Project

General

Profile

Bug #29649

Updated by Han Boetes 12 months ago

Running the installer after the upgrade like I always do:

<pre>
env TMP= TMPDIR= foreman-installer \
-v \
--foreman-proxy-log-level=DEBUG \
--enable-foreman-plugin-remote-execution \
--enable-foreman-proxy-plugin-remote-execution-ssh \
--enable-foreman-plugin-dhcp-browser \
--enable-foreman-plugin-remote-execution \
--enable-foreman-proxy-plugin-remote-execution-ssh \
--foreman-ipa-authentication=true \
--foreman-pam-service=foreman \
--foreman-http-keytab=/etc/http.keytab \
--no-enable-foreman-cli-ansible \
--no-enable-foreman-plugin-ansible \
--no-enable-foreman-proxy-plugin-ansible
</pre>

After the upgrade to 2.0 I get

<pre>
Evaluation Error: Error while evaluating a Function Call, theforeman: The system does not seem to be IPA-enrolled (file: /usr/share/foreman-installer/modules/foreman/manifests/config.pp, line: 101, column: 9) on node
</pre>

Which reads:

<pre>
unless 'ipa' in $facts and 'default_server' in $facts['ipa'] and 'default_realm' in $facts['ipa'] {
</pre>

So it tests the output of @facter ipa@. If I do that manually I get no output. digging a bit further this is the code in question: @/etc/puppetlabs/code/modules/ipaclient/lib/facter/ipa_facts.rb@

The important part would be:
<pre>
if File.exist?('/etc/sssd/sssd.conf') && sssd = File.readlines('/etc/sssd/sssd.conf')
sssd.each do |line|
case line
when /^ipa_domain/
Facter.add("ipa_domain") do
has_weight 100
setcode do
line.split("=")[1].strip
end
end
when /^ipa_server/
Facter.add("ipa_server") do
has_weight 100
setcode do
line.split("=")[1].strip
end
end
when /^auth_provider/
Facter.add("ipa_enrolled") do
</pre>

Odd because:

<pre>
root@theforeman ~ # ag '(ipa_domain|ipa_server|auth_provider)' /etc/sssd/sssd.conf |sed -e 's|mycompany.com|example.com|g'
auth_provider = ipa
ipa_domain = example.com
ipa_server = _srv_, gandalf.example.com, olorin.example.com, mithrandir.example.com
ipa_server_mode = false
</pre>

-Seems Seems like I'm barking up the wrong tree, this must be a puppet problem. But please leave it for the moment because other may run into this problem as well.- well.

Back