looks like this will allow you to finish the installation, but with bind9-pkcs11 in failed status:
root@cw-ipa0:~# journalctl -xe Apr 21 09:52:44 cw-ipa0.ipa.catawiki.net named-pkcs11[21389]: ---------------------------------------------------- Apr 21 09:52:44 cw-ipa0.ipa.catawiki.net named-pkcs11[21389]: adjusted limit on open files from 4096 to 1048576 Apr 21 09:52:44 cw-ipa0.ipa.catawiki.net named-pkcs11[21389]: found 2 CPUs, using 2 worker threads Apr 21 09:52:44 cw-ipa0.ipa.catawiki.net named-pkcs11[21389]: using 2 UDP listeners per interface Apr 21 09:52:44 cw-ipa0.ipa.catawiki.net named-pkcs11[21389]: using up to 4096 sockets Apr 21 09:52:44 cw-ipa0.ipa.catawiki.net named-pkcs11[21389]: initializing DST: no PKCS#11 provider Apr 21 09:52:44 cw-ipa0.ipa.catawiki.net named-pkcs11[21389]: exiting (due to fatal error) Apr 21 09:52:44 cw-ipa0.ipa.catawiki.net rndc[21395]: rndc: connect failed: 127.0.0.1#953: connection refused Apr 21 09:52:44 cw-ipa0.ipa.catawiki.net audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=bind9-pk Apr 21 09:52:44 cw-ipa0.ipa.catawiki.net audispd[488]: type=SERVICE_STOP msg=audit(1492761164.380:1635): pid=1 uid=0 auid=429 Apr 21 09:52:44 cw-ipa0.ipa.catawiki.net systemd[1]: bind9-pkcs11.service: Control process exited, code=exited status=1 Apr 21 09:52:44 cw-ipa0.ipa.catawiki.net systemd[1]: bind9-pkcs11.service: Unit entered failed state. Apr 21 09:52:44 cw-ipa0.ipa.catawiki.net systemd[1]: bind9-pkcs11.service: Failed with result 'exit-code'. -- You received this bug notification because you are a member of FreeIPA, which is subscribed to freeipa in Ubuntu. https://bugs.launchpad.net/bugs/1677139 Title: pkcs11 setup needs fixes for SoftHSM 2.2 Status in freeipa package in Ubuntu: Confirmed Status in freeipa source package in Zesty: Confirmed Status in freeipa source package in Artful: Confirmed Bug description: [Impact] https://pagure.io/freeipa/issue/6692 SoftHSM 2.2 broke freeipa DNS integration. [Test case] Install ipa server with 'ipa-server-install --setup-dns'. [Regression potential] The patch touches only the pkcs11 helper, so shouldn't regress anything else. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/freeipa/+bug/1677139/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~freeipa Post to : freeipa@lists.launchpad.net Unsubscribe : https://launchpad.net/~freeipa More help : https://help.launchpad.net/ListHelp
