[Fedora-directory-users] Admin Server Failure
Richard Megginson
rmeggins at redhat.com
Wed Aug 9 19:39:59 UTC 2006
Ian Marks wrote:
> Here is the last few lines from the error log after enabling debug.
>
>
> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428):
> populate_tasks_from_server(): Added task entry
> [cn=htmladmin,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora
> administration server,cn=server
> group,cn=cac.example.com,ou=example.com,o=netscaperoot:htmladmin:] for
> user [LocalSuper]
> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428):
> populate_tasks_from_server(): Added task entry
> [cn=statpingserv,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora
> administration server,cn=server
> group,cn=cac.example.com,ou=example.com,o=netscaperoot:statpingserv:]
> for user [LocalSuper]
> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428):
> populate_tasks_from_server(): Added task entry
> [cn=viewdata,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora
> administration server,cn=server
> group,cn=cac.example.com,ou=example.com,o=netscaperoot:viewdata:] for
> user [LocalSuper]
> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428):
> populate_tasks_from_server(): Added task entry
> [cn=viewlog,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora
> administration server,cn=server
> group,cn=cac.example.com,ou=example.com,o=netscaperoot:viewlog:] for
> user [LocalSuper]
> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428):
> populate_tasks_from_server(): Added task entry
> [cn=monreplication,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora
> administration server,cn=server
> group,cn=cac.example.com,ou=example.com,o=netscaperoot:monreplication:]
> for user [LocalSuper]
> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428):
> populate_tasks_from_server(): Added task entry
> [cn=repl-monitor-cgi.pl,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora
> administration server,cn=server
> group,cn=cac.example.com,ou=example.com,o=netscaperoot:repl-monitor-cgi.pl:]
> for user [LocalSuper]
> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428):
> populate_tasks_from_server(): Added task entry
> [cn=sync-task-sie-data,cn=commands,cn=admin-serv-cac,cn=fedora
> administration server,cn=server
> group,cn=cac.example.com,ou=example.com,o=netscaperoot:runtime:] for
> user [LocalSuper]
> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428):
> populate_tasks_from_server(): Added task entry
> [cn=change-sie-password,cn=commands,cn=admin-serv-cac,cn=fedora
> administration server,cn=server
> group,cn=cac.example.com,ou=example.com,o=netscaperoot:runtime:] for
> user [LocalSuper]
> [Wed Aug 09 19:22:22 2006] [crit] host_ip_init(): PSET failure: Failed
> to create PSET handle (pset error = )
Hm - just pset? The other ldap stuff is working fine. Please post your
admin-serv/config/adm.conf and shared/config/dbswitch.conf - be sure to
obscure any sensitive information first.
>
>
> Ian
>
> Richard Megginson wrote:
>> Ian Marks wrote:
>>> I have the following ssl packages installed.
>>> rpm -qa |grep ssl
>>> openssl-0.9.7a-43.8
>>> mod_ssl-2.0.52-22.ent.centos4
>>> openssl-devel-0.9.7a-43.8
>>> xmlsec1-openssl-1.2.6-3
>>>
>>> The directory server is running and appears to be working
>>> correctly. Several other hosts are able to authenticate via pam
>>> against this DS server. Here is the output of "sh -xv start-admin",
>>> minus the copyright stuff:
>>>
>>> SERVER_ROOT=/opt/fedora-ds ; export SERVER_ROOT
>>> + SERVER_ROOT=/opt/fedora-ds
>>> + export SERVER_ROOT
>>> NETSITE_ROOT=$SERVER_ROOT ; export NETSITE_ROOT
>>> + NETSITE_ROOT=/opt/fedora-ds
>>> + export NETSITE_ROOT
>>> ADMSERV_ROOT=$SERVER_ROOT/admin-serv ; export ADMSERV_ROOT
>>> + ADMSERV_ROOT=/opt/fedora-ds/admin-serv
>>> + export ADMSERV_ROOT
>>>
>>> unset PASSWORD_PIPE
>>> + unset PASSWORD_PIPE
>>>
>>> LD_LIBRARY_PATH=${SERVER_ROOT}/bin/admin/lib:${SERVER_ROOT}/lib:${LD_LIBRARY_PATH};export
>>> LD_LIBRARY_PATH
>>> + LD_LIBRARY_PATH=/opt/fedora-ds/bin/admin/lib:/opt/fedora-ds/lib:
>>> + export LD_LIBRARY_PATH
>>> LIBPATH=${LD_LIBRARY_PATH}:${LIBPATH}:/usr/threads/lib:/usr/ibmcxx/lib:/usr/lib:/lib;
>>> export LIBPATH
>>> +
>>> LIBPATH=/opt/fedora-ds/bin/admin/lib:/opt/fedora-ds/lib:::/usr/threads/lib:/usr/ibmcxx/lib:/usr/lib:/lib
>>>
>>> + export LIBPATH
>>> SHLIB_PATH=${LD_LIBRARY_PATH}:${SHLIB_PATH}; export SHLIB_PATH
>>> + SHLIB_PATH=/opt/fedora-ds/bin/admin/lib:/opt/fedora-ds/lib::
>>> + export SHLIB_PATH
>>>
>>> NS_SERVER_HOME=${SERVER_ROOT}; export NS_SERVER_HOME
>>> + NS_SERVER_HOME=/opt/fedora-ds
>>> + export NS_SERVER_HOME
>>> PATH=${SERVER_ROOT}/bin/admin/bin:${PATH}; export PATH
>>> +
>>> PATH=/opt/fedora-ds/bin/admin/bin:/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/root/bin
>>>
>>> + export PATH
>>>
>>> HTTPD=/usr/sbin//httpd.worker
>>> + HTTPD=/usr/sbin//httpd.worker
>>>
>>> # see if httpd is linked with the openldap libraries - we need to
>>> override them
>>> OS=`uname -s`
>>> uname -s
>>> ++ uname -s
>>> + OS=Linux
>>> if [ $OS = "Linux" ]; then
>>> hasol=0
>>>
>>> /usr/bin/ldd $HTTPD 2>&1 | grep libldap > /dev/null 2>&1 && hasol=1
>>>
>>> if [ $hasol -eq 1 ] ; then
>>> LD_PRELOAD="${SERVER_ROOT}/bin/admin/lib/libssl3.so
>>> ${SERVER_ROOT}/bin/admin/lib/libldap50.so"
>>> export LD_PRELOAD
>>> fi
>>> fi
>>> + '[' Linux = Linux ']'
>>> + hasol=0
>>> + /usr/bin/ldd /usr/sbin//httpd.worker
>>> + grep libldap
>>> + hasol=1
>>> + '[' 1 -eq 1 ']'
>>> + LD_PRELOAD='/opt/fedora-ds/bin/admin/lib/libssl3.so
>>> /opt/fedora-ds/bin/admin/lib/libldap50.so'
>>> + export LD_PRELOAD
>>>
>>> $HTTPD -k start -d $ADMSERV_ROOT -f $ADMSERV_ROOT/config/httpd.conf
>>> "$@"
>>> + /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f
>>> /opt/fedora-ds/admin-serv/config/httpd.conf
>> So it correctly detects that httpd is linked against openldap and
>> does the LD_PRELOAD. Next, try turning up the debug level. First,
>> edit admin-serv/config/httpd.conf and change LogLevel to debug.
>> Then, do start-admin -e debug. There should be a bunch of stuff in
>> admin-serv/logs/error
>>>
>>>
>>>
>>>
>>> Richard Megginson wrote:
>>>> Ian Marks wrote:
>>>>> Does anyone have a good idea where I can start troubleshooting the
>>>>> error below. I get the error when I attempt to start the admin
>>>>> server. I also posted an error from the htttpd logs which could
>>>>> be related. I'm running Centos 4.3 with FDS 1.0.2.
>>>>>
>>>>> /opt/fedora-ds/admin-serv/logs/error
>>>>> [Wed Aug 09 18:43:34 2006] [crit] host_ip_init(): PSET failure:
>>>>> Failed to create PSET handle (pset error = )
>>>>> Configuration Failed
>>>> 1) The directory server must be up and running before attempting to
>>>> start the admin server
>>>> 2) If the DS is running, what is the output of doing sh -xv
>>>> start-admin?
>>>>>
>>>>> /var/log/httpd/error_log
>>>>> [Wed Aug 09 14:51:56 2006] [notice] LDAP: Built with OpenLDAP LDAP
>>>>> SDK
>>>>> [Wed Aug 09 14:51:56 2006] [notice] LDAP: SSL support unavailable
>>>>>
>>>>> Thanks,
>>>>> Ian
>>>>>
>>>>> --
>>>>> Fedora-directory-users mailing list
>>>>> Fedora-directory-users at redhat.com
>>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>> ------------------------------------------------------------------------
>>>>
>>>>
>>>> --
>>>> Fedora-directory-users mailing list
>>>> Fedora-directory-users at redhat.com
>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>
>>>
>>> --
>>> Fedora-directory-users mailing list
>>> Fedora-directory-users at redhat.com
>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>> ------------------------------------------------------------------------
>>
>> --
>> Fedora-directory-users mailing list
>> Fedora-directory-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3178 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20060809/2cc267ae/attachment.bin>
More information about the 389-users
mailing list