Mauricio Tavares via FreeIPA-users wrote: > So I am trying to add the first ipa client to my test environment. If > I am running ipa-client-install as a root, why is it barking that > > nisdomainname: you must be root to change the domain name > > [root@idm-client1 /]# ipa-client-install --domain example.test > --no-ntp --mkhomedir > This program will set up IPA client. > Version 4.9.12 > > Discovery was successful! > Client hostname: idm-client1.example.test > Realm: EXAMPLE.TEST > DNS Domain: example.test > IPA Server: idm01.example.test > BaseDN: dc=example,dc=test > > Continue to configure the system with these values? [no]: yes > Continue to configure the system with these values? [no]: yes > Skipping chrony configuration > User authorized to enroll computers: admin > Password for ad...@example.test: > Successfully retrieved CA cert > Subject: CN=Certificate Authority,O=EXAMPLE.TEST > Issuer: CN=Certificate Authority,O=EXAMPLE.TEST > Valid From: 2024-02-07 15:25:44 > Valid Until: 2044-02-07 15:25:44 > > Enrolled in IPA realm EXAMPLE.TEST > Created /etc/ipa/default.conf > Configured /etc/sssd/sssd.conf > Systemwide CA database updated. > SSSD enabled > Configured /etc/openldap/ldap.conf > /etc/ssh/ssh_config not found, skipping configuration > /etc/ssh/sshd_config not found, skipping configuration > Configuring example.test as NIS domain. > CalledProcessError(Command ['/bin/systemctl', 'restart', > 'nis-domainname.service'] returned non-zero exit status 1: 'Job for > nis-domainname.service failed because the control process exited with > error code.\nSee "systemctl status nis-domainname.service" and > "journalctl -xe" for details.\n') > The ipa-client-install command failed. See > /var/log/ipaclient-install.log for more information > [root@idm-client1 /]# > > [root@idm-client1 /]# systemctl status nis-domainname.service --full > --no-pager > ● nis-domainname.service - Read and set NIS domainname from > /etc/sysconfig/network > Loaded: loaded (/usr/lib/systemd/system/nis-domainname.service; > enabled; vendor preset: enabled) > Active: failed (Result: exit-code) since Mon 2024-02-12 21:26:58 > UTC; 2min 24s ago > Process: 300 ExecStart=/usr/libexec/hostname/nis-domainname > (code=exited, status=1/FAILURE) > Main PID: 300 (code=exited, status=1/FAILURE) > > Feb 12 21:26:58 idm-client1.example.test systemd[1]: Starting Read and > set NIS domainname from /etc/sysconfig/network... > Feb 12 21:26:58 idm-client1.example.test nis-domainname[301]: > nisdomainname: you must be root to change the domain name > Feb 12 21:26:58 idm-client1.example.test systemd[1]: > nis-domainname.service: Main process exited, code=exited, > status=1/FAILURE > Feb 12 21:26:58 idm-client1.example.test systemd[1]: > nis-domainname.service: Failed with result 'exit-code'. > Feb 12 21:26:58 idm-client1.example.test systemd[1]: Failed to start > Read and set NIS domainname from /etc/sysconfig/network. > [root@idm-client1 /]#
Looks like this message appears on any EPERM failure [1]. Are you running in a container? Any SELinux errors? rob [1] https://github.com/giftnuss/net-tools/blob/master/hostname.c#L75 -- _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
