Created on 06-01-2023 01:15 AM - edited 06-01-2023 01:16 AM
Hello,
while trying to enable Kerberos on Cloudera CDH 6.3.4 with FreeIPA, there is an error, that it can't open script file import_credentials_ipa.sh (see log below).
The directory /opt/cloudera/cm/bin doesn't contain a file named import_credentials.sh.
Thanks for your help.
Regards
Jan
06:30:40.402 | INFO | JavaMelodyFacade | Entering HTTP Operation: Method:POST, Path:/kerberos/adminCredentials |
06:30:40.404 | INFO | ServiceHandlerRegistry | Executing command ImportCredentials with sensitive arguments. |
06:30:40.421 | INFO | JavaMelodyFacade | Exiting HTTP Operation: Method:POST, Path:/kerberos/adminCredentials, Status:200 |
06:30:45.435 | ERROR | CommandHelpers | ImportCredentials - Execution error: java.io.IOException: Could not open script file: import_credentials_ipa.sh at com.cloudera.cmf.security.components.SecurityUtils.copyScriptFromResource(SecurityUtils.java:305) at com.cloudera.cmf.security.components.SecurityUtils.getScriptFile(SecurityUtils.java:295) at com.cloudera.cmf.security.ImportCredentialsCommand$2$1.run(ImportCredentialsCommand.java:247) at com.cloudera.cmf.security.ImportCredentialsCommand$2$1.run(ImportCredentialsCommand.java:240) at com.cloudera.cmf.security.components.SecurityUtils.runWithGenerateKrb5Conf(SecurityUtils.java:393) at com.cloudera.cmf.security.ImportCredentialsCommand$2.call(ImportCredentialsCommand.java:240) at com.cloudera.cmf.security.ImportCredentialsCommand$2.call(ImportCredentialsCommand.java:236) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748) |
06:30:45.436 | ERROR | DbCommand | Command 1017(ImportCredentials) has completed. finalstate:FINISHED, success:false, msg:Could not open script file: import_credentials_ipa.sh |
Created 11-22-2023 05:45 AM
Hello,I may recommend to check existing files and permissions.
1. Check if the file exist.
Example:
# ls -lrth /opt/cloudera/cm/bin | grep ipa
-rwxr-xr-x 1 root root 1.4K Feb 22 2021 import_credentials_ipa.sh <<<<<<<
-rwxr-xr-x 1 root root 1.9K Feb 22 2021 generate_intermediate_ca_ipa.sh
-rwxr-xr-x 1 root root 3.7K Feb 22 2021 gen_credentials_ipa.sh
-rwxr-xr-x 1 root root 1.1K Feb 22 2021 delete_credentials_ipa.sh
!! This file comes from the package "Cloudera-manager-daemons"
2. Check the packages installed
For Centos
#rpm -ql cloudera-manager-daemons | grep -i import_credentials
For Deb
# dpkg --contents cloudera-manager-daemons | grep -i import_credentials
# rpm -qf /opt/cloudera/cm/bin/import_credentials_ipa.sh
cloudera-manager-daemons-6.3.4-6763501.el7.x86_64 <<<<<<<<<
3. Where this file comes from ?
!! From daemon package.
# rpm -ql cloudera-manager-daemons | grep -i import_credentials
/opt/cloudera/cm/bin/import_credentials.sh
/opt/cloudera/cm/bin/import_credentials_ipa.sh <<<<<<<<<
Make sure the package is consistent or reinstall it
> package: cloudera-manager-daemons
* Check if the OS is compatible with CM and CDP version also
https://docs.cloudera.com/documentation/enterprise/6/release-notes/topics/rg_os_requirements.html#c6...
Hope it helps,
Felipe G