thr3ads.net - Fedora directory users - [Fedora-directory-users] Admin Server Failure [Aug 2006]

If this information is useful, please help other people find it:
Share via:

Ian Marks

2006-Aug-09 18:54 UTC

[Fedora-directory-users] Admin Server Failure

Does anyone have a good idea where I can start troubleshooting the error 
below.  I get the error when I attempt to start the admin server.  I 
also posted an error from the htttpd logs which could be related.  I''m 
running Centos 4.3 with FDS 1.0.2.

/opt/fedora-ds/admin-serv/logs/error
[Wed Aug 09 18:43:34 2006] [crit] host_ip_init(): PSET failure: Failed 
to create PSET handle (pset error = )
Configuration Failed

 /var/log/httpd/error_log
[Wed Aug 09 14:51:56 2006] [notice] LDAP: Built with OpenLDAP LDAP SDK
[Wed Aug 09 14:51:56 2006] [notice] LDAP: SSL support unavailable

Thanks,
Ian

Brian Kosick

2006-Aug-09 19:00 UTC

head link

Re: [Fedora-directory-users] Admin Server Failure

Without more info....

Make sure that you have the openssl rpm installed.

Brian

On Wed, 2006-08-09 at 14:54 -0400, Ian Marks wrote:> Does anyone have a good idea where I can start troubleshooting the error 
> below.  I get the error when I attempt to start the admin server.  I 
> also posted an error from the htttpd logs which could be related. 
I''m
> running Centos 4.3 with FDS 1.0.2.
> 
> /opt/fedora-ds/admin-serv/logs/error
> [Wed Aug 09 18:43:34 2006] [crit] host_ip_init(): PSET failure: Failed 
> to create PSET handle (pset error = )
> Configuration Failed
> 
>  /var/log/httpd/error_log
> [Wed Aug 09 14:51:56 2006] [notice] LDAP: Built with OpenLDAP LDAP SDK
> [Wed Aug 09 14:51:56 2006] [notice] LDAP: SSL support unavailable
> 
> Thanks,
> Ian
> 
> --
> Fedora-directory-users mailing list
> Fedora-directory-users@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users

Richard Megginson

2006-Aug-09 19:02 UTC

head link

Re: [Fedora-directory-users] Admin Server Failure

Ian Marks wrote:> Does anyone have a good idea where I can start troubleshooting the 
> error below.  I get the error when I attempt to start the admin 
> server.  I also posted an error from the htttpd logs which could be 
> related.  I''m running Centos 4.3 with FDS 1.0.2.
>
> /opt/fedora-ds/admin-serv/logs/error
> [Wed Aug 09 18:43:34 2006] [crit] host_ip_init(): PSET failure: Failed 
> to create PSET handle (pset error = )
> Configuration Failed1) The directory server must be up and running before attempting to 
start the admin server
2) If the DS is running, what is the output of doing sh -xv
start-admin?>
> /var/log/httpd/error_log
> [Wed Aug 09 14:51:56 2006] [notice] LDAP: Built with OpenLDAP LDAP SDK
> [Wed Aug 09 14:51:56 2006] [notice] LDAP: SSL support unavailable
>
> Thanks,
> Ian
>
> -- 
> Fedora-directory-users mailing list
> Fedora-directory-users@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users

Rob Crittenden

2006-Aug-09 19:03 UTC

head link

Re: [Fedora-directory-users] Admin Server Failure

Ian Marks wrote:> Does anyone have a good idea where I can start troubleshooting the error 
> below.  I get the error when I attempt to start the admin server.  I 
> also posted an error from the htttpd logs which could be related. 
I''m
> running Centos 4.3 with FDS 1.0.2.
> 
> /opt/fedora-ds/admin-serv/logs/error
> [Wed Aug 09 18:43:34 2006] [crit] host_ip_init(): PSET failure: Failed 
> to create PSET handle (pset error = )
> Configuration Failed
> 
> /var/log/httpd/error_log
> [Wed Aug 09 14:51:56 2006] [notice] LDAP: Built with OpenLDAP LDAP SDK
> [Wed Aug 09 14:51:56 2006] [notice] LDAP: SSL support unavailable
That just means that Apache lacks LDAPS support. You can ignore this, 
there is nothing you can do about it short building your own Apache.

rob

Ian Marks

2006-Aug-09 19:09 UTC

head link

Re: [Fedora-directory-users] Admin Server Failure

I have the following ssl packages installed.
 rpm -qa |grep ssl
openssl-0.9.7a-43.8
mod_ssl-2.0.52-22.ent.centos4
openssl-devel-0.9.7a-43.8
xmlsec1-openssl-1.2.6-3

 The directory server is running and appears to be working correctly.  
Several other hosts are able to authenticate via pam against this DS 
server.  Here is the output of "sh -xv start-admin", minus the
copyright
stuff:

SERVER_ROOT=/opt/fedora-ds ; export SERVER_ROOT
+ SERVER_ROOT=/opt/fedora-ds
+ export SERVER_ROOT
NETSITE_ROOT=$SERVER_ROOT ; export NETSITE_ROOT
+ NETSITE_ROOT=/opt/fedora-ds
+ export NETSITE_ROOT
ADMSERV_ROOT=$SERVER_ROOT/admin-serv ; export ADMSERV_ROOT
+ ADMSERV_ROOT=/opt/fedora-ds/admin-serv
+ export ADMSERV_ROOT

unset PASSWORD_PIPE
+ unset PASSWORD_PIPE

LD_LIBRARY_PATH=${SERVER_ROOT}/bin/admin/lib:${SERVER_ROOT}/lib:${LD_LIBRARY_PATH};export
LD_LIBRARY_PATH
+ LD_LIBRARY_PATH=/opt/fedora-ds/bin/admin/lib:/opt/fedora-ds/lib:
+ export LD_LIBRARY_PATH
LIBPATH=${LD_LIBRARY_PATH}:${LIBPATH}:/usr/threads/lib:/usr/ibmcxx/lib:/usr/lib:/lib;
export LIBPATH
+ 
LIBPATH=/opt/fedora-ds/bin/admin/lib:/opt/fedora-ds/lib:::/usr/threads/lib:/usr/ibmcxx/lib:/usr/lib:/lib
+ export LIBPATH
SHLIB_PATH=${LD_LIBRARY_PATH}:${SHLIB_PATH}; export SHLIB_PATH
+ SHLIB_PATH=/opt/fedora-ds/bin/admin/lib:/opt/fedora-ds/lib::
+ export SHLIB_PATH

NS_SERVER_HOME=${SERVER_ROOT}; export NS_SERVER_HOME
+ NS_SERVER_HOME=/opt/fedora-ds
+ export NS_SERVER_HOME
PATH=${SERVER_ROOT}/bin/admin/bin:${PATH}; export PATH
+ 
PATH=/opt/fedora-ds/bin/admin/bin:/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/root/bin
+ export PATH

HTTPD=/usr/sbin//httpd.worker
+ HTTPD=/usr/sbin//httpd.worker

# see if httpd is linked with the openldap libraries - we need to 
override them
OS=`uname -s`
uname -s
++ uname -s
+ OS=Linux
if [ $OS = "Linux" ]; then
    hasol=0

    /usr/bin/ldd $HTTPD 2>&1 | grep libldap > /dev/null 2>&1
&& hasol=1

    if [ $hasol -eq 1 ] ; then
        LD_PRELOAD="${SERVER_ROOT}/bin/admin/lib/libssl3.so 
${SERVER_ROOT}/bin/admin/lib/libldap50.so"
        export LD_PRELOAD
    fi
fi
+ ''['' Linux = Linux '']''
+ hasol=0
+ /usr/bin/ldd /usr/sbin//httpd.worker
+ grep libldap
+ hasol=1
+ ''['' 1 -eq 1 '']''
+ LD_PRELOAD=''/opt/fedora-ds/bin/admin/lib/libssl3.so 
/opt/fedora-ds/bin/admin/lib/libldap50.so''
+ export LD_PRELOAD

$HTTPD -k start -d $ADMSERV_ROOT -f $ADMSERV_ROOT/config/httpd.conf
"$@"
+ /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f 
/opt/fedora-ds/admin-serv/config/httpd.conf




Richard Megginson wrote:> Ian Marks wrote:
>> Does anyone have a good idea where I can start troubleshooting the 
>> error below.  I get the error when I attempt to start the admin 
>> server.  I also posted an error from the htttpd logs which could be 
>> related.  I''m running Centos 4.3 with FDS 1.0.2.
>>
>> /opt/fedora-ds/admin-serv/logs/error
>> [Wed Aug 09 18:43:34 2006] [crit] host_ip_init(): PSET failure: 
>> Failed to create PSET handle (pset error = )
>> Configuration Failed
> 1) The directory server must be up and running before attempting to 
> start the admin server
> 2) If the DS is running, what is the output of doing sh -xv start-admin?
>>
>> /var/log/httpd/error_log
>> [Wed Aug 09 14:51:56 2006] [notice] LDAP: Built with OpenLDAP LDAP SDK
>> [Wed Aug 09 14:51:56 2006] [notice] LDAP: SSL support unavailable
>>
>> Thanks,
>> Ian
>>
>> -- 
>> Fedora-directory-users mailing list
>> Fedora-directory-users@redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>

Richard Megginson

2006-Aug-09 19:18 UTC

head link

Re: [Fedora-directory-users] Admin Server Failure

Ian Marks wrote:> I have the following ssl packages installed.
> rpm -qa |grep ssl
> openssl-0.9.7a-43.8
> mod_ssl-2.0.52-22.ent.centos4
> openssl-devel-0.9.7a-43.8
> xmlsec1-openssl-1.2.6-3
>
> The directory server is running and appears to be working correctly.  
> Several other hosts are able to authenticate via pam against this DS 
> server.  Here is the output of "sh -xv start-admin", minus the 
> copyright stuff:
>
> SERVER_ROOT=/opt/fedora-ds ; export SERVER_ROOT
> + SERVER_ROOT=/opt/fedora-ds
> + export SERVER_ROOT
> NETSITE_ROOT=$SERVER_ROOT ; export NETSITE_ROOT
> + NETSITE_ROOT=/opt/fedora-ds
> + export NETSITE_ROOT
> ADMSERV_ROOT=$SERVER_ROOT/admin-serv ; export ADMSERV_ROOT
> + ADMSERV_ROOT=/opt/fedora-ds/admin-serv
> + export ADMSERV_ROOT
>
> unset PASSWORD_PIPE
> + unset PASSWORD_PIPE
>
>
LD_LIBRARY_PATH=${SERVER_ROOT}/bin/admin/lib:${SERVER_ROOT}/lib:${LD_LIBRARY_PATH};export
> LD_LIBRARY_PATH
> + LD_LIBRARY_PATH=/opt/fedora-ds/bin/admin/lib:/opt/fedora-ds/lib:
> + export LD_LIBRARY_PATH
>
LIBPATH=${LD_LIBRARY_PATH}:${LIBPATH}:/usr/threads/lib:/usr/ibmcxx/lib:/usr/lib:/lib;
> export LIBPATH
> + 
>
LIBPATH=/opt/fedora-ds/bin/admin/lib:/opt/fedora-ds/lib:::/usr/threads/lib:/usr/ibmcxx/lib:/usr/lib:/lib
>
> + export LIBPATH
> SHLIB_PATH=${LD_LIBRARY_PATH}:${SHLIB_PATH}; export SHLIB_PATH
> + SHLIB_PATH=/opt/fedora-ds/bin/admin/lib:/opt/fedora-ds/lib::
> + export SHLIB_PATH
>
> NS_SERVER_HOME=${SERVER_ROOT}; export NS_SERVER_HOME
> + NS_SERVER_HOME=/opt/fedora-ds
> + export NS_SERVER_HOME
> PATH=${SERVER_ROOT}/bin/admin/bin:${PATH}; export PATH
> + 
>
PATH=/opt/fedora-ds/bin/admin/bin:/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/root/bin
>
> + export PATH
>
> HTTPD=/usr/sbin//httpd.worker
> + HTTPD=/usr/sbin//httpd.worker
>
> # see if httpd is linked with the openldap libraries - we need to 
> override them
> OS=`uname -s`
> uname -s
> ++ uname -s
> + OS=Linux
> if [ $OS = "Linux" ]; then
>    hasol=0
>
>    /usr/bin/ldd $HTTPD 2>&1 | grep libldap > /dev/null
2>&1 && hasol=1
>
>    if [ $hasol -eq 1 ] ; then
>        LD_PRELOAD="${SERVER_ROOT}/bin/admin/lib/libssl3.so 
> ${SERVER_ROOT}/bin/admin/lib/libldap50.so"
>        export LD_PRELOAD
>    fi
> fi
> + ''['' Linux = Linux '']''
> + hasol=0
> + /usr/bin/ldd /usr/sbin//httpd.worker
> + grep libldap
> + hasol=1
> + ''['' 1 -eq 1 '']''
> + LD_PRELOAD=''/opt/fedora-ds/bin/admin/lib/libssl3.so 
> /opt/fedora-ds/bin/admin/lib/libldap50.so''
> + export LD_PRELOAD
>
> $HTTPD -k start -d $ADMSERV_ROOT -f $ADMSERV_ROOT/config/httpd.conf
"$@"
> + /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f 
> /opt/fedora-ds/admin-serv/config/httpd.confSo it correctly detects that httpd is linked against openldap and does 
the LD_PRELOAD.  Next, try turning up the debug level.  First, edit 
admin-serv/config/httpd.conf and change LogLevel to debug.  Then, do 
start-admin -e debug.  There should be a bunch of stuff in 
admin-serv/logs/error>
>
>
>
> Richard Megginson wrote:
>> Ian Marks wrote:
>>> Does anyone have a good idea where I can start troubleshooting the 
>>> error below.  I get the error when I attempt to start the admin 
>>> server.  I also posted an error from the htttpd logs which could be
>>> related.  I''m running Centos 4.3 with FDS 1.0.2.
>>>
>>> /opt/fedora-ds/admin-serv/logs/error
>>> [Wed Aug 09 18:43:34 2006] [crit] host_ip_init(): PSET failure: 
>>> Failed to create PSET handle (pset error = )
>>> Configuration Failed
>> 1) The directory server must be up and running before attempting to 
>> start the admin server
>> 2) If the DS is running, what is the output of doing sh -xv
start-admin?
>>>
>>> /var/log/httpd/error_log
>>> [Wed Aug 09 14:51:56 2006] [notice] LDAP: Built with OpenLDAP LDAP
SDK
>>> [Wed Aug 09 14:51:56 2006] [notice] LDAP: SSL support unavailable
>>>
>>> Thanks,
>>> Ian
>>>
>>> -- 
>>> Fedora-directory-users mailing list
>>> Fedora-directory-users@redhat.com
>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>
------------------------------------------------------------------------
>>
>> -- 
>> Fedora-directory-users mailing list
>> Fedora-directory-users@redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>   
>
> -- 
> Fedora-directory-users mailing list
> Fedora-directory-users@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users

Ian Marks

2006-Aug-09 19:27 UTC

head link

Re: [Fedora-directory-users] Admin Server Failure

Here is the last few lines from the error log after enabling debug.


[Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
populate_tasks_from_server(): Added task entry 
[cn=htmladmin,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora 
administration server,cn=server 
group,cn=cac.example.com,ou=example.com,o=netscaperoot:htmladmin:] for 
user [LocalSuper]
[Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
populate_tasks_from_server(): Added task entry 
[cn=statpingserv,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora 
administration server,cn=server 
group,cn=cac.example.com,ou=example.com,o=netscaperoot:statpingserv:] 
for user [LocalSuper]
[Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
populate_tasks_from_server(): Added task entry 
[cn=viewdata,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora 
administration server,cn=server 
group,cn=cac.example.com,ou=example.com,o=netscaperoot:viewdata:] for 
user [LocalSuper]
[Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
populate_tasks_from_server(): Added task entry 
[cn=viewlog,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora 
administration server,cn=server 
group,cn=cac.example.com,ou=example.com,o=netscaperoot:viewlog:] for 
user [LocalSuper]
[Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
populate_tasks_from_server(): Added task entry 
[cn=monreplication,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora 
administration server,cn=server 
group,cn=cac.example.com,ou=example.com,o=netscaperoot:monreplication:] 
for user [LocalSuper]
[Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
populate_tasks_from_server(): Added task entry 
[cn=repl-monitor-cgi.pl,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora 
administration server,cn=server 
group,cn=cac.example.com,ou=example.com,o=netscaperoot:repl-monitor-cgi.pl:] 
for user [LocalSuper]
[Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
populate_tasks_from_server(): Added task entry 
[cn=sync-task-sie-data,cn=commands,cn=admin-serv-cac,cn=fedora 
administration server,cn=server 
group,cn=cac.example.com,ou=example.com,o=netscaperoot:runtime:] for 
user [LocalSuper]
[Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
populate_tasks_from_server(): Added task entry 
[cn=change-sie-password,cn=commands,cn=admin-serv-cac,cn=fedora 
administration server,cn=server 
group,cn=cac.example.com,ou=example.com,o=netscaperoot:runtime:] for 
user [LocalSuper]
[Wed Aug 09 19:22:22 2006] [crit] host_ip_init(): PSET failure: Failed 
to create PSET handle (pset error = )


Ian

Richard Megginson wrote:> Ian Marks wrote:
>> I have the following ssl packages installed.
>> rpm -qa |grep ssl
>> openssl-0.9.7a-43.8
>> mod_ssl-2.0.52-22.ent.centos4
>> openssl-devel-0.9.7a-43.8
>> xmlsec1-openssl-1.2.6-3
>>
>> The directory server is running and appears to be working correctly.  
>> Several other hosts are able to authenticate via pam against this DS 
>> server.  Here is the output of "sh -xv start-admin", minus
the
>> copyright stuff:
>>
>> SERVER_ROOT=/opt/fedora-ds ; export SERVER_ROOT
>> + SERVER_ROOT=/opt/fedora-ds
>> + export SERVER_ROOT
>> NETSITE_ROOT=$SERVER_ROOT ; export NETSITE_ROOT
>> + NETSITE_ROOT=/opt/fedora-ds
>> + export NETSITE_ROOT
>> ADMSERV_ROOT=$SERVER_ROOT/admin-serv ; export ADMSERV_ROOT
>> + ADMSERV_ROOT=/opt/fedora-ds/admin-serv
>> + export ADMSERV_ROOT
>>
>> unset PASSWORD_PIPE
>> + unset PASSWORD_PIPE
>>
>>
LD_LIBRARY_PATH=${SERVER_ROOT}/bin/admin/lib:${SERVER_ROOT}/lib:${LD_LIBRARY_PATH};export
>> LD_LIBRARY_PATH
>> + LD_LIBRARY_PATH=/opt/fedora-ds/bin/admin/lib:/opt/fedora-ds/lib:
>> + export LD_LIBRARY_PATH
>>
LIBPATH=${LD_LIBRARY_PATH}:${LIBPATH}:/usr/threads/lib:/usr/ibmcxx/lib:/usr/lib:/lib;
>> export LIBPATH
>> + 
>>
LIBPATH=/opt/fedora-ds/bin/admin/lib:/opt/fedora-ds/lib:::/usr/threads/lib:/usr/ibmcxx/lib:/usr/lib:/lib
>>
>> + export LIBPATH
>> SHLIB_PATH=${LD_LIBRARY_PATH}:${SHLIB_PATH}; export SHLIB_PATH
>> + SHLIB_PATH=/opt/fedora-ds/bin/admin/lib:/opt/fedora-ds/lib::
>> + export SHLIB_PATH
>>
>> NS_SERVER_HOME=${SERVER_ROOT}; export NS_SERVER_HOME
>> + NS_SERVER_HOME=/opt/fedora-ds
>> + export NS_SERVER_HOME
>> PATH=${SERVER_ROOT}/bin/admin/bin:${PATH}; export PATH
>> + 
>>
PATH=/opt/fedora-ds/bin/admin/bin:/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/root/bin
>>
>> + export PATH
>>
>> HTTPD=/usr/sbin//httpd.worker
>> + HTTPD=/usr/sbin//httpd.worker
>>
>> # see if httpd is linked with the openldap libraries - we need to 
>> override them
>> OS=`uname -s`
>> uname -s
>> ++ uname -s
>> + OS=Linux
>> if [ $OS = "Linux" ]; then
>>    hasol=0
>>
>>    /usr/bin/ldd $HTTPD 2>&1 | grep libldap > /dev/null
2>&1 && hasol=1
>>
>>    if [ $hasol -eq 1 ] ; then
>>        LD_PRELOAD="${SERVER_ROOT}/bin/admin/lib/libssl3.so 
>> ${SERVER_ROOT}/bin/admin/lib/libldap50.so"
>>        export LD_PRELOAD
>>    fi
>> fi
>> + ''['' Linux = Linux '']''
>> + hasol=0
>> + /usr/bin/ldd /usr/sbin//httpd.worker
>> + grep libldap
>> + hasol=1
>> + ''['' 1 -eq 1 '']''
>> + LD_PRELOAD=''/opt/fedora-ds/bin/admin/lib/libssl3.so 
>> /opt/fedora-ds/bin/admin/lib/libldap50.so''
>> + export LD_PRELOAD
>>
>> $HTTPD -k start -d $ADMSERV_ROOT -f $ADMSERV_ROOT/config/httpd.conf
"$@"
>> + /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f 
>> /opt/fedora-ds/admin-serv/config/httpd.conf
> So it correctly detects that httpd is linked against openldap and does 
> the LD_PRELOAD.  Next, try turning up the debug level.  First, edit 
> admin-serv/config/httpd.conf and change LogLevel to debug.  Then, do 
> start-admin -e debug.  There should be a bunch of stuff in 
> admin-serv/logs/error
>>
>>
>>
>>
>> Richard Megginson wrote:
>>> Ian Marks wrote:
>>>> Does anyone have a good idea where I can start troubleshooting
the
>>>> error below.  I get the error when I attempt to start the admin
>>>> server.  I also posted an error from the htttpd logs which
could be
>>>> related.  I''m running Centos 4.3 with FDS 1.0.2.
>>>>
>>>> /opt/fedora-ds/admin-serv/logs/error
>>>> [Wed Aug 09 18:43:34 2006] [crit] host_ip_init(): PSET failure:
>>>> Failed to create PSET handle (pset error = )
>>>> Configuration Failed
>>> 1) The directory server must be up and running before attempting to
>>> start the admin server
>>> 2) If the DS is running, what is the output of doing sh -xv 
>>> start-admin?
>>>>
>>>> /var/log/httpd/error_log
>>>> [Wed Aug 09 14:51:56 2006] [notice] LDAP: Built with OpenLDAP
LDAP SDK
>>>> [Wed Aug 09 14:51:56 2006] [notice] LDAP: SSL support
unavailable
>>>>
>>>> Thanks,
>>>> Ian
>>>>
>>>> -- 
>>>> Fedora-directory-users mailing list
>>>> Fedora-directory-users@redhat.com
>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>
------------------------------------------------------------------------
>>>
>>>
>>> -- 
>>> Fedora-directory-users mailing list
>>> Fedora-directory-users@redhat.com
>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>   
>>
>> -- 
>> Fedora-directory-users mailing list
>> Fedora-directory-users@redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>

Richard Megginson

2006-Aug-09 19:39 UTC

head link

Re: [Fedora-directory-users] Admin Server Failure

Ian Marks wrote:> Here is the last few lines from the error log after enabling debug.
>
>
> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
> populate_tasks_from_server(): Added task entry 
> [cn=htmladmin,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora 
> administration server,cn=server 
> group,cn=cac.example.com,ou=example.com,o=netscaperoot:htmladmin:] for 
> user [LocalSuper]
> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
> populate_tasks_from_server(): Added task entry 
> [cn=statpingserv,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora 
> administration server,cn=server 
> group,cn=cac.example.com,ou=example.com,o=netscaperoot:statpingserv:] 
> for user [LocalSuper]
> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
> populate_tasks_from_server(): Added task entry 
> [cn=viewdata,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora 
> administration server,cn=server 
> group,cn=cac.example.com,ou=example.com,o=netscaperoot:viewdata:] for 
> user [LocalSuper]
> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
> populate_tasks_from_server(): Added task entry 
> [cn=viewlog,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora 
> administration server,cn=server 
> group,cn=cac.example.com,ou=example.com,o=netscaperoot:viewlog:] for 
> user [LocalSuper]
> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
> populate_tasks_from_server(): Added task entry 
> [cn=monreplication,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora 
> administration server,cn=server 
> group,cn=cac.example.com,ou=example.com,o=netscaperoot:monreplication:] 
> for user [LocalSuper]
> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
> populate_tasks_from_server(): Added task entry 
>
[cn=repl-monitor-cgi.pl,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora
> administration server,cn=server 
>
group,cn=cac.example.com,ou=example.com,o=netscaperoot:repl-monitor-cgi.pl:]
> for user [LocalSuper]
> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
> populate_tasks_from_server(): Added task entry 
> [cn=sync-task-sie-data,cn=commands,cn=admin-serv-cac,cn=fedora 
> administration server,cn=server 
> group,cn=cac.example.com,ou=example.com,o=netscaperoot:runtime:] for 
> user [LocalSuper]
> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
> populate_tasks_from_server(): Added task entry 
> [cn=change-sie-password,cn=commands,cn=admin-serv-cac,cn=fedora 
> administration server,cn=server 
> group,cn=cac.example.com,ou=example.com,o=netscaperoot:runtime:] for 
> user [LocalSuper]
> [Wed Aug 09 19:22:22 2006] [crit] host_ip_init(): PSET failure: Failed 
> to create PSET handle (pset error = )Hm - just pset?  The other ldap stuff is working fine.  Please post your 
admin-serv/config/adm.conf and shared/config/dbswitch.conf - be sure to 
obscure any sensitive information first.>
>
> Ian
>
> Richard Megginson wrote:
>> Ian Marks wrote:
>>> I have the following ssl packages installed.
>>> rpm -qa |grep ssl
>>> openssl-0.9.7a-43.8
>>> mod_ssl-2.0.52-22.ent.centos4
>>> openssl-devel-0.9.7a-43.8
>>> xmlsec1-openssl-1.2.6-3
>>>
>>> The directory server is running and appears to be working 
>>> correctly.  Several other hosts are able to authenticate via pam 
>>> against this DS server.  Here is the output of "sh -xv
start-admin",
>>> minus the copyright stuff:
>>>
>>> SERVER_ROOT=/opt/fedora-ds ; export SERVER_ROOT
>>> + SERVER_ROOT=/opt/fedora-ds
>>> + export SERVER_ROOT
>>> NETSITE_ROOT=$SERVER_ROOT ; export NETSITE_ROOT
>>> + NETSITE_ROOT=/opt/fedora-ds
>>> + export NETSITE_ROOT
>>> ADMSERV_ROOT=$SERVER_ROOT/admin-serv ; export ADMSERV_ROOT
>>> + ADMSERV_ROOT=/opt/fedora-ds/admin-serv
>>> + export ADMSERV_ROOT
>>>
>>> unset PASSWORD_PIPE
>>> + unset PASSWORD_PIPE
>>>
>>>
LD_LIBRARY_PATH=${SERVER_ROOT}/bin/admin/lib:${SERVER_ROOT}/lib:${LD_LIBRARY_PATH};export
>>> LD_LIBRARY_PATH
>>> + LD_LIBRARY_PATH=/opt/fedora-ds/bin/admin/lib:/opt/fedora-ds/lib:
>>> + export LD_LIBRARY_PATH
>>>
LIBPATH=${LD_LIBRARY_PATH}:${LIBPATH}:/usr/threads/lib:/usr/ibmcxx/lib:/usr/lib:/lib;
>>> export LIBPATH
>>> + 
>>>
LIBPATH=/opt/fedora-ds/bin/admin/lib:/opt/fedora-ds/lib:::/usr/threads/lib:/usr/ibmcxx/lib:/usr/lib:/lib
>>>
>>> + export LIBPATH
>>> SHLIB_PATH=${LD_LIBRARY_PATH}:${SHLIB_PATH}; export SHLIB_PATH
>>> + SHLIB_PATH=/opt/fedora-ds/bin/admin/lib:/opt/fedora-ds/lib::
>>> + export SHLIB_PATH
>>>
>>> NS_SERVER_HOME=${SERVER_ROOT}; export NS_SERVER_HOME
>>> + NS_SERVER_HOME=/opt/fedora-ds
>>> + export NS_SERVER_HOME
>>> PATH=${SERVER_ROOT}/bin/admin/bin:${PATH}; export PATH
>>> + 
>>>
PATH=/opt/fedora-ds/bin/admin/bin:/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/root/bin
>>>
>>> + export PATH
>>>
>>> HTTPD=/usr/sbin//httpd.worker
>>> + HTTPD=/usr/sbin//httpd.worker
>>>
>>> # see if httpd is linked with the openldap libraries - we need to 
>>> override them
>>> OS=`uname -s`
>>> uname -s
>>> ++ uname -s
>>> + OS=Linux
>>> if [ $OS = "Linux" ]; then
>>>    hasol=0
>>>
>>>    /usr/bin/ldd $HTTPD 2>&1 | grep libldap > /dev/null
2>&1 && hasol=1
>>>
>>>    if [ $hasol -eq 1 ] ; then
>>>        LD_PRELOAD="${SERVER_ROOT}/bin/admin/lib/libssl3.so 
>>> ${SERVER_ROOT}/bin/admin/lib/libldap50.so"
>>>        export LD_PRELOAD
>>>    fi
>>> fi
>>> + ''['' Linux = Linux '']''
>>> + hasol=0
>>> + /usr/bin/ldd /usr/sbin//httpd.worker
>>> + grep libldap
>>> + hasol=1
>>> + ''['' 1 -eq 1 '']''
>>> + LD_PRELOAD=''/opt/fedora-ds/bin/admin/lib/libssl3.so 
>>> /opt/fedora-ds/bin/admin/lib/libldap50.so''
>>> + export LD_PRELOAD
>>>
>>> $HTTPD -k start -d $ADMSERV_ROOT -f $ADMSERV_ROOT/config/httpd.conf
>>> "$@"
>>> + /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f 
>>> /opt/fedora-ds/admin-serv/config/httpd.conf
>> So it correctly detects that httpd is linked against openldap and 
>> does the LD_PRELOAD.  Next, try turning up the debug level.  First, 
>> edit admin-serv/config/httpd.conf and change LogLevel to debug.  
>> Then, do start-admin -e debug.  There should be a bunch of stuff in 
>> admin-serv/logs/error
>>>
>>>
>>>
>>>
>>> Richard Megginson wrote:
>>>> Ian Marks wrote:
>>>>> Does anyone have a good idea where I can start
troubleshooting the
>>>>> error below.  I get the error when I attempt to start the
admin
>>>>> server.  I also posted an error from the htttpd logs which
could
>>>>> be related.  I''m running Centos 4.3 with FDS
1.0.2.
>>>>>
>>>>> /opt/fedora-ds/admin-serv/logs/error
>>>>> [Wed Aug 09 18:43:34 2006] [crit] host_ip_init(): PSET
failure:
>>>>> Failed to create PSET handle (pset error = )
>>>>> Configuration Failed
>>>> 1) The directory server must be up and running before
attempting to
>>>> start the admin server
>>>> 2) If the DS is running, what is the output of doing sh -xv 
>>>> start-admin?
>>>>>
>>>>> /var/log/httpd/error_log
>>>>> [Wed Aug 09 14:51:56 2006] [notice] LDAP: Built with
OpenLDAP LDAP
>>>>> SDK
>>>>> [Wed Aug 09 14:51:56 2006] [notice] LDAP: SSL support
unavailable
>>>>>
>>>>> Thanks,
>>>>> Ian
>>>>>
>>>>> -- 
>>>>> Fedora-directory-users mailing list
>>>>> Fedora-directory-users@redhat.com
>>>>>
https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>
------------------------------------------------------------------------
>>>>
>>>>
>>>> -- 
>>>> Fedora-directory-users mailing list
>>>> Fedora-directory-users@redhat.com
>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>   
>>>
>>> -- 
>>> Fedora-directory-users mailing list
>>> Fedora-directory-users@redhat.com
>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>
------------------------------------------------------------------------
>>
>> -- 
>> Fedora-directory-users mailing list
>> Fedora-directory-users@redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>   
>
> -- 
> Fedora-directory-users mailing list
> Fedora-directory-users@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users

Ian Marks

2006-Aug-09 20:14 UTC

head link

Re: [Fedora-directory-users] Admin Server Failure

I really appreciate your help!!

adm.conf
ldapHost:   cac.example.com
ldapPort:   389
sie:   cn=admin-serv-cac, cn=Fedora Administration Server, cn=Server 
Group, cn=cac.example.com, ou=example.com, o=NetscapeRoot
siepid:   xxxxxxxx
isie:   cn=Fedora Administration Server, cn=Server Group, 
cn=cac.example.com, ou=example.com, o=NetscapeRoot
port:   1389
ldapStart:   slapd-cac/start-slapd


dbswitch.conf

directory default ldap://cac.example.com:389/o%3DNetscapeRoot


Richard Megginson wrote:> Ian Marks wrote:
>> Here is the last few lines from the error log after enabling debug.
>>
>>
>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
>> populate_tasks_from_server(): Added task entry 
>> [cn=htmladmin,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora 
>> administration server,cn=server 
>> group,cn=cac.example.com,ou=example.com,o=netscaperoot:htmladmin:] 
>> for user [LocalSuper]
>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
>> populate_tasks_from_server(): Added task entry 
>> [cn=statpingserv,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora 
>> administration server,cn=server 
>> group,cn=cac.example.com,ou=example.com,o=netscaperoot:statpingserv:] 
>> for user [LocalSuper]
>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
>> populate_tasks_from_server(): Added task entry 
>> [cn=viewdata,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora 
>> administration server,cn=server 
>> group,cn=cac.example.com,ou=example.com,o=netscaperoot:viewdata:] for 
>> user [LocalSuper]
>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
>> populate_tasks_from_server(): Added task entry 
>> [cn=viewlog,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora 
>> administration server,cn=server 
>> group,cn=cac.example.com,ou=example.com,o=netscaperoot:viewlog:] for 
>> user [LocalSuper]
>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
>> populate_tasks_from_server(): Added task entry 
>>
[cn=monreplication,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora
>> administration server,cn=server 
>> group,cn=cac.example.com,ou=example.com,o=netscaperoot:monreplication:]
>> for user [LocalSuper]
>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
>> populate_tasks_from_server(): Added task entry 
>>
[cn=repl-monitor-cgi.pl,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora
>> administration server,cn=server 
>>
group,cn=cac.example.com,ou=example.com,o=netscaperoot:repl-monitor-cgi.pl:]
>> for user [LocalSuper]
>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
>> populate_tasks_from_server(): Added task entry 
>> [cn=sync-task-sie-data,cn=commands,cn=admin-serv-cac,cn=fedora 
>> administration server,cn=server 
>> group,cn=cac.example.com,ou=example.com,o=netscaperoot:runtime:] for 
>> user [LocalSuper]
>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
>> populate_tasks_from_server(): Added task entry 
>> [cn=change-sie-password,cn=commands,cn=admin-serv-cac,cn=fedora 
>> administration server,cn=server 
>> group,cn=cac.example.com,ou=example.com,o=netscaperoot:runtime:] for 
>> user [LocalSuper]
>> [Wed Aug 09 19:22:22 2006] [crit] host_ip_init(): PSET failure: 
>> Failed to create PSET handle (pset error = )
> Hm - just pset?  The other ldap stuff is working fine.  Please post 
> your admin-serv/config/adm.conf and shared/config/dbswitch.conf - be 
> sure to obscure any sensitive information first.
>>
>>
>> Ian
>>
>> Richard Megginson wrote:
>>> Ian Marks wrote:
>>>> I have the following ssl packages installed.
>>>> rpm -qa |grep ssl
>>>> openssl-0.9.7a-43.8
>>>> mod_ssl-2.0.52-22.ent.centos4
>>>> openssl-devel-0.9.7a-43.8
>>>> xmlsec1-openssl-1.2.6-3
>>>>
>>>> The directory server is running and appears to be working 
>>>> correctly.  Several other hosts are able to authenticate via
pam
>>>> against this DS server.  Here is the output of "sh -xv 
>>>> start-admin", minus the copyright stuff:
>>>>
>>>> SERVER_ROOT=/opt/fedora-ds ; export SERVER_ROOT
>>>> + SERVER_ROOT=/opt/fedora-ds
>>>> + export SERVER_ROOT
>>>> NETSITE_ROOT=$SERVER_ROOT ; export NETSITE_ROOT
>>>> + NETSITE_ROOT=/opt/fedora-ds
>>>> + export NETSITE_ROOT
>>>> ADMSERV_ROOT=$SERVER_ROOT/admin-serv ; export ADMSERV_ROOT
>>>> + ADMSERV_ROOT=/opt/fedora-ds/admin-serv
>>>> + export ADMSERV_ROOT
>>>>
>>>> unset PASSWORD_PIPE
>>>> + unset PASSWORD_PIPE
>>>>
>>>>
LD_LIBRARY_PATH=${SERVER_ROOT}/bin/admin/lib:${SERVER_ROOT}/lib:${LD_LIBRARY_PATH};export
>>>> LD_LIBRARY_PATH
>>>> +
LD_LIBRARY_PATH=/opt/fedora-ds/bin/admin/lib:/opt/fedora-ds/lib:
>>>> + export LD_LIBRARY_PATH
>>>>
LIBPATH=${LD_LIBRARY_PATH}:${LIBPATH}:/usr/threads/lib:/usr/ibmcxx/lib:/usr/lib:/lib;
>>>> export LIBPATH
>>>> + 
>>>>
LIBPATH=/opt/fedora-ds/bin/admin/lib:/opt/fedora-ds/lib:::/usr/threads/lib:/usr/ibmcxx/lib:/usr/lib:/lib
>>>>
>>>> + export LIBPATH
>>>> SHLIB_PATH=${LD_LIBRARY_PATH}:${SHLIB_PATH}; export SHLIB_PATH
>>>> + SHLIB_PATH=/opt/fedora-ds/bin/admin/lib:/opt/fedora-ds/lib::
>>>> + export SHLIB_PATH
>>>>
>>>> NS_SERVER_HOME=${SERVER_ROOT}; export NS_SERVER_HOME
>>>> + NS_SERVER_HOME=/opt/fedora-ds
>>>> + export NS_SERVER_HOME
>>>> PATH=${SERVER_ROOT}/bin/admin/bin:${PATH}; export PATH
>>>> + 
>>>>
PATH=/opt/fedora-ds/bin/admin/bin:/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/root/bin
>>>>
>>>> + export PATH
>>>>
>>>> HTTPD=/usr/sbin//httpd.worker
>>>> + HTTPD=/usr/sbin//httpd.worker
>>>>
>>>> # see if httpd is linked with the openldap libraries - we need
to
>>>> override them
>>>> OS=`uname -s`
>>>> uname -s
>>>> ++ uname -s
>>>> + OS=Linux
>>>> if [ $OS = "Linux" ]; then
>>>>    hasol=0
>>>>
>>>>    /usr/bin/ldd $HTTPD 2>&1 | grep libldap >
/dev/null 2>&1 && hasol=1
>>>>
>>>>    if [ $hasol -eq 1 ] ; then
>>>>        LD_PRELOAD="${SERVER_ROOT}/bin/admin/lib/libssl3.so
>>>> ${SERVER_ROOT}/bin/admin/lib/libldap50.so"
>>>>        export LD_PRELOAD
>>>>    fi
>>>> fi
>>>> + ''['' Linux = Linux '']''
>>>> + hasol=0
>>>> + /usr/bin/ldd /usr/sbin//httpd.worker
>>>> + grep libldap
>>>> + hasol=1
>>>> + ''['' 1 -eq 1 '']''
>>>> + LD_PRELOAD=''/opt/fedora-ds/bin/admin/lib/libssl3.so 
>>>> /opt/fedora-ds/bin/admin/lib/libldap50.so''
>>>> + export LD_PRELOAD
>>>>
>>>> $HTTPD -k start -d $ADMSERV_ROOT -f
$ADMSERV_ROOT/config/httpd.conf
>>>> "$@"
>>>> + /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv
-f
>>>> /opt/fedora-ds/admin-serv/config/httpd.conf
>>> So it correctly detects that httpd is linked against openldap and 
>>> does the LD_PRELOAD.  Next, try turning up the debug level.  First,
>>> edit admin-serv/config/httpd.conf and change LogLevel to debug.  
>>> Then, do start-admin -e debug.  There should be a bunch of stuff in
>>> admin-serv/logs/error
>>>>
>>>>
>>>>
>>>>
>>>> Richard Megginson wrote:
>>>>> Ian Marks wrote:
>>>>>> Does anyone have a good idea where I can start
troubleshooting
>>>>>> the error below.  I get the error when I attempt to
start the
>>>>>> admin server.  I also posted an error from the htttpd
logs which
>>>>>> could be related.  I''m running Centos 4.3 with
FDS 1.0.2.
>>>>>>
>>>>>> /opt/fedora-ds/admin-serv/logs/error
>>>>>> [Wed Aug 09 18:43:34 2006] [crit] host_ip_init(): PSET
failure:
>>>>>> Failed to create PSET handle (pset error = )
>>>>>> Configuration Failed
>>>>> 1) The directory server must be up and running before
attempting
>>>>> to start the admin server
>>>>> 2) If the DS is running, what is the output of doing sh -xv
>>>>> start-admin?
>>>>>>
>>>>>> /var/log/httpd/error_log
>>>>>> [Wed Aug 09 14:51:56 2006] [notice] LDAP: Built with
OpenLDAP
>>>>>> LDAP SDK
>>>>>> [Wed Aug 09 14:51:56 2006] [notice] LDAP: SSL support
unavailable
>>>>>>
>>>>>> Thanks,
>>>>>> Ian
>>>>>>
>>>>>> -- 
>>>>>> Fedora-directory-users mailing list
>>>>>> Fedora-directory-users@redhat.com
>>>>>>
https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>>
------------------------------------------------------------------------
>>>>>
>>>>>
>>>>> -- 
>>>>> Fedora-directory-users mailing list
>>>>> Fedora-directory-users@redhat.com
>>>>>
https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>>   
>>>>
>>>> -- 
>>>> Fedora-directory-users mailing list
>>>> Fedora-directory-users@redhat.com
>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>
------------------------------------------------------------------------
>>>
>>>
>>> -- 
>>> Fedora-directory-users mailing list
>>> Fedora-directory-users@redhat.com
>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>   
>>
>> -- 
>> Fedora-directory-users mailing list
>> Fedora-directory-users@redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>

Ian Marks

2006-Aug-09 20:21 UTC

head link

Re: [Fedora-directory-users] Admin Server Failure

Thanks again for all your help, I think I just figured it out.  The 
dbswitch.conf file was owned by root when it should have been owned by 
nobody.

Ian

Ian Marks wrote:> I really appreciate your help!!
>
> adm.conf
> ldapHost:   cac.example.com
> ldapPort:   389
> sie:   cn=admin-serv-cac, cn=Fedora Administration Server, cn=Server 
> Group, cn=cac.example.com, ou=example.com, o=NetscapeRoot
> siepid:   xxxxxxxx
> isie:   cn=Fedora Administration Server, cn=Server Group, 
> cn=cac.example.com, ou=example.com, o=NetscapeRoot
> port:   1389
> ldapStart:   slapd-cac/start-slapd
>
>
> dbswitch.conf
>
> directory default ldap://cac.example.com:389/o%3DNetscapeRoot
>
>
> Richard Megginson wrote:
>> Ian Marks wrote:
>>> Here is the last few lines from the error log after enabling debug.
>>>
>>>
>>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
>>> populate_tasks_from_server(): Added task entry 
>>> [cn=htmladmin,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora
>>> administration server,cn=server 
>>> group,cn=cac.example.com,ou=example.com,o=netscaperoot:htmladmin:] 
>>> for user [LocalSuper]
>>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
>>> populate_tasks_from_server(): Added task entry 
>>>
[cn=statpingserv,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora
>>> administration server,cn=server 
>>>
group,cn=cac.example.com,ou=example.com,o=netscaperoot:statpingserv:]
>>> for user [LocalSuper]
>>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
>>> populate_tasks_from_server(): Added task entry 
>>> [cn=viewdata,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora 
>>> administration server,cn=server 
>>> group,cn=cac.example.com,ou=example.com,o=netscaperoot:viewdata:] 
>>> for user [LocalSuper]
>>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
>>> populate_tasks_from_server(): Added task entry 
>>> [cn=viewlog,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora 
>>> administration server,cn=server 
>>> group,cn=cac.example.com,ou=example.com,o=netscaperoot:viewlog:]
for
>>> user [LocalSuper]
>>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
>>> populate_tasks_from_server(): Added task entry 
>>>
[cn=monreplication,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora
>>> administration server,cn=server 
>>>
group,cn=cac.example.com,ou=example.com,o=netscaperoot:monreplication:]
>>> for user [LocalSuper]
>>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
>>> populate_tasks_from_server(): Added task entry 
>>>
[cn=repl-monitor-cgi.pl,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora
>>> administration server,cn=server 
>>>
group,cn=cac.example.com,ou=example.com,o=netscaperoot:repl-monitor-cgi.pl:]
>>> for user [LocalSuper]
>>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
>>> populate_tasks_from_server(): Added task entry 
>>> [cn=sync-task-sie-data,cn=commands,cn=admin-serv-cac,cn=fedora 
>>> administration server,cn=server 
>>> group,cn=cac.example.com,ou=example.com,o=netscaperoot:runtime:]
for
>>> user [LocalSuper]
>>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): 
>>> populate_tasks_from_server(): Added task entry 
>>> [cn=change-sie-password,cn=commands,cn=admin-serv-cac,cn=fedora 
>>> administration server,cn=server 
>>> group,cn=cac.example.com,ou=example.com,o=netscaperoot:runtime:]
for
>>> user [LocalSuper]
>>> [Wed Aug 09 19:22:22 2006] [crit] host_ip_init(): PSET failure: 
>>> Failed to create PSET handle (pset error = )
>> Hm - just pset?  The other ldap stuff is working fine.  Please post 
>> your admin-serv/config/adm.conf and shared/config/dbswitch.conf - be 
>> sure to obscure any sensitive information first.
>>>
>>>
>>> Ian
>>>
>>> Richard Megginson wrote:
>>>> Ian Marks wrote:
>>>>> I have the following ssl packages installed.
>>>>> rpm -qa |grep ssl
>>>>> openssl-0.9.7a-43.8
>>>>> mod_ssl-2.0.52-22.ent.centos4
>>>>> openssl-devel-0.9.7a-43.8
>>>>> xmlsec1-openssl-1.2.6-3
>>>>>
>>>>> The directory server is running and appears to be working 
>>>>> correctly.  Several other hosts are able to authenticate
via pam
>>>>> against this DS server.  Here is the output of "sh -xv
>>>>> start-admin", minus the copyright stuff:
>>>>>
>>>>> SERVER_ROOT=/opt/fedora-ds ; export SERVER_ROOT
>>>>> + SERVER_ROOT=/opt/fedora-ds
>>>>> + export SERVER_ROOT
>>>>> NETSITE_ROOT=$SERVER_ROOT ; export NETSITE_ROOT
>>>>> + NETSITE_ROOT=/opt/fedora-ds
>>>>> + export NETSITE_ROOT
>>>>> ADMSERV_ROOT=$SERVER_ROOT/admin-serv ; export ADMSERV_ROOT
>>>>> + ADMSERV_ROOT=/opt/fedora-ds/admin-serv
>>>>> + export ADMSERV_ROOT
>>>>>
>>>>> unset PASSWORD_PIPE
>>>>> + unset PASSWORD_PIPE
>>>>>
>>>>>
LD_LIBRARY_PATH=${SERVER_ROOT}/bin/admin/lib:${SERVER_ROOT}/lib:${LD_LIBRARY_PATH};export
>>>>> LD_LIBRARY_PATH
>>>>> +
LD_LIBRARY_PATH=/opt/fedora-ds/bin/admin/lib:/opt/fedora-ds/lib:
>>>>> + export LD_LIBRARY_PATH
>>>>>
LIBPATH=${LD_LIBRARY_PATH}:${LIBPATH}:/usr/threads/lib:/usr/ibmcxx/lib:/usr/lib:/lib;
>>>>> export LIBPATH
>>>>> + 
>>>>>
LIBPATH=/opt/fedora-ds/bin/admin/lib:/opt/fedora-ds/lib:::/usr/threads/lib:/usr/ibmcxx/lib:/usr/lib:/lib
>>>>>
>>>>> + export LIBPATH
>>>>> SHLIB_PATH=${LD_LIBRARY_PATH}:${SHLIB_PATH}; export
SHLIB_PATH
>>>>> +
SHLIB_PATH=/opt/fedora-ds/bin/admin/lib:/opt/fedora-ds/lib::
>>>>> + export SHLIB_PATH
>>>>>
>>>>> NS_SERVER_HOME=${SERVER_ROOT}; export NS_SERVER_HOME
>>>>> + NS_SERVER_HOME=/opt/fedora-ds
>>>>> + export NS_SERVER_HOME
>>>>> PATH=${SERVER_ROOT}/bin/admin/bin:${PATH}; export PATH
>>>>> + 
>>>>>
PATH=/opt/fedora-ds/bin/admin/bin:/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/root/bin
>>>>>
>>>>> + export PATH
>>>>>
>>>>> HTTPD=/usr/sbin//httpd.worker
>>>>> + HTTPD=/usr/sbin//httpd.worker
>>>>>
>>>>> # see if httpd is linked with the openldap libraries - we
need to
>>>>> override them
>>>>> OS=`uname -s`
>>>>> uname -s
>>>>> ++ uname -s
>>>>> + OS=Linux
>>>>> if [ $OS = "Linux" ]; then
>>>>>    hasol=0
>>>>>
>>>>>    /usr/bin/ldd $HTTPD 2>&1 | grep libldap >
/dev/null 2>&1 &&
>>>>> hasol=1
>>>>>
>>>>>    if [ $hasol -eq 1 ] ; then
>>>>>       
LD_PRELOAD="${SERVER_ROOT}/bin/admin/lib/libssl3.so
>>>>> ${SERVER_ROOT}/bin/admin/lib/libldap50.so"
>>>>>        export LD_PRELOAD
>>>>>    fi
>>>>> fi
>>>>> + ''['' Linux = Linux '']''
>>>>> + hasol=0
>>>>> + /usr/bin/ldd /usr/sbin//httpd.worker
>>>>> + grep libldap
>>>>> + hasol=1
>>>>> + ''['' 1 -eq 1 '']''
>>>>> +
LD_PRELOAD=''/opt/fedora-ds/bin/admin/lib/libssl3.so
>>>>> /opt/fedora-ds/bin/admin/lib/libldap50.so''
>>>>> + export LD_PRELOAD
>>>>>
>>>>> $HTTPD -k start -d $ADMSERV_ROOT -f 
>>>>> $ADMSERV_ROOT/config/httpd.conf "$@"
>>>>> + /usr/sbin//httpd.worker -k start -d
/opt/fedora-ds/admin-serv -f
>>>>> /opt/fedora-ds/admin-serv/config/httpd.conf
>>>> So it correctly detects that httpd is linked against openldap
and
>>>> does the LD_PRELOAD.  Next, try turning up the debug level. 
First,
>>>> edit admin-serv/config/httpd.conf and change LogLevel to debug.
>>>> Then, do start-admin -e debug.  There should be a bunch of
stuff in
>>>> admin-serv/logs/error
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> Richard Megginson wrote:
>>>>>> Ian Marks wrote:
>>>>>>> Does anyone have a good idea where I can start
troubleshooting
>>>>>>> the error below.  I get the error when I attempt to
start the
>>>>>>> admin server.  I also posted an error from the
htttpd logs which
>>>>>>> could be related.  I''m running Centos 4.3
with FDS 1.0.2.
>>>>>>>
>>>>>>> /opt/fedora-ds/admin-serv/logs/error
>>>>>>> [Wed Aug 09 18:43:34 2006] [crit] host_ip_init():
PSET failure:
>>>>>>> Failed to create PSET handle (pset error = )
>>>>>>> Configuration Failed
>>>>>> 1) The directory server must be up and running before
attempting
>>>>>> to start the admin server
>>>>>> 2) If the DS is running, what is the output of doing sh
-xv
>>>>>> start-admin?
>>>>>>>
>>>>>>> /var/log/httpd/error_log
>>>>>>> [Wed Aug 09 14:51:56 2006] [notice] LDAP: Built
with OpenLDAP
>>>>>>> LDAP SDK
>>>>>>> [Wed Aug 09 14:51:56 2006] [notice] LDAP: SSL
support unavailable
>>>>>>>
>>>>>>> Thanks,
>>>>>>> Ian
>>>>>>>
>>>>>>> -- 
>>>>>>> Fedora-directory-users mailing list
>>>>>>> Fedora-directory-users@redhat.com
>>>>>>>
https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>>>
------------------------------------------------------------------------
>>>>>>
>>>>>>
>>>>>> -- 
>>>>>> Fedora-directory-users mailing list
>>>>>> Fedora-directory-users@redhat.com
>>>>>>
https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>>>   
>>>>>
>>>>> -- 
>>>>> Fedora-directory-users mailing list
>>>>> Fedora-directory-users@redhat.com
>>>>>
https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>
------------------------------------------------------------------------
>>>>
>>>>
>>>> -- 
>>>> Fedora-directory-users mailing list
>>>> Fedora-directory-users@redhat.com
>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>   
>>>
>>> -- 
>>> Fedora-directory-users mailing list
>>> Fedora-directory-users@redhat.com
>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>
------------------------------------------------------------------------
>>
>> -- 
>> Fedora-directory-users mailing list
>> Fedora-directory-users@redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>   
>
> -- 
> Fedora-directory-users mailing list
> Fedora-directory-users@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>

Fedora directory users - Aug 2006 - Admin Server Failure

[Fedora-directory-users] Admin Server Failure

Re: [Fedora-directory-users] Admin Server Failure

Re: [Fedora-directory-users] Admin Server Failure

Re: [Fedora-directory-users] Admin Server Failure

Re: [Fedora-directory-users] Admin Server Failure

Re: [Fedora-directory-users] Admin Server Failure

Re: [Fedora-directory-users] Admin Server Failure

Re: [Fedora-directory-users] Admin Server Failure

Re: [Fedora-directory-users] Admin Server Failure

Re: [Fedora-directory-users] Admin Server Failure