Package Base Details: freeipa

Git Clone URL: https://aur.archlinux.org/freeipa.git (read-only)
Submitter: chenxiaolong
Maintainer: grubber
Last Packager: grubber
Votes: 10
Popularity: 0.055220
First Submitted: 2012-11-15 23:50
Last Updated: 2017-01-12 17:46

Latest Comments

seberm commented on 2016-12-19 11:50

Please add missing build dependency - dbus-glib package must be installed.

Thanks!

Lompik commented on 2016-09-03 13:38

I tested version 4.4. Overall it seems to work. Thanks for bundling this.

There is still an issue domainname service which doesn't exist on Arch. The error is " Command '/bin/systemctl restart domainname.service' returned non-zero exit status 5". That will fail the ipa-client-install script but most things seems functional after that.

Also, dependency of python-ipalib and python-ipaclient aren't discovered automatically by yaourt when building but I guess this is not your problem.

grubber commented on 2016-06-28 05:24

Lompik, thanks for the report. My plan is to update the package to 4.4 once it's released (should be this week), as there are multiple portability improvements.

Lompik commented on 2016-06-07 14:13

I had two fatal errors testing the WIP ipa-client-install(4.2.3):

- Arch does not have a systemd domainname service (see https://fedorahosted.org/releases/i/n/initscripts/initscripts-9.66.tar.bz2 for feodra's one):
> subprocess.CalledProcessError: Command ''/bin/systemctl' 'restart' 'domainname.service'' returned non-zero exit status

- issue with sshd service definition (get_config_dir() returns none instead of '/etc/sshd'):

> File "/usr/bin/ipa-client-install", line 1202, in configure_sssd_conf
> ssh_dir = services.knownservices.sshd.get_config_dir()

my fix was to replace archlinux_service_class_factory :

#def archlinux_service_class_factory(name):
# return ArchLinuxService(name)
from ipaplatform.redhat import services as redhat_services
def archlinux_service_class_factory(name):
return redhat_services.redhat_service_class_factory(name)

revellion commented on 2016-05-26 13:40

I'll give it a test and see if it works and report back.

grubber commented on 2016-05-19 17:39

I was waiting on some more reviews of the WIP package below before pushing it, but there weren't any. Does the WIP package work for you?

revellion commented on 2016-05-16 14:25

Any update on this package?. Or is it orphaned?

grubber commented on 2016-01-06 19:38

Hi qrkourier, thanks for testing, could you please upload /var/log/ipaclient-install.log for me somewhere?

Anyway, I have update the source package at: https://dl.dropboxusercontent.com/u/464637/freeipa-4.2.3-1.src.tar.gz

qrkourier commented on 2016-01-05 23:44

After installing package groups "base" and "base-devel" and packages "openssh" and "subversion" I was able to satisfy the dependencies of AUR package "freeipa" by building and installing additional AUR packages "python2-kerberos", "python2-krbv", "python2-nss", "certmonger", "oddjob", and "pam-krb5" in Antergos Linux release 2015.12 (ISO-Rolling).

Still, while executing "$ ipa-client-install" I encountered an error that resulted in automatic rollback of the client's changes:

$ sudo ipa-client-install
<...snip...>
Created /etc/ipa/default.conf
New SSSD config will be created
Configured /etc/sssd/sssd.conf
Failed to add CA to the default NSS database.
Installation failed. Rolling back changes.
messagebus failed to start: Command '/usr/bin/systemctl start messagebus.service' returned non-zero exit status 6
Unenrolling client from IPA server
Removing Kerberos service principals from /etc/krb5.keytab
Disabling client Kerberos and LDAP configurations
Failed to remove krb5/LDAP configuration:
$

# I rebooted at this point in case changing the local hostname to an FQDN matching the realm name had somehow hosed the system

$ sudo ipa-client-install --uninstall
messagebus failed to start: Command '/usr/bin/systemctl start messagebus.service' returned non-zero exit status 6
Unenrolling client from IPA server
Unenrolling host failed: Error obtaining initial credentials: Key table entry not found.

Removing Kerberos service principals from /etc/krb5.keytab
Failed to remove Kerberos service principals: Command '/usr/sbin/ipa-rmkeytab -k /etc/krb5.keytab -r EXAMPLE.COM' returned non-zero exit status 5
Disabling client Kerberos and LDAP configurations
Failed to remove krb5/LDAP configuration:
$

# It's not clear how to unfuzz this situation.

grubber commented on 2015-12-22 09:16

Hi Dimitrije, thanks for testing!

Yes, there are indeed some AUR-only dependencies. The only dependency that is not available in the required minimal version in AUR is certmonger though. I have already notified the maintainer to update the package some time ago.

All comments