Hi list,
as I am currently sorting out our freeipa problems we stumbled across another problem.
After the last reboot of our 2ndary IPA host, we can no longer login into the webui on the 2nd host.
The webui on the first host works.
I've checked some logs but was only able to find meaningful entries in the httpd log which is this:
mod_wsgi (pid=1137): Exception occurred processing WSGI script '/usr/share/ipa/wsgi.py'.
Traceback (most recent call last):
File "/usr/lib/python3.10/site-packages/ipaserver/wsgi.py", line 71, in application
return api.Backend.wsgi_dispatch(environ, start_response)
File "/usr/lib/python3.10/site-packages/ipaserver/rpcserver.py", line 301, in __call__
return self.route(environ, start_response)
File "/usr/lib/python3.10/site-packages/ipaserver/rpcserver.py", line 313, in route
return app(environ, start_response)
File "/usr/lib/python3.10/site-packages/ipaserver/rpcserver.py", line 1066, in __call__
result = attempt_kinit(user_principal, password,
File "/usr/lib/python3.10/site-packages/ipaserver/rpcserver.py", line 996, in attempt_kinit
self.kinit(user_principal, password,
File "/usr/lib/python3.10/site-packages/ipaserver/rpcserver.py", line 1094, in kinit
kinit_armor(
File "/usr/lib/python3.10/site-packages/ipalib/install/kinit.py", line 129, in kinit_armor
run(args, env=env, raiseonerr=True, capture_error=True)
File "/usr/lib/python3.10/site-packages/ipapython/ipautil.py", line 599, in run
raise CalledProcessError(
ipapython.ipautil.CalledProcessError: CalledProcessError(Command ['/usr/bin/kinit', '-n', '-c', '/run/ipa/ccaches/armor_1137', '-X', 'X509_anchors=FILE:/var/kerberos/krb5kdc/kdc.crt', '-X', 'X509_anchors=FILE:/var/lib/ipa-client/pki/kdc-ca-bundle.pem'] returned non-zero exit status 1: 'kinit: Cannot read password while getting initial credentials\\n')