-1

When I try to install/configure IPA Server on CentOS 6.6, I see the following error message

[root@machine1 ~]# ipa-server-install --setup-dns

"Must be root to set up server"

Installation went fine with out an issue but when I try to configure using the above command I see "Must be root to set up server"

Community
  • 1
  • 1
tele voip
  • 9
  • 2

1 Answers1

0

If you open ipa-server-install script, it is written in python and you will find following snippet in that script, If root uid isn't 0 then print "Must be root to set up server" 

if os.getegid() != 0:
           sys.exit("Must be root to set up server")

Make sure you are root and your root uid 0

[root@ipa ~]# whoami
root
[root@ipa ~]# id root
uid=0(root) gid=0(root) groups=0(root)
Satish
  • 16,544
  • 29
  • 93
  • 149
  • Here is what I see after I logged into CentOS server [root@machine1 ~]# whoami root [root@machine1 ~]# id root uid=0(root) gid=500(hadoop) groups=500(hadoop) [root@machine1 ~]# – tele voip Apr 28 '15 at 02:43
  • i commented out the if condition in the ipa-server-install file and ran the setup again. – tele voip Apr 28 '15 at 03:15
  • looks like it is working but not sure if that is the right way to do – tele voip Apr 28 '15 at 03:15
  • for a while i thought it was working but now i ran into few more setup issues, so it is not a good idea to comment out the "if" condition in the ipa-server-install file. Still looking for help from the experts .. – tele voip Apr 28 '15 at 03:21
  • Why your root user `gid` is `500`? I would say please change root user `gid` to `0` just like i showed you on my answer section. I don't know what hadoop doing with root user? something is massed up in your system with uid/gid of group. – Satish Apr 28 '15 at 17:03
  • Thanks, I am able to get pass this error and install IPA Server. However I ran into issues with the IPA client installtion on another node with in the same network. – tele voip Apr 29 '15 at 19:18
  • [root@dravidian1 ~]# ipa-client-install --domain=hashmap.com --server=ldap.hashmap.com --realm=HASHMAP.COM -p admin@hashmap.com --password=hortonworks --mkhomedir --hostname=dravidian1.hashmap.com – tele voip Apr 29 '15 at 19:21
  • Failed to verify that ldap.hashmap.com is an IPA Server. This may mean that the remote server is not up or is not reachable due to network or firewall settings. Please make sure the following ports are opened in the firewall settings: TCP: 80, 88, 389 UDP: 88 (at least one of TCP/UDP ports 88 has to be open) Also note that following ports are necessary for ipa-client working properly after enrollment: TCP: 464 UDP: 464, 123 (if NTP enabled) Installation failed. Rolling back changes. IPA client is not configured on this system. – tele voip Apr 29 '15 at 19:22
  • I checked my firewall settings .. and they are not currently running – tele voip Apr 29 '15 at 19:22
  • all the ports are wide open – tele voip Apr 29 '15 at 19:22
  • how did you check ports are open? you can use `telnet ` to see it is really connecting to remote server. make sure `SElinux` is disable – Satish Apr 30 '15 at 16:14