Support Questions

Find answers, ask questions, and share your expertise

Cloudera CDH 6.3 Kerberos Wizard FreeIPA Error missing Script

avatar
New Contributor

Hello,

while trying to enable Kerberos on Cloudera CDH 6.3.4 with FreeIPA, there is an error, that it can't open script file import_credentials_ipa.sh (see log below).

The directory /opt/cloudera/cm/bin doesn't contain a file named import_credentials.sh.

 

Thanks for your help.

Regards

Jan

 

ERROR.png

 

 

 

06:30:40.402INFOJavaMelodyFacade
Entering HTTP Operation: Method:POST, Path:/kerberos/adminCredentials
06:30:40.404INFOServiceHandlerRegistry
Executing command ImportCredentials with sensitive arguments.
06:30:40.421INFOJavaMelodyFacade
Exiting HTTP Operation: Method:POST, Path:/kerberos/adminCredentials, Status:200
06:30:45.435ERRORCommandHelpers
ImportCredentials - Execution error: 
java.io.IOException: Could not open script file: import_credentials_ipa.sh
	at com.cloudera.cmf.security.components.SecurityUtils.copyScriptFromResource(SecurityUtils.java:305)
	at com.cloudera.cmf.security.components.SecurityUtils.getScriptFile(SecurityUtils.java:295)
	at com.cloudera.cmf.security.ImportCredentialsCommand$2$1.run(ImportCredentialsCommand.java:247)
	at com.cloudera.cmf.security.ImportCredentialsCommand$2$1.run(ImportCredentialsCommand.java:240)
	at com.cloudera.cmf.security.components.SecurityUtils.runWithGenerateKrb5Conf(SecurityUtils.java:393)
	at com.cloudera.cmf.security.ImportCredentialsCommand$2.call(ImportCredentialsCommand.java:240)
	at com.cloudera.cmf.security.ImportCredentialsCommand$2.call(ImportCredentialsCommand.java:236)
	at java.util.concurrent.FutureTask.run(FutureTask.java:266)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	at java.lang.Thread.run(Thread.java:748)
06:30:45.436ERRORDbCommand
Command 1017(ImportCredentials) has completed. finalstate:FINISHED, success:false, msg:Could not open script file: import_credentials_ipa.sh
1 REPLY 1

avatar
Contributor

Hello,I may recommend to check existing files and permissions.

1. Check if the file exist.
Example:

# ls -lrth /opt/cloudera/cm/bin | grep ipa
-rwxr-xr-x 1 root root 1.4K Feb 22 2021 import_credentials_ipa.sh <<<<<<<
-rwxr-xr-x 1 root root 1.9K Feb 22 2021 generate_intermediate_ca_ipa.sh
-rwxr-xr-x 1 root root 3.7K Feb 22 2021 gen_credentials_ipa.sh
-rwxr-xr-x 1 root root 1.1K Feb 22 2021 delete_credentials_ipa.sh

!! This file comes from the package "Cloudera-manager-daemons"

2. Check the packages installed

For Centos
#rpm -ql cloudera-manager-daemons | grep -i import_credentials

For Deb
# dpkg --contents cloudera-manager-daemons | grep -i import_credentials

# rpm -qf /opt/cloudera/cm/bin/import_credentials_ipa.sh
cloudera-manager-daemons-6.3.4-6763501.el7.x86_64 <<<<<<<<<

3. Where this file comes from ?
!! From daemon package.

# rpm -ql cloudera-manager-daemons | grep -i import_credentials
/opt/cloudera/cm/bin/import_credentials.sh
/opt/cloudera/cm/bin/import_credentials_ipa.sh <<<<<<<<<

Make sure the package is consistent or reinstall it
> package: cloudera-manager-daemons

* Check if the OS is compatible with CM and CDP version also
https://docs.cloudera.com/documentation/enterprise/6/release-notes/topics/rg_os_requirements.html#c6...

Hope it helps,

Felipe G