Dave Augustus wrote: > > > On Tue, 2007-09-11 at 19:56 -0700, Scott Ding wrote: >> /home/dings/fds/alias does exist. I am starting FDS by using start-slapd >> as root user. /home/dings/fds/alias is writable by the server. It looks >> like start-slapd is looking for some certificate under >> /home/dings/fds/alias. I checked the content under /home/dings/alias. It >> contains only one file: libnssckbi.so. >> >> >> >> -----Original Message----- >> From: fedora-directory-users-bounces at redhat.com <mailto:fedora-directory-users-bounces at redhat.com> >> [mailto:fedora-directory-users-bounces at redhat.com <mailto:fedora-directory-users-bounces at redhat.com>] On Behalf Of Richard >> Megginson >> Sent: Tuesday, September 11, 2007 5:56 PM >> To: General discussion list for the Fedora Directory server project. >> Subject: Re: Fedora DS 1.0.4 build on Solaris >> 10? >> >> Scott Ding wrote: >> > I got the FDS installed on Solaris 10 by calling ds_newinst.pl with a >> > inf file. However, when I tried to start the FDS, I got the following >> > error. It looks like I did not set up SSL correctly. Can anyone help? >> > >> > [11/Sep/2007:16:05:13 -0700] - SSL alert: Security Initialization: NSS >> >> > initialization failed (Netscape Portable Runtime error -8174 - >> > security >> > library: bad database.): path: /home/dings/fds/alias/, certdb prefix: >> > slapd-lsctsol06-, keydb prefix: slapd-lsctsol06-. >> > >> Does the directory /home/dings/fds/alias exist? Is it owned by the >> server user? Is it writable by the server user? >> > [11/Sep/2007:16:05:13 -0700] - ERROR: NSS Initialization Failed. >> > >> > -----Original Message----- >> > From: Scott Ding >> > Sent: Tuesday, September 11, 2007 2:50 PM >> > To: General discussion list for the Fedora Directory server project. >> > Subject: RE: Fedora DS 1.0.4 build on Solaris >> >> > 10? >> > >> > Rob, >> > >> > We got the FDS compiled on Solaris 10 with NET-SNMP 5.4.1. The >> > compiled result contains the following files: >> > >> > LICENSE.txt >> > README.txt >> > disktune >> > slapd.tar.gz >> > >> > >> > After I untar slapd.tar.gz, I got the following: >> > >> > alias >> > manual >> > shared >> > bin >> > - slapd >> > - admin >> > - server >> > - install >> > - property >> > -lib >> > lib >> > plugins >> > >> > I checked the Installation Guide. The instructions are based on >> RedHat. >> > Are there any installation instructions based on Solaris? >> > >> > Regards, >> > Scott >> > >> > >> > >> > >> > -----Original Message----- >> > From: fedora-directory-users-bounces at redhat.com <mailto:fedora-directory-users-bounces at redhat.com> >> > [mailto:fedora-directory-users-bounces at redhat.com <mailto:fedora-directory-users-bounces at redhat.com>] On Behalf Of Rob >> > Crittenden >> > Sent: Tuesday, September 11, 2007 7:25 AM >> > To: General discussion list for the Fedora Directory server project. >> > Subject: Re: Fedora DS 1.0.4 build on Solaris >> >> > 10? >> > >> > Scott Ding wrote: >> > >> >> Has anyone built Fedora DS 1.0.4 on Solaris 10 (SPARC 32bit)? >> >> >> >> >> > >> > In theory this should work ok. >> > >> > I spent a little time many months ago to try to build it on Solaris 10 >> > x86 and nearly got there before running out of time and I never got >> > back to it because I needed to reclaim the disk space :-( >> > >> > I would recommend the manual build process defined at >> > http://directory.fedoraproject.org/wiki/Building . I would avoid the >> > "one-step build" because I suspect this is going to be very iterative >> > and while the auto-fetching is nice developing in that environment >> > just adds another layer of pain. >> > >> > It is possible to build on Solaris with gcc, the trick is figuring out >> >> > the magic to tell the various components to use it. I think things >> > like NSS, NSPR and FDS itself use the env variable NS_USE_GCC. Set >> > that to 1 and give it a go. There may be other tweaks required. >> > >> > And note that the manual instructions just cover the server itself. >> > For console, the plugins, etc there is more to do. >> > >> > rob >> > >> > >> > -- >> > Fedora-directory-users mailing list >> > Fedora-directory-users at redhat.com <mailto:Fedora-directory-users at redhat.com> >> > https://www.redhat.com/mailman/listinfo/fedora-directory-users >> > >> >> >> >> -- >> Fedora-directory-users mailing list >> Fedora-directory-users at redhat.com <mailto:Fedora-directory-users at redhat.com> >> https://www.redhat.com/mailman/listinfo/fedora-directory-users > > My guess is that you just need to create the cert files. Look for the > certutil-bin binary in /opt/fedora-ds/shared/bin (no clue where on > Solaris). Do certutil-bin -h . The cert db files will need to be named > appropriately and located in alias. Something like: > slapd-lsctsol06-key3.db > slapd-lsctsol06-cert8.db > Also, I think that secmod.db is needed but I don't know what it contains. Solaris should already have certutil. You need to run something like: # certutil -N -d /home/dings/fds/alias -P slapd-lsctsol06- Note that there is a trailing dash. This is important. You'll be prompted to set a security password. Enter one or just press ENTER twice to not set one. That should do the trick. rob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3245 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20070912/a56df4f0/attachment.bin
