hi,
indeed, sorry.
# cat /etc/pki/pki.version │ Configuration-Version: 11.5.0
# ipactl restart Restarting Directory Service Restarting krb5kdc Service Restarting kadmin Service Restarting named Service Restarting httpd Service Restarting ipa-custodia Service Restarting pki-tomcatd Service Restarting smb Service Restarting winbind Service Restarting ipa-otpd Service Restarting ipa-dnskeysyncd Service ipa: INFO: The ipactl command was successful
]# ipactl status Directory Service: RUNNING krb5kdc Service: RUNNING kadmin Service: RUNNING named Service: RUNNING httpd Service: RUNNING ipa-custodia Service: RUNNING pki-tomcatd Service: STOPPED smb Service: RUNNING winbind Service: RUNNING ipa-otpd Service: RUNNING ipa-dnskeysyncd Service: RUNNING 1 service(s) are not running
May 29 12:12:34 kdc.sub.domain.tld systemd[1]: Starting PKI Tomcat Server pki-tomcat... May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]: ERROR: Unable to parse version number: "11.5.0" May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]: Traceback (most recent call last): May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]: File "/usr/lib/python3.9/site-packages/pki/server/pkiserver.py", line 41, in <module> May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]: cli.execute(sys.argv) May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]: File "/usr/lib/python3.9/site-packages/pki/server/cli/__init__.py", line 145, in execute May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]: super().execute(args) May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]: File "/usr/lib/python3.9/site-packages/pki/cli/__init__.py", line 217, in execute May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]: module.execute(module_args) May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]: File "/usr/lib/python3.9/site-packages/pki/server/cli/upgrade.py", line 144, in execute May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]: self.upgrade( May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]: File "/usr/lib/python3.9/site-packages/pki/server/cli/upgrade.py", line 178, in upgrade May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]: upgrader.upgrade() May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]: File "/usr/lib/python3.9/site-packages/pki/upgrade.py", line 481, in upgrade May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]: versions = self.versions() May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]: File "/usr/lib/python3.9/site-packages/pki/upgrade.py", line 238, in versions May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]: current_version = self.get_current_version() May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]: File "/usr/lib/python3.9/site-packages/pki/upgrade.py", line 341, in get_current_version May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]: current_version = self.get_tracker().get_version() May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]: File "/usr/lib/python3.9/site-packages/pki/upgrade.py", line 141, in get_version May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]: return pki.util.Version(version) May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]: File "/usr/lib/python3.9/site-packages/pki/util.py", line 613, in __init__ May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]: raise Exception('Unable to parse version number: %s' % obj) May 29 12:12:35 kdc.sub.domain.tld pki-server[36733]: Exception: Unable to parse version number: "11.5.0"
If I revert it to 11.4.2, so it looks as though it is not reading this file for getting this information.
# cat /etc/pki/pki.version Configuration-Version: 11.4.2
# ipactl restart Restarting Directory Service Restarting krb5kdc Service Restarting kadmin Service Restarting named Service Restarting httpd Service Restarting ipa-custodia Service Restarting pki-tomcatd Service Restarting smb Service Restarting winbind Service Restarting ipa-otpd Service Restarting ipa-dnskeysyncd Service ipa: INFO: The ipactl command was successful
# ipactl status Directory Service: RUNNING krb5kdc Service: RUNNING kadmin Service: RUNNING named Service: RUNNING httpd Service: RUNNING ipa-custodia Service: RUNNING pki-tomcatd Service: STOPPED smb Service: RUNNING winbind Service: RUNNING ipa-otpd Service: RUNNING ipa-dnskeysyncd Service: RUNNING 1 service(s) are not running
May 29 12:17:08 kdc.sub.domain.tld systemd[1]: Starting PKI Tomcat Server pki-tomcat... May 29 12:17:08 kdc.sub.domain.tld pki-server[37297]: ERROR: Unable to parse version number: "11.5.0"
Strange.
On Tue, May 28, 2024 at 7:35 PM Rob Crittenden rcritten@redhat.com wrote:
Natxo Asenjo via FreeIPA-users wrote:
hi,
no, it's without quotes but the rolledback version:
Configuration-Version: 11.4.2
I tried modifiying it to 11.5.0 and ipactl restart, but it does not help (reset it to the proper value 11.4.2 now)
Did the error change when you switched to 11.4.2? You didn't include a new traceback.
rob
On Fri, May 24, 2024 at 5:14 PM Alexander Bokovoy <abokovoy@redhat.com mailto:abokovoy@redhat.com> wrote:
On Fri, 24 May 2024, Natxo Asenjo via FreeIPA-users wrote: >hi, > >after a botched update (https://access.redhat.com/solutions/7065748) and >rolling back the changes, this service will not start: > ># ipactl status >Directory Service: RUNNING >krb5kdc Service: RUNNING >kadmin Service: RUNNING >named Service: RUNNING >httpd Service: RUNNING >ipa-custodia Service: RUNNING >pki-tomcatd Service: STOPPED >smb Service: RUNNING >winbind Service: RUNNING >ipa-otpd Service: RUNNING >ipa-dnskeysyncd Service: RUNNING >1 service(s) are not running > >in journalctl I found this stdout/stderr messages: > > >May 24 11:40:35 kdc1.sub.domain.tld named[27437]: zone sub.domain.tld/IN: >sending notifies (serial 1716543629) >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: ERROR:
Unable to
>parse version number: "11.5.0" >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: Traceback
(most
>recent call last): >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: File >"/usr/lib/python3.9/site-packages/pki/server/pkiserver.py", line
41, in
><module> >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: >cli.execute(sys.argv) >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: File >"/usr/lib/python3.9/site-packages/pki/server/cli/__init__.py", line 145, in >execute >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: >super().execute(args) >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: File >"/usr/lib/python3.9/site-packages/pki/cli/__init__.py", line 217, in execute >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: >module.execute(module_args) >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: File >"/usr/lib/python3.9/site-packages/pki/server/cli/upgrade.py", line 144, in >execute >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: self.upgrade( >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: File >"/usr/lib/python3.9/site-packages/pki/server/cli/upgrade.py", line 178, in >upgrade >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: >upgrader.upgrade() >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: File >"/usr/lib/python3.9/site-packages/pki/upgrade.py", line 481, in
upgrade
>May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: versions
=
>self.versions() >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: File >"/usr/lib/python3.9/site-packages/pki/upgrade.py", line 238, in versions >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: current_version >= self.get_current_version() >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: File >"/usr/lib/python3.9/site-packages/pki/upgrade.py", line 341, in >get_current_version >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: current_version >= self.get_tracker().get_version() >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: File >"/usr/lib/python3.9/site-packages/pki/upgrade.py", line 141, in get_version >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: return >pki.util.Version(version) >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: File >"/usr/lib/python3.9/site-packages/pki/util.py", line 613, in
__init__
>May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: raise >Exception('Unable to parse version number: %s' % obj) >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: Exception: Unable to >parse version number: "11.5.0" What do you have in /etc/pki/pki.version file? Is it literally # cat /etc/pki/pki.version Configuration-Version: "11.5.0" ? If so, then remove quotes around 11.5.0, they are not expected. >May 24 11:40:35 kdc1.sub.domain.tld systemd[1]: >pki-tomcatd@pki-tomcat.service: Control process exited,
code=exited,
>status=1/FAILURE >May 24 11:40:35 kdc1.sub.domain.tld systemd[1]: >pki-tomcatd@pki-tomcat.service: Failed with result 'exit-code'. >May 24 11:40:35 kdc1.sub.domain.tld systemd[1]: Failed to start PKI Tomcat >Server pki-tomcat. > >So it seems something is broken on this upgrade script. This is in
in
>almalinux 9.3 >ipa-server-4.10.2-5.el9_3.alma.1.x86_64 > >I cannot upgrade because I get bitten by the named ldap thing, even though >the versions are newer. > >I will create a replicat to a rhel host but first I need to get the CA up >and running obviously :-). > >Any ideas? > >Thanks! > >-- >regards, > >natxo > >-- >-- >Groeten, >natxo -- / Alexander Bokovoy Sr. Principal Software Engineer Security / Identity Management Engineering Red Hat Limited, Finland
--
Groeten, natxo
-- _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to
freeipa-users-leave@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahoste...
Do not reply to spam, report it: