smedev:what_is_not_working_on_el6

What's not working with EL6

  • mod_ssl is not installed (should be listed as a requirement for e-smith-apache)
yum install mod_ssl
  • mod_auth_tkt used to provide the perl Apache::AuthTkt module. It's not the case anymore so this module is now missing, preventing the server-manager to load. A standalone perl-Apache-AuthTkt rpm is available on repoforge
  • perl-suidperl is not installed (should be added as required by e-smith-manager)
yum install perl-suidperl
  • after fixing those two issues, we get a blank page after login on the server-manager, logs (admin_error_log) print the following error:
[Fri Jan 25 22:59:23 2013] [error] [client 127.0.0.1] Can't locate object method "host" via package "URI::_generic" at /etc/e-smith/web/common/cgi-bin/login line 162., referer: https://192.168.7.154/server-common/cgi-bin/login?redirect=1&back=http%253a%252f%252f192.168.7.154%252fserver-manager%252f
  • If we try to access the server-manager again, it's working (as we already have our cookie). It's just the redirection after the login which is broken
  • squid doesn't start, and the folowwing errors are printed in /var/log/messages
2013/01/25 22:17:35| WARNING: -D command-line option is obsolete.
2013/01/25 22:17:35| ERROR: '0.0.0.0/0.0.0.0' needs to be replaced by the term 'all'.
2013/01/25 22:17:35| SECURITY NOTICE: Overriding config setting. Using 'all' instead.
2013/01/25 22:17:35| WARNING: (B) '::/0' is a subnetwork of (A) '::/0'
2013/01/25 22:17:35| WARNING: because of this '::/0' is ignored to keep splay tree searching predictable
2013/01/25 22:17:35| WARNING: You should probably remove '::/0' from the ACL named 'all'
2013/01/25 22:17:35| WARNING: Netmasks are deprecated. Please use CIDR masks instead.
2013/01/25 22:17:35| WARNING: IPv4 netmasks are particularly nasty when used to compare IPv6 to IPv4 ranges.
2013/01/25 22:17:35| WARNING: For now we will assume you meant to write /24
2013/01/25 22:17:35| WARNING: Netmasks are deprecated. Please use CIDR masks instead.
2013/01/25 22:17:35| WARNING: IPv4 netmasks are particularly nasty when used to compare IPv6 to IPv4 ranges.
2013/01/25 22:17:35| WARNING: For now we will assume you meant to write /24
2013/01/25 22:17:35| ERROR: Directive 'extension_methods' is obsolete.

So several problems here:

  • We need to remove the -D arg from /var/services/squid/run
  • We need to remove the file /etc/e-smith/templates/etc/squid/squid.conf/20ACL00all (which just contains acl all src 0.0.0.0/0.0.0.0 and is not needed anymore)
  • we need to convert acl in CIDR notation (for now, they are retrieved using esmith::NetworksDB::local_access_spec, which doesn't support cidr)
  • we need to remove /etc/e-smith/templates/etc/squid/squid.conf/35extension_methods (extensionmethods is not supported anymore as it was not usefull anymore)
  • user created during clamd installation is now clam (used to be clamav), templates for /etc/clamd.conf need to be adjusted
  • DatabaseDirectory is now /var/lib/clamav (used to be /var/clamav), templates for /etc/clamd.conf need to be adjusted
  • LocalSocket should now be /var/run/clamav/clamd.socket (use to be /var/clamav/clamd.socket), templates for /etc/clamd.conf need to be adjusted
  • Permissions on /var/spool/qpsmtpd/ (provided by smeserver-qpsmtpd) should also be adjusted (clam instead of clamav group)
@400000005102ec023094f554 Can't locate Qpsmtpd/TcpServer.pm in @INC (@INC contains: lib /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5) at /usr/bin/qpsmtpd-forkserver line 13.
@400000005102ec023094fd24 BEGIN failed--compilation aborted at /usr/bin/qpsmtpd-forkserver line 13

We should rebuild qpsmtpd with a simple spec file change to use /usr/share/perl5/vendor_perl instead of /usr/lib/perl5/site_perl

  • radiusd doesn't start with this error
radiusd: Error: No log destination specified
  • To fix this error, we need to add “-l stdout” as argument to radiusd in /var/service/radiusd/run
  • After that, the following error occures:
@400000005103145934920bc4 Sat Jan 26 00:25:03 2013 : Info: Starting - reading configuration files ...
@400000005103145937a239c4 Sat Jan 26 00:25:03 2013 : Error: /etc/raddb/radiusd.conf[115]: Failed to link to module 'rlm_ldap': file not found 
@400000005103145937a2c27c Sat Jan 26 00:25:03 2013 : Error: /etc/raddb/radiusd.conf[177]: Failed to load module "ldap".
@400000005103145937a2fd14 Sat Jan 26 00:25:03 2013 : Error: /etc/raddb/radiusd.conf[177]: Failed to parse "ldap" entry.
@400000005103145937a39954 Sat Jan 26 00:25:03 2013 : Error: Failed to load virtual server <default>
  • To fix this, we have to install freeradius-ldap, which is now in its own package (freeradius-ldap should be added as required by e-smith-radiusd)
  • openldap-servers is not installed (missing a Requires: openldap-servers in e-smith-ldap's spec file)
  • we need to add -f /etc/openldap/slapd.conf arg when launching slapd (in /var/service/ldap/run), or it will try to convert this file the the new slapd.d style
  • schema file /etc/openldap/schema/redhat/autofs.schema is missing. In EL5, it was provided by openldap-servers
  • slapd fails to start with this error:
/etc/openldap/slapd.conf: line 27: unknown directive <schemacheck> outside backend info and database definitions

Here's a code snipet which seems to work, the only thing missing is to retrieve the interface description from hwdata, for now, it just return the name 'eth0, eth1 etc…) instead of the description (in esmith/ethernet.pm)

    opendir(my $dh, "/sys/class/net") or die "Couldn't open /sys/class/net: $!";
    my @nics = grep { $_ !~ m/\./ } readdir($dh);
    my $adapters = '';
    my $index = 1;
    foreach my $nic (@nics){
        next if (
            # skip loopback
            $nic eq 'lo' ||
            # skip non links
            !-l "/sys/class/net/$nic" ||
            # skip wireless nics
            -d "/sys/class/net/$nic/wireless" ||
            -l "/sys/class/net/$nic/phy80211" ||
            # skip bridges
            -d "/sys/class/net/$nic/bridge" ||
            # skip vlans
            -f "/proc/net/vlan/$nic" ||
            # skip bonds
            -d "/sys/class/net/$nic/bonding" ||
            # skip tun/tap
            -f "/sys/class/net/$nic/tun_flags" ||
            # skip dummy
            -d "/sys/devices/virtual/net/$nic"
        );
        # Now we should be left only wth ethernet adapters
        my $mac = `cat /sys/class/net/$nic/address`;
        chomp($mac);
        my $driver = `readlink /sys/class/net/$nic/device/driver`;
        $driver = `basename $driver`;
        chomp($driver);
        $adapters .= "EthernetDriver" . $index++ . "\t" . $driver . "\t" .
                     $mac . "\t" . "$nic" . "\n";
    }
    return $adapters;
  • manually running expand-templates has no effect (but the command exit with success). Templates expanded in signal-event are working
  • smedev/what_is_not_working_on_el6.txt
  • Dernière modification: 26/01/2013 00:32
  • de dani