Richard Hesse wrote: > ps -ef | grep httpd > root 2231 1 0 19:12 ? 00:00:00 /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f /opt/fedora-ds/admin-serv/config/httpd.conf > root 2317 2231 0 19:12 ? 00:00:00 /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f /opt/fedora-ds/admin-serv/config/httpd.conf > nobody 2320 2231 0 19:12 ? 00:00:00 /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f /opt/fedora-ds/admin-serv/config/httpd.conf > root 4830 2425 0 21:58 pts/0 00:00:00 grep httpd > > # ls -al /opt/fedora-ds/admin-serv/logs /opt/fedora-ds/admin-serv/config > /opt/fedora-ds/admin-serv/config: > total 84 > drwxr-xr-x 2 nobody nobody 4096 Oct 5 18:31 . > drwxr-xr-x 6 root root 4096 Sep 27 03:24 .. > -rw-r--r-- 1 root root 0 Oct 5 18:31 Admin > -rw------- 1 nobody nobody 350 Sep 27 03:24 adm.conf > -rw------- 1 nobody nobody 54 Sep 27 03:24 admpw > -rw------- 1 root root 4598 Sep 27 03:24 admserv.conf > -rw------- 1 nobody nobody 3733 Sep 27 03:24 console.conf > -rw------- 1 root root 26784 Sep 27 03:24 httpd.conf > -rw-r--r-- 1 root root 16632 Oct 5 05:07 local.conf > -rw------- 1 nobody nobody 4573 Sep 27 03:24 nss.conf > > /opt/fedora-ds/admin-serv/logs: > total 1652 > drwxr-xr-x 2 root root 4096 Oct 8 21:59 . > drwxr-xr-x 6 root root 4096 Sep 27 03:24 .. > -rw-r--r-- 1 root root 500844 Oct 5 04:59 access > srwx------ 1 nobody root 0 Oct 8 19:12 cgisock.2231 > -rw-r--r-- 1 root root 1164192 Oct 8 19:12 error > -rw-r--r-- 1 root root 5 Oct 8 19:12 pid > > cat /opt/fedora-ds/shared/config/dbswitch.conf > directory default ldap://localhost:22000/o%3DNetscapeRoot > > cat /opt/fedora-ds/admin-serv/config/adm.conf > ldapHost: localhost > ldapPort: 22000 > sie: cn=admin-serv-$host, cn=Fedora Administration Server, cn=Server Group,$host,ou=$domain,o=NetscapeRoot > userdn: cn=directory manager > isie: cn=Fedora Administration Server, cn=Server Group,cn=$host,ou=$domain,o=NetscapeRoot > port: 22628 > > Upon later inspection of the admin-serv error logs, I noticed this: > > [Mon Oct 08 19:12:40 2007] [warn] Unable to bind as LocalAdmin to populate LocalAdmin tasks into cache. > Looks like there are some permissions problems. local.conf should be owned by nobody. What is the setting for User in console.conf? Have you changed any settings or admin user names or passwords? > -richard > > > -----Original Message----- > From: fedora-directory-users-bounces at redhat.com [mailto:fedora-directory-users-bounces at redhat.com] On Behalf Of Richard Megginson > Sent: Monday, October 08, 2007 2:16 PM > To: General discussion list for the Fedora Directory server project. > Subject: Re: slapi search internal errors popping up in error log > > Richard Hesse wrote: > >> Nothing really informative in the admin server logs. Just the 500's being recorded: >> >> 10.69.66.9 - cn=directory manager [08/Oct/2007:17:51:56 +0000] "POST >> /admin-serv/tasks/configuration/SecurityOp HTTP/1.0" 500 620 >> >> > ps -ef|grep httpd > ls -al /opt/fedora-ds/admin-serv/logs /opt/fedora-ds/admin-serv/config # do the following only after obscuring any sensitive data cat /opt/fedora-ds/shared/config/dbswitch.conf > cat /opt/fedora-ds/admin-serv/config/adm.conf > >> -richard >> >> -----Original Message----- >> From: fedora-directory-users-bounces at redhat.com >> [mailto:fedora-directory-users-bounces at redhat.com] On Behalf Of >> Richard Megginson >> Sent: Monday, October 08, 2007 11:09 AM >> To: General discussion list for the Fedora Directory server project. >> Subject: Re: slapi search internal errors >> popping up in error log >> >> Richard Hesse wrote: >> >> >>> No, we're not using client certs but that doesn't preclude someone using their own certs. >>> >>> No certmap.conf in the instance directory and it looks like the shared one is stock: >>> cat certmap.conf | grep -v "#" >>> certmap default default >>> >>> The error from the configuration tab is just a generic 500. No additional text in the dialog nor in the logs. >>> >>> >>> >> Check the admin server access and error log - >> /opt/fedora-ds/admin-serv/logs >> >> >>> Alias directory: >>> drwxr-xr-x 2 nobody nobody 4096 Oct 8 17:42 . >>> drwxr-xr-x 15 root root 4096 Oct 8 17:42 .. >>> -rwxr-xr-x 1 root nobody 347368 Oct 6 00:22 libnssckbi.so >>> -rw------- 1 nobody nobody 16384 Oct 6 00:24 secmod.db >>> -rw------- 1 nobody nobody 65536 Oct 6 00:22 slapd-fds-cert8.db >>> -rw------- 1 nobody nobody 16384 Oct 6 00:22 slapd-fds-key3.db >>> -r-------- 1 nobody nobody 41 Oct 6 00:22 slapd-fds-pin.txt >>> >>> >>> Thanks in advance. >>> >>> -richard >>> >>> -----Original Message----- >>> From: fedora-directory-users-bounces at redhat.com >>> [mailto:fedora-directory-users-bounces at redhat.com] On Behalf Of >>> Richard Megginson >>> Sent: Saturday, October 06, 2007 1:46 PM >>> To: General discussion list for the Fedora Directory server project. >>> Subject: Re: slapi search internal errors >>> popping up in error log >>> >>> Richard Hesse wrote: >>> >>> >>> >>>> [06/Oct/2007:00:24:51 +0000] - slapi_search_internal >>>> ("CN=fds1.sv.powerset.com, OU=Domain Control Validated, >>>> O=fds1.sv.powerset.com", subtree, objectclass=*) err 32 >>>> >>>> >>>> >>>> I'm guessing that this is cert related, but the TLS/SSL operations >>>> are working fine. >>>> >>>> >>>> >>>> >>> Are you using client cert based authentication? >>> >>> cat /opt/fedora-ds/slapd-instance/config/certmap.conf >>> /opt/fedora-ds/shared/config/certmap.conf >>> >>> >>> >>>> However, I noticed that I can no longer view the encryption tab for >>>> this server in the console. >>>> >>>> >>>> >>>> >>> What error do you get when you try to view the encryption tab? >>> >>> ls -al /opt/fedora-ds/alias >>> >>> >>> >>>> Any ideas what this error means or how to fix it? >>>> >>>> >>>> >>>> Thanks. >>>> >>>> >>>> >>>> -richard >>>> >>>> -------------------------------------------------------------------- >>>> - >>>> - >>>> -- >>>> >>>> -- >>>> Fedora-directory-users mailing list >>>> Fedora-directory-users at redhat.com >>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>>> >>>> >>>> >>>> >>> -- >>> Fedora-directory-users mailing list >>> Fedora-directory-users at redhat.com >>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>> >>> >>> >> -- >> Fedora-directory-users mailing list >> Fedora-directory-users at redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> > > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3245 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20071008/53804fd2/attachment.bin
