On 01/02/2016 11:06 PM, David Barr wrote:
Good Morning, I’m experimenting with upgrading 389DS to 1.3.4.0-21.el7_2 on CentOS 7 (I neglected to note what version I had previously). `setup-ds-admin.pl —upgrade` can’t connect to the admin server. Oh look, it’s not running! And, to make this more fun, it may not have been running before the upgrade… This is what I went through, trying to start the Admin Server… I’m chopping the “systemctl restart” and “systemctl status” commands…. ``` Jan 02 21:26:34 $HOSTNAME systemd[1]: Starting 389 Administration Server.... Jan 02 21:26:34 $HOSTNAME httpd[1076]: (2)No such file or directory: AH02291: Cannot access directory '/var/log/dirsrv/admin-serv/' for main error log Jan 02 21:26:34 $HOSTNAME httpd[1076]: AH00014: Configuration check failed Jan 02 21:26:34 $HOSTNAME systemd[1]: dirsrv-admin.service: control process exited, code=exited status=1 Jan 02 21:26:34 $HOSTNAME systemd[1]: Failed to start 389 Administration Server.. Jan 02 21:26:34 $HOSTNAME systemd[1]: Unit dirsrv-admin.service entered failed state. Jan 02 21:26:34 $HOSTNAME systemd[1]: dirsrv-admin.service failed. ``` Well, that’s easy to fix… ``` [root@$HOSTNAME ~]# mkdir -p /var/log/dirsrv/admin-serv/ ``` Try again… ``` Jan 02 21:27:22 $HOSTNAME systemd[1]: Starting 389 Administration Server.... Jan 02 21:27:22 $HOSTNAME httpd[1204]: (13)Permission denied: AH00072: make_sock: could not bind to address 0.0.0.0:9830 Jan 02 21:27:22 $HOSTNAME httpd[1204]: no listening sockets available, shutting down Jan 02 21:27:22 $HOSTNAME httpd[1204]: AH00015: Unable to open logs Jan 02 21:27:22 $HOSTNAME systemd[1]: dirsrv-admin.service: control process exited, code=exited status=1 Jan 02 21:27:22 $HOSTNAME systemd[1]: Failed to start 389 Administration Server.. Jan 02 21:27:22 $HOSTNAME systemd[1]: Unit dirsrv-admin.service entered failed state. Jan 02 21:27:22 $HOSTNAME systemd[1]: dirsrv-admin.service failed. ``` Slightly more challenging, but SELinux is “enforcing,” so let’s try fixing that… ``` [root@$HOSTNAME ~]# semanage port -a -t http_port_t -p tcp 9830 ``` That seems to have fixed the binding port problem, because systemd just notes a failure to start, and I had to go look in the error log... ``` Jan 02 21:32:12 $HOSTNAME systemd[1]: Starting 389 Administration Server.... Jan 02 21:32:12 $HOSTNAME systemd[1]: dirsrv-admin.service: control process exited, code=exited status=1 Jan 02 21:32:12 $HOSTNAME systemd[1]: Failed to start 389 Administration Server.. Jan 02 21:32:12 $HOSTNAME systemd[1]: Unit dirsrv-admin.service entered failed state. Jan 02 21:32:12 $HOSTNAME systemd[1]: dirsrv-admin.service failed. [root@$HOSTNAME ~]# cat /var/log/dirsrv/admin-serv/error [Sat Jan 02 21:32:12.628586 2016] [core:notice] [pid 1497:tid $THREAD] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0 [Sat Jan 02 21:32:12.629960 2016] [:warn] [pid 1497:tid $THREAD] NSSSessionCacheTimeout is deprecated. Ignoring. [Sat Jan 02 21:32:12.630027 2016] [:crit] [pid 1497:tid $THREAD] do_admserv_post_config(): unable to create AdmldapInfo AH00016: Configuration Failed ``` And here, Google fails me. Is this fixable short of bailing out and reinstalling 389DS from scratch? (Also, would you like a bug on the missing log directory? If so, where would you like me to write it? Would you like an Enhancement Request to check SELinux and offer to open port 9830 to httpd?)
We'll need to know what platform/version you are upgrading from, because there is not supposed to be a missing log directory, and the SELinux labels are already supposed to be provided. In order for us to fix this issue, we need to know how to reproduce it.
Thanks! David -- David - Offbeat dafydd - Online http://pgp.mit.edu/ ----5----1----5----2----5----3----5----4----5----5----5----6----5----7-- Pavlov walks into a bar. The phone rings and he says, "Damn! I forgot to feed the dog!" -- 389 users mailing list 389-users@%(host_name)s http://lists.fedoraproject.org/admin/lists/389-users@xxxxxxxxxxxxxxxxxxxxxxx
-- 389 users mailing list 389-users@%(host_name)s http://lists.fedoraproject.org/admin/lists/389-users@xxxxxxxxxxxxxxxxxxxxxxx
