Natxo Asenjo via FreeIPA-users wrote:
hi,
no, it's without quotes but the rolledback version:
Configuration-Version: 11.4.2
I tried modifiying it to 11.5.0 and ipactl restart, but it does not help (reset it to the proper value 11.4.2 now)
Did the error change when you switched to 11.4.2? You didn't include a new traceback.
rob
On Fri, May 24, 2024 at 5:14 PM Alexander Bokovoy <abokovoy@redhat.com mailto:abokovoy@redhat.com> wrote:
On Fri, 24 May 2024, Natxo Asenjo via FreeIPA-users wrote: >hi, > >after a botched update (https://access.redhat.com/solutions/7065748) and >rolling back the changes, this service will not start: > ># ipactl status >Directory Service: RUNNING >krb5kdc Service: RUNNING >kadmin Service: RUNNING >named Service: RUNNING >httpd Service: RUNNING >ipa-custodia Service: RUNNING >pki-tomcatd Service: STOPPED >smb Service: RUNNING >winbind Service: RUNNING >ipa-otpd Service: RUNNING >ipa-dnskeysyncd Service: RUNNING >1 service(s) are not running > >in journalctl I found this stdout/stderr messages: > > >May 24 11:40:35 kdc1.sub.domain.tld named[27437]: zone sub.domain.tld/IN: >sending notifies (serial 1716543629) >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: ERROR: Unable to >parse version number: "11.5.0" >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: Traceback (most >recent call last): >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: File >"/usr/lib/python3.9/site-packages/pki/server/pkiserver.py", line 41, in ><module> >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: >cli.execute(sys.argv) >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: File >"/usr/lib/python3.9/site-packages/pki/server/cli/__init__.py", line 145, in >execute >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: >super().execute(args) >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: File >"/usr/lib/python3.9/site-packages/pki/cli/__init__.py", line 217, in execute >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: >module.execute(module_args) >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: File >"/usr/lib/python3.9/site-packages/pki/server/cli/upgrade.py", line 144, in >execute >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: self.upgrade( >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: File >"/usr/lib/python3.9/site-packages/pki/server/cli/upgrade.py", line 178, in >upgrade >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: >upgrader.upgrade() >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: File >"/usr/lib/python3.9/site-packages/pki/upgrade.py", line 481, in upgrade >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: versions = >self.versions() >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: File >"/usr/lib/python3.9/site-packages/pki/upgrade.py", line 238, in versions >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: current_version >= self.get_current_version() >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: File >"/usr/lib/python3.9/site-packages/pki/upgrade.py", line 341, in >get_current_version >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: current_version >= self.get_tracker().get_version() >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: File >"/usr/lib/python3.9/site-packages/pki/upgrade.py", line 141, in get_version >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: return >pki.util.Version(version) >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: File >"/usr/lib/python3.9/site-packages/pki/util.py", line 613, in __init__ >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: raise >Exception('Unable to parse version number: %s' % obj) >May 24 11:40:35 kdc1.sub.domain.tld pki-server[27758]: Exception: Unable to >parse version number: "11.5.0" What do you have in /etc/pki/pki.version file? Is it literally # cat /etc/pki/pki.version Configuration-Version: "11.5.0" ? If so, then remove quotes around 11.5.0, they are not expected. >May 24 11:40:35 kdc1.sub.domain.tld systemd[1]: >pki-tomcatd@pki-tomcat.service: Control process exited, code=exited, >status=1/FAILURE >May 24 11:40:35 kdc1.sub.domain.tld systemd[1]: >pki-tomcatd@pki-tomcat.service: Failed with result 'exit-code'. >May 24 11:40:35 kdc1.sub.domain.tld systemd[1]: Failed to start PKI Tomcat >Server pki-tomcat. > >So it seems something is broken on this upgrade script. This is in in >almalinux 9.3 >ipa-server-4.10.2-5.el9_3.alma.1.x86_64 > >I cannot upgrade because I get bitten by the named ldap thing, even though >the versions are newer. > >I will create a replicat to a rhel host but first I need to get the CA up >and running obviously :-). > >Any ideas? > >Thanks! > >-- >regards, > >natxo > >-- >-- >Groeten, >natxo -- / Alexander Bokovoy Sr. Principal Software Engineer Security / Identity Management Engineering Red Hat Limited, Finland
--
Groeten, natxo
-- _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahoste... Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue