[Pkg-freeipa-devel] Bug#970880: Bug#970880: Bug#970880: Bug#970880: Bug#970880: Bug#970880: Bug#970880: freeipa-server: FreeIPA server installation fails with Certificate issuance failed (CA_REJECTED)
Timo Aaltonen
tjaalton at debian.org
Wed Oct 13 07:52:40 BST 2021
On 12.10.2021 23.53, Spencer Olson wrote:
> On Tue, Oct 12, 2021 at 2:17 PM Timo Aaltonen <tjaalton at debian.org> wrote:
>>
>> On 12.10.2021 20.48, Spencer Olson wrote:
>>> On Tue, Oct 12, 2021 at 9:53 AM Spencer Olson <olsonse at umich.edu> wrote:
>>>>
>>>> On Sun, Oct 10, 2021 at 12:58 PM Timo Aaltonen <tjaalton at debian.org> wrote:
>>>>>
>>>>>>
>>>>>>
>>>>>> Maybe the CI will finish before I can get back to my testing.
>>>>>
>>>>> And it did, this error is fixed now :)
>>>>>
>>>>> But it fails later on, so there's some work still to catch up with the
>>>>> current distro, but at least this particular annoyance is resolved, so
>>>>> many thanks for figuring it out! I was sure the reason was something
>>>>> silly and related to the SSL stack (or maybe ciphers) but was blind to
>>>>> see it.
>>>>
>>>> I borrowed the .deb packages from the build artifacts and tested more.
>>>> You probably already have this fixed but,
>>>> * /var/lib/gssproxy directory has to be created so that gssproxy can
>>>> be started.
>>
>> gssproxy 0.8.2-2 or newer has it.
>
> I have tried to keep my Debian Sid instance updated. It has gssproxy
> 0.8.4-1 installed. Installing gssproxy 0.8.4-1 did not result in
> /var/lib/gssproxy being created. Just for kicks, I tried removing
> then reinstalling to see if anything different would happen--it didn't
> and the directory still does not exist simply due to installation.
Huh, you're right, 0.8.4-1 cleans the dirs after dh_auto_install.. -2
fixes that.
>>
>> Well, at this point my focus is on getting a working baseline on Debian sid.
>
> Unless you request any specific help, I will keep testing as you
> submit changes or new CI tests.
Cool, so since this bug is essentially fixed, further hacking on the
packaging would probably best be handled via irc or
pkg-freeipa-devel at alioth-lists.debian.net. The latter will also get all
bug/salsa spam.
--
t
More information about the Pkg-freeipa-devel
mailing list