Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1208574 - not able to run rolekit on fresh f22 server ppc64le image installed
Summary: not able to run rolekit on fresh f22 server ppc64le image installed
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Fedora
Classification: Fedora
Component: rolekit
Version: 22
Hardware: ppc64le
OS: Linux
unspecified
unspecified
Target Milestone: ---
Assignee: Thomas Woerner
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: F-ExcludeArch-ppc64le, PPC64LETracker F22PPCBeta
TreeView+ depends on / blocked
 
Reported: 2015-04-02 14:46 UTC by Menanteau Guy
Modified: 2015-04-09 15:22 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-04-09 15:22:48 UTC


Attachments (Terms of Use)

Description Menanteau Guy 2015-04-02 14:46:44 UTC
I am trying to test 
https://fedoraproject.org/wiki/QA:Testcase_realmd_join_kickstart
on f22 ppc64le server Alpha image
https://dl.fedoraproject.org/pub/fedora-secondary/releases/test/22_Alpha/Server/

After checking rolekit package is installed, I tried to run a
rolectl deploy command.
This rolectl command failed reporting in traces that pki-ca package is needed but not installed.

I suspect this pki-ca package must be part of a server image as rolekit it is.
If I install pki-ca and then run again a rolectl I have the same problem with mod_nss package missing.

Comment 1 Stephen Gallagher 2015-04-02 15:09:08 UTC
Can you provide more information. I'm guessing that you attempted to do a domain controller deployment, which should have installed the necessary packages. It's possible that FreeIPA isn't supported on ppc64le fully yet.

Comment 2 Dan Horák 2015-04-03 12:07:29 UTC
Fedora for ppc64/ppc64le should be fairly complete, so we will retest with the latest F22 Beta.

Comment 3 Jakub Čajka 2015-04-09 14:59:12 UTC
"
rolekit deploy databaseserver
Deployment can take a long time. To monitor the progress, run 
journalctl -ef -u rolekit
Error: INVALID_VALUE: Database name unset
"

"journactl -ef -u rolekit" output(time-stamp and host-name omitted):

"
roled[3529]: 2015-04-09 15:56:01 ERROR: warning: /var/cache/dnf/ppc64le/22/fedora/packages/postgresql-server-9.4.1-1.fc22.ppc64le.rpm: Header V3 RSA/SHA1 Signature, key ID a29cb19c: NOKEY
roled[3529]: 2015-04-09 15:56:03 ERROR: Importing GPG key 0xA29CB19C:
roled[3529]: 2015-04-09 15:56:03 ERROR:  Userid     : "Fedora Secondary (22) <fedora@fedoraproject.org>"
roled[3529]: 2015-04-09 15:56:03 ERROR:  Fingerprint: B467 FA46 E2CE 5FAC 3499 10C2 D8D1 FA8C A29C B19C
roled[3529]: 2015-04-09 15:56:03 ERROR:  From       : /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-22-ppc64le
groupadd[3957]: group added to /etc/group: name=postgres, GID=26
groupadd[3957]: group added to /etc/gshadow: name=postgres
groupadd[3957]: new group: name=postgres, GID=26
useradd[3961]: new user: name=postgres, UID=26, GID=26, home=/var/lib/pgsql, shell=/bin/bash
roled[3529]: 2015-04-09 15:56:10 ERROR: <class 'rolekit.errors.RolekitError'>: INVALID_VALUE: Database name unset
"

"
rolekit deploy domaincontroler
Deployment can take a long time. To monitor the progress, run 
journalctl -ef -u rolekit
Error: INVALID_VALUE: admin_password unset
"

"journactl -ef -u rolekit" output(time-stamp and host-name omitted):

"
systemd[1]: Started rolekit - role server.
groupadd[4618]: group added to /etc/group: name=pkcs11, GID=990
groupadd[4618]: group added to /etc/gshadow: name=pkcs11
groupadd[4618]: new group: name=pkcs11, GID=990
groupadd[4625]: group added to /etc/group: name=ods, GID=989
groupadd[4625]: group added to /etc/gshadow: name=ods
groupadd[4625]: new group: name=ods, GID=989
useradd[4630]: new user: name=ods, UID=992, GID=989, home=//var/lib/softhsm, shell=/sbin/nologin
groupadd[4685]: group added to /etc/group: name=named, GID=25
groupadd[4685]: group added to /etc/gshadow: name=named
groupadd[4685]: new group: name=named, GID=25
useradd[4689]: new user: name=named, UID=25, GID=25, home=/var/named, shell=/sbin/nologin
groupadd[4747]: group added to /etc/group: name=tomcat, GID=91
groupadd[4747]: group added to /etc/gshadow: name=tomcat
groupadd[4747]: new group: name=tomcat, GID=91
useradd[4751]: new user: name=tomcat, UID=91, GID=91, home=/usr/share/tomcat, shell=/bin/nologin
groupadd[4777]: group added to /etc/group: name=cgred, GID=988
groupadd[4777]: group added to /etc/gshadow: name=cgred
groupadd[4777]: new group: name=cgred, GID=988
useradd[4851]: new group: name=apache, GID=48
useradd[4851]: new user: name=apache, UID=48, GID=48, home=/usr/share/httpd, shell=/sbin/nologin
useradd[4857]: failed adding user 'apache', exit code: 9
groupadd[4950]: group added to /etc/group: name=memcached, GID=987
groupadd[4950]: group added to /etc/gshadow: name=memcached
groupadd[4950]: new group: name=memcached, GID=987
useradd[4955]: new user: name=memcached, UID=991, GID=987, home=/run/memcached, shell=/sbin/nologin
roled[4555]: 2015-04-09 16:01:32 ERROR: <class 'rolekit.errors.RolekitError'>: INVALID_VALUE: admin_password unset
"

No packages seem to be missing with Beta_TC2 DVD install(disabled updates-testing repo as in test case) as postgres and freeipa-server are installed. Failure seems to me to be caused by not providing config(DB role passes with config). Is it correct assumption/expected behavior?( failures are the same on x86)

Comment 4 Stephen Gallagher 2015-04-09 15:22:48 UTC
This is expected behavior. See the manpages: rolekit.roles.databaseserver(5) and rolekit.roles.domaincontroller(5) for the mandatory arguments. These need to be put in a JSON file and loaded by passing --settings-file=/path/to/settings.json on the rolectl command line.


Note You need to log in before you can comment on or make changes to this bug.