mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-02-25 18:55:28 -06:00
c0e63429b3
The output from pki-spawn is already displayed to the user as well as a short traceback so re-displaying the CalledProcess error provides no value and only provokes confusion, particularly because it is condensed and includes embedded newlines. Re-raise the exception from None so that the traceback is removed and while there is still an immense traceback from the admintool class it is significantly shorter than before and removes: "During handling of the above exception, another exception occurred" The handling is in fact expected. This changes the user-facing installer output from: [1/28]: configuring certificate server instance Failed to configure CA instance: CalledProcessError(Command ['/usr/sbin/pkispawn', '-s', 'CA', '-f', '/tmp/tmpr5x2l0gm', '--debug'] returned non-zero exit status 1: 'INFO: Connecting to LDAP server at ldap://ipa.example.test:389\nINFO: Connecting to LDAP server at ldap://ipa.example.test:389\nDEBUG: Installing Maven dependencies: False\nERROR: KeyError: \'CA\'\n File "/usr/lib/python3.9/site-packages/pki/server/pkispawn.py", line 575, in main\n raise KeyError(\'CA\')\n\n') See the installation logs and the following files/directories for more information: /var/log/pki/pki-tomcat [error] RuntimeError: CA configuration failed. CA configuration failed. The ipa-server-install command failed. See /var/log/ipaserver-install.log for more information to [1/28]: configuring certificate server instance Failed to configure CA instance See the installation logs and the following files/directories for more information: /var/log/pki/pki-tomcat [error] RuntimeError: CA configuration failed. CA configuration failed. The ipa-server-install command failed. See /var/log/ipaserver-install.log for more information The output is similarly reduced in the installer log. There is no reason to acknowledge that a CalledProcessError was raised since the output is already available and it's just an intermediary. Hopefully this will encourage users to focus on the logs rather than the malformed traceback. https://pagure.io/freeipa/issue/8565 Signed-off-by: Rob Crittenden <rcritten@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com> Reviewed-By: Florence Blanc-Renaud <flo@redhat.com> |
||
|---|---|---|
| .copr | ||
| .github | ||
| asn1 | ||
| client | ||
| contrib | ||
| daemons | ||
| doc | ||
| init | ||
| install | ||
| ipaclient | ||
| ipalib | ||
| ipaplatform | ||
| ipapython | ||
| ipaserver | ||
| ipasphinx | ||
| ipatests | ||
| po | ||
| pypi | ||
| selinux | ||
| util | ||
| .freeipa-pr-ci.yaml | ||
| .git-commit-template | ||
| .gitignore | ||
| .lgtm.yml | ||
| .mailmap | ||
| .tox-install.sh | ||
| .wheelconstraints.in | ||
| ACI.txt | ||
| API.txt | ||
| autogen.sh | ||
| BUILD.txt | ||
| CODE_OF_CONDUCT.md | ||
| configure.ac | ||
| Contributors.txt | ||
| COPYING | ||
| COPYING.openssl | ||
| freeipa.doap.rdf | ||
| freeipa.spec.in | ||
| ipa.in | ||
| ipasetup.py.in | ||
| make-doc | ||
| make-test | ||
| makeaci.in | ||
| makeapi.in | ||
| Makefile.am | ||
| Makefile.python.am | ||
| Makefile.pythonscripts.am | ||
| makerpms.sh | ||
| pylint_plugins.py | ||
| pylintrc | ||
| README.md | ||
| server.m4 | ||
| tox.ini | ||
| VERSION.m4 | ||
FreeIPA Server
FreeIPA allows Linux administrators to centrally manage identity, authentication and access control aspects of Linux and UNIX systems by providing simple to install and use command line and web based management tools.
FreeIPA is built on top of well known Open Source components and standard protocols with a very strong focus on ease of management and automation of installation and configuration tasks.
FreeIPA can seamlessly integrate into an Active Directory environment via cross-realm Kerberos trust or user synchronization.
Benefits
FreeIPA:
- Allows all your users to access all the machines with the same credentials and security settings
- Allows users to access personal files transparently from any machine in an authenticated and secure way
- Uses an advanced grouping mechanism to restrict network access to services and files only to specific users
- Allows central management of security mechanisms like passwords, SSH Public Keys, SUDO rules, Keytabs, Access Control Rules
- Enables delegation of selected administrative tasks to other power users
- Integrates into Active Directory environments
Components
The FreeIPA project provides unified installation and management tools for the following components:
- LDAP Server - based on the 389 project
- KDC - based on MIT Kerberos implementation
- PKI based on Dogtag project
- Samba libraries for Active Directory integration
- DNS Server based on BIND and the Bind-DynDB-LDAP plugin
Project Website
Releases, announcements and other information can be found on the IPA server project page at http://www.freeipa.org/ .
Documentation
The most up-to-date documentation can be found at http://freeipa.org/page/Documentation .
Quick Start
To get started quickly, start here: http://www.freeipa.org/page/Quick_Start_Guide
For developers
- Building FreeIPA from source
- http://www.freeipa.org/page/Build
- See the BUILD.txt file in the source root directory
Licensing
Please see the file called COPYING.
Contacts
- If you want to be informed about new code releases, bug fixes, security fixes, general news and information about the IPA server subscribe to the freeipa-announce mailing list at https://www.redhat.com/mailman/listinfo/freeipa-interest/ .
- If you have a bug report please submit it at: https://pagure.io/freeipa/issues
- If you want to participate in actively developing IPA please subscribe to the freeipa-devel mailing list at https://lists.fedoraproject.org/archives/list/freeipa-devel@lists.fedorahosted.org/ or join us in IRC at irc://irc.freenode.net/freeipa