File "/usr/lib64/python3.7/contextlib.py", line 130, in __exit__
    self.gen.throw(type, value, traceback)
  File "/usr/lib/python3.7/site-packages/ipapython/ipaldap.py", line 1086, in error_handler
    raise errors.NotFound(reason=arg_desc or 'no such entry')
ipalib.errors.NotFound: no such entry

2020-06-10T01:06:11Z DEBUG Traceback (most recent call last):
  File "/usr/lib/python3.7/site-packages/ipapython/ipaldap.py", line 1076, in error_handler
    yield
  File "/usr/lib/python3.7/site-packages/ipapython/ipaldap.py", line 1697, in update_entry
    self.conn.modify_s(str(entry.dn), modlist)
File "/usr/lib64/python3.7/site-packages/ldap/ldapobject.py", line 629, in modify_s
    return self.modify_ext_s(dn,modlist,None,None)
  File "/usr/lib64/python3.7/site-packages/ldap/ldapobject.py", line 602, in modify_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib64/python3.7/site-packages/ldap/ldapobject.py", line 749, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib64/python3.7/site-packages/ldap/ldapobject.py", line 756, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib64/python3.7/site-packages/ldap/ldapobject.py", line 329, in _ldap_call
    reraise(exc_type, exc_value, exc_traceback)
  File "/usr/lib64/python3.7/site-packages/ldap/compat.py", line 44, in reraise
    raise exc_value
  File "/usr/lib64/python3.7/site-packages/ldap/ldapobject.py", line 313, in _ldap_call
    result = func(*args,**kwargs)
ldap.NO_SUCH_OBJECT: {'desc': 'No such object'}

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3.7/site-packages/ipaserver/install/upgradeinstance.py", line 276, in __upgrade
    self.modified = (ld.update(self.files) or self.modified)
  File "/usr/lib/python3.7/site-packages/ipaserver/install/ldapupdate.py", line 974, in update
    self._run_updates(all_updates)
  File "/usr/lib/python3.7/site-packages/ipaserver/install/ldapupdate.py", line 935, in _run_updates
    self._run_update_plugin(update['plugin'])
  File "/usr/lib/python3.7/site-packages/ipaserver/install/ldapupdate.py", line 910, in _run_update_plugin
    restart_ds, updates = self.api.Updater[plugin_name]()
  File "/usr/lib/python3.7/site-packages/ipalib/frontend.py", line 1479, in __call__
    return self.execute(**options)
  File "/usr/lib/python3.7/site-packages/ipaserver/install/plugins/update_managed_permissions.py", line 381, in execute
    anonymous_read_aci)
  File "/usr/lib/python3.7/site-packages/ipaserver/install/plugins/update_managed_permissions.py", line 484, in update_permission
    permission_plugin.update_aci(entry)
  File "/usr/lib/python3.7/site-packages/ipaserver/plugins/permission.py", line 643, in update_aci
    return self._replace_aci(permission_entry, old_name, new_acistring)
:
  File "/usr/lib/python3.7/site-packages/ipaserver/plugins/permission.py", line 668, in _replace_aci
    ldap.update_entry(acientry)
  File "/usr/lib/python3.7/site-packages/ipapython/ipaldap.py", line 1697, in update_entry
    self.conn.modify_s(str(entry.dn), modlist)
  File "/usr/lib64/python3.7/contextlib.py", line 130, in __exit__
    self.gen.throw(type, value, traceback)
  File "/usr/lib/python3.7/site-packages/ipapython/ipaldap.py", line 1086, in error_handler
    raise errors.NotFound(reason=arg_desc or 'no such entry')
ipalib.errors.NotFound: no such entry

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3.7/site-packages/ipaserver/install/service.py", line 603, in start_creation
    run_step(full_msg, method)
  File "/usr/lib/python3.7/site-packages/ipaserver/install/service.py", line 589, in run_step
    method()
  File "/usr/lib/python3.7/site-packages/ipaserver/install/upgradeinstance.py", line 284, in __upgrade
    raise RuntimeError(e)
RuntimeError: no such entry

2020-06-10T01:06:11Z DEBUG   [error] RuntimeError: no such entry
2020-06-10T01:06:11Z DEBUG   [cleanup]: stopping directory server
2020-06-10T01:06:11Z DEBUG Destroyed connection context.ldap2_139986799362128
tiran commented 4 years ago

What's the platform and FreeIPA version of the box? Is this a brand new installation or an upgrade of an existing installation?

ryanlerch commented 4 years ago

What's the platform and FreeIPA version of the box?

Platform is Fedora-Cloud-Base-Vagrant-31-1.9.x86_64.vagrant-libvirt.box, and freeIPA version is (i believe the latest for f31): freeipa-4.8.6-1.fc31.src.rpm

Is this a brand new installation or an upgrade of an existing installation?

It seems to fail only on the brand new installation. Upgrading from a previously installed version works for me