FDS 1.0 console problem

rmeggins at redhat.com (Richard Megginson) · Wed, 07 Dec 2005 08:26:48 -0700

Ok, that's the problem.  You need to edit your start-admin script.  See 
below inline:

Taymour A. El Erian wrote:

>Richard Megginson wrote:
>
>  
>
>>Hmm - can you post your /opt/fedora-ds/start-admin script?
>>    
>>
>
>
>Here is the script
>
>SERVER_ROOT=/opt/fedora-ds ; export SERVER_ROOT
>NETSITE_ROOT=$SERVER_ROOT ; export NETSITE_ROOT
>ADMSERV_ROOT=$SERVER_ROOT/admin-serv ; export ADMSERV_ROOT
>
>unset PASSWORD_PIPE
>
>LD_LIBRARY_PATH=${SERVER_ROOT}/bin/admin/lib:${SERVER_ROOT}/lib:${LD_LIBRARY_PATH};export
>LD_LIBRARY_PATH
>LIBPATH=${LD_LIBRARY_PATH}:${LIBPATH}:/usr/threads/lib:/usr/ibmcxx/lib:/usr/lib:/lib;
>export LIBPATH
>SHLIB_PATH=${LD_LIBRARY_PATH}:${SHLIB_PATH}; export SHLIB_PATH
>
>NS_SERVER_HOME=${SERVER_ROOT}; export NS_SERVER_HOME
>PATH=${SERVER_ROOT}/bin/admin/bin:${PATH}; export PATH
>
>HTTPD=/usr/sbin//httpd.worker
>
># see if httpd is linked with the openldap libraries - we need to
>override them
>OS=`uname -s`
>if [ $OS = "Linux" ]; then
>    hasol=0
>
>    /usr/bin/ldd $HTTPD 2>&1 | grep libldap- > /dev/null 2>&1 && hasol=1
>  
>
Change "libldap-" to "libldap" in the above line.

>    if [ $hasol -eq 1 ] ; then
>        LD_PRELOAD="${SERVER_ROOT}/bin/admin/lib/libssl3.so
>${SERVER_ROOT}/bin/admin/lib/libldap50.so"
>        export LD_PRELOAD
>    fi
>fi
>
>$HTTPD -k start -d $ADMSERV_ROOT -f $ADMSERV_ROOT/config/httpd.conf "$@"
>  
>
The problem is that the Apache binary is linked with the openldap 
libraries.  Our admin server module is linked with the moz ldap sdk 
which is included with FDS.  Unfortunately, without the LD_PRELOAD, the 
admin server module resolves those ldap symbols from the ol libs linked 
into Apache.

Q: So, why not just use the openldap libs?
A: Because we require the use of NSS for crypto.  openldap does not 
support NSS.

>  
>
>>Taymour A. El Erian wrote:
>>
>>    
>>
>>>Richard Megginson wrote:
>>>
>>> 
>>>
>>>      
>>>
>>>>Where is your Apache binary?  Is it /usr/sbin/httpd.worker?  If you do
>>>>ldd /usr/bin/httpd.worker, do you see a link to libldap?
>>>>
>>>>  
>>>>        
>>>>
>>>Here it is
>>>
>>>ldd /usr/sbin/httpd.worker |grep ldap
>>>libldap.so.2 => //usr/lib/libldap.so.2 (0x001fd000)
>>>
>>>
>>> 
>>>
>>>      
>>>
>>>>Taymour A. El Erian wrote:
>>>>
>>>>  
>>>>
>>>>        
>>>>
>>>>>Hi,
>>>>>
>>>>>  I have just downloaded FDS 1.0 to my FC2 box for testing (thinking
>>>>>of moving from OpenLDAP). I started the setup (tried the 3 modes) and
>>>>>finished the installation but unfortunately I am unable to login to
>>>>>the
>>>>>console and I have the following errors in the log
>>>>>
>>>>>[Mon Dec 05 11:20:02 2005] [crit] openLDAPConnection():
>>>>>ldap_set_option
>>>>>failed to disable cache for :148841712
>>>>>[Mon Dec 05 11:20:02 2005] [warn] Unable to open initial
>>>>>LDAPConnection
>>>>>to populate LocalAdmin tasks into cache.
>>>>>[Mon Dec 05 11:20:10 2005] [crit] openLDAPConnection():
>>>>>ldap_set_option
>>>>>failed to disable cache for :145712368
>>>>>[Mon Dec 05 11:20:10 2005] [warn] Unable to open initial
>>>>>LDAPConnection
>>>>>to populate LocalAdmin tasks into cache.
>>>>>[Mon Dec 05 11:20:11 2005] [crit] openLDAPConnection():
>>>>>ldap_set_option
>>>>>failed to disable cache for :156321008
>>>>>[Mon Dec 05 11:20:11 2005] [warn] Unable to open initial
>>>>>LDAPConnection
>>>>>to populate LocalAdmin tasks into cache.
>>>>>[Mon Dec 05 11:20:12 2005] [crit] openLDAPConnection():
>>>>>ldap_set_option
>>>>>failed to disable cache for :141018352
>>>>>[Mon Dec 05 11:20:12 2005] [warn] Unable to open initial
>>>>>LDAPConnection
>>>>>to populate LocalAdmin tasks into cache.
>>>>>[Mon Dec 05 11:20:13 2005] [crit] openLDAPConnection():
>>>>>ldap_set_option
>>>>>failed to disable cache for :144086256
>>>>>[Mon Dec 05 11:20:13 2005] [warn] Unable to open initial
>>>>>LDAPConnection
>>>>>to populate LocalAdmin tasks into cache.
>>>>>[Mon Dec 05 11:20:14 2005] [crit] openLDAPConnection():
>>>>>ldap_set_option
>>>>>failed to disable cache for :163882224
>>>>>[Mon Dec 05 11:20:14 2005] [warn] Unable to open initial
>>>>>LDAPConnection
>>>>>to populate LocalAdmin tasks into cache.
>>>>>[Mon Dec 05 11:20:16 2005] [crit] openLDAPConnection():
>>>>>ldap_set_option
>>>>>failed to disable cache for :161109232
>>>>>[Mon Dec 05 11:20:16 2005] [warn] Unable to open initial
>>>>>LDAPConnection
>>>>>to populate LocalAdmin tasks into cache.
>>>>>[Mon Dec 05 11:20:45 2005] [crit] openLDAPConnection():
>>>>>ldap_set_option
>>>>>failed to disable cache for :144094448
>>>>>[Mon Dec 05 11:20:45 2005] [warn] Unable to open initial
>>>>>LDAPConnection
>>>>>to populate LocalAdmin tasks into cache.
>>>>>[Mon Dec 05 11:20:47 2005] [crit] openLDAPConnection():
>>>>>ldap_set_option
>>>>>failed to disable cache for :152855792
>>>>>[Mon Dec 05 11:20:47 2005] [warn] Unable to open initial
>>>>>LDAPConnection
>>>>>to populate LocalAdmin tasks into cache.
>>>>>[Mon Dec 05 11:20:49 2005] [crit] openLDAPConnection():
>>>>>ldap_set_option
>>>>>failed to disable cache for :163517680
>>>>>[Mon Dec 05 11:20:49 2005] [warn] Unable to open initial
>>>>>LDAPConnection
>>>>>to populate LocalAdmin tasks into cache.
>>>>>[Mon Dec 05 11:21:37 2005] [crit] openLDAPConnection():
>>>>>ldap_set_option
>>>>>failed to disable cache for :145147120
>>>>>[Mon Dec 05 11:21:37 2005] [warn] Unable to open initial
>>>>>LDAPConnection
>>>>>to populate LocalAdmin tasks into cache.
>>>>>[Mon Dec 05 11:21:55 2005] [crit] openLDAPConnection():
>>>>>ldap_set_option
>>>>>failed to disable cache for :152823024
>>>>>[Mon Dec 05 11:21:55 2005] [warn] Unable to open initial
>>>>>LDAPConnection
>>>>>to populate LocalAdmin tasks into cache.
>>>>>[Mon Dec 05 11:21:56 2005] [crit] openLDAPConnection():
>>>>>ldap_set_option
>>>>>failed to disable cache for :152845528
>>>>>[Mon Dec 05 11:21:56 2005] [warn] Unable to open initial
>>>>>LDAPConnection
>>>>>to populate LocalAdmin tasks into cache.
>>>>>[Mon Dec 05 11:21:56 2005] [notice] Apache/2.0 configured -- resuming
>>>>>normal operations
>>>>>[Mon Dec 05 11:22:39 2005] [notice] [client 212.103.165.84]
>>>>>admserv_host_ip_check: Unauthorized host ip=xxx.xxx.xxx.xxx connection
>>>>>rejected
>>>>>
>>>>>xxx.xxx.xxx.xxx is my ip address (both the server and console run
>>>>>on it)
>>>>>
>>>>>Any help ?
>>>>>
>>>>>
>>>>>
>>>>>    
>>>>>          
>>>>>
>>>>------------------------------------------------------------------------
>>>>
>>>>
>>>>-- 
>>>>Fedora-directory-users mailing list
>>>>Fedora-directory-users at redhat.com
>>>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>
>>>>
>>>>  
>>>>        
>>>>
>>>
>>> 
>>>
>>>      
>>>
>>------------------------------------------------------------------------
>>
>>--
>>Fedora-directory-users mailing list
>>Fedora-directory-users at redhat.com
>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>> 
>>
>>    
>>
>
>
>  
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3178 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20051207/542cc91c/attachment.bin 