[Fedora-directory-users] FDS 1.0 console problem

Taymour A. El Erian taymour.elerian at tedata.net
Wed Dec 7 15:47:48 UTC 2005 

Richard Megginson wrote:

> Ok, that's the problem.  You need to edit your start-admin script. 
> See below inline:

Thx, now it works

>
> Taymour A. El Erian wrote:
>
>> Richard Megginson wrote:
>>
>>  
>>
>>> Hmm - can you post your /opt/fedora-ds/start-admin script?
>>>   
>>
>>
>>
>> Here is the script
>>
>> SERVER_ROOT=/opt/fedora-ds ; export SERVER_ROOT
>> NETSITE_ROOT=$SERVER_ROOT ; export NETSITE_ROOT
>> ADMSERV_ROOT=$SERVER_ROOT/admin-serv ; export ADMSERV_ROOT
>>
>> unset PASSWORD_PIPE
>>
>> LD_LIBRARY_PATH=${SERVER_ROOT}/bin/admin/lib:${SERVER_ROOT}/lib:${LD_LIBRARY_PATH};export
>>
>> LD_LIBRARY_PATH
>> LIBPATH=${LD_LIBRARY_PATH}:${LIBPATH}:/usr/threads/lib:/usr/ibmcxx/lib:/usr/lib:/lib;
>>
>> export LIBPATH
>> SHLIB_PATH=${LD_LIBRARY_PATH}:${SHLIB_PATH}; export SHLIB_PATH
>>
>> NS_SERVER_HOME=${SERVER_ROOT}; export NS_SERVER_HOME
>> PATH=${SERVER_ROOT}/bin/admin/bin:${PATH}; export PATH
>>
>> HTTPD=/usr/sbin//httpd.worker
>>
>> # see if httpd is linked with the openldap libraries - we need to
>> override them
>> OS=`uname -s`
>> if [ $OS = "Linux" ]; then
>>    hasol=0
>>
>>    /usr/bin/ldd $HTTPD 2>&1 | grep libldap- > /dev/null 2>&1 && hasol=1
>>  
>>
> Change "libldap-" to "libldap" in the above line.
>
>>    if [ $hasol -eq 1 ] ; then
>>        LD_PRELOAD="${SERVER_ROOT}/bin/admin/lib/libssl3.so
>> ${SERVER_ROOT}/bin/admin/lib/libldap50.so"
>>        export LD_PRELOAD
>>    fi
>> fi
>>
>> $HTTPD -k start -d $ADMSERV_ROOT -f $ADMSERV_ROOT/config/httpd.conf "$@"
>>  
>>
> The problem is that the Apache binary is linked with the openldap
> libraries.  Our admin server module is linked with the moz ldap sdk
> which is included with FDS.  Unfortunately, without the LD_PRELOAD,
> the admin server module resolves those ldap symbols from the ol libs
> linked into Apache.
>
> Q: So, why not just use the openldap libs?
> A: Because we require the use of NSS for crypto.  openldap does not
> support NSS.
>
>>  
>>
>>> Taymour A. El Erian wrote:
>>>
>>>   
>>>
>>>> Richard Megginson wrote:
>>>>
>>>>
>>>>
>>>>     
>>>>
>>>>> Where is your Apache binary?  Is it /usr/sbin/httpd.worker?  If
>>>>> you do
>>>>> ldd /usr/bin/httpd.worker, do you see a link to libldap?
>>>>>
>>>>>  
>>>>>       
>>>>
>>>> Here it is
>>>>
>>>> ldd /usr/sbin/httpd.worker |grep ldap
>>>> libldap.so.2 => //usr/lib/libldap.so.2 (0x001fd000)
>>>>
>>>>
>>>>
>>>>
>>>>     
>>>>
>>>>> Taymour A. El Erian wrote:
>>>>>
>>>>>  
>>>>>
>>>>>       
>>>>>
>>>>>> Hi,
>>>>>>
>>>>>>  I have just downloaded FDS 1.0 to my FC2 box for testing (thinking
>>>>>> of moving from OpenLDAP). I started the setup (tried the 3 modes)
>>>>>> and
>>>>>> finished the installation but unfortunately I am unable to login to
>>>>>> the
>>>>>> console and I have the following errors in the log
>>>>>>
>>>>>> [Mon Dec 05 11:20:02 2005] [crit] openLDAPConnection():
>>>>>> ldap_set_option
>>>>>> failed to disable cache for :148841712
>>>>>> [Mon Dec 05 11:20:02 2005] [warn] Unable to open initial
>>>>>> LDAPConnection
>>>>>> to populate LocalAdmin tasks into cache.
>>>>>> [Mon Dec 05 11:20:10 2005] [crit] openLDAPConnection():
>>>>>> ldap_set_option
>>>>>> failed to disable cache for :145712368
>>>>>> [Mon Dec 05 11:20:10 2005] [warn] Unable to open initial
>>>>>> LDAPConnection
>>>>>> to populate LocalAdmin tasks into cache.
>>>>>> [Mon Dec 05 11:20:11 2005] [crit] openLDAPConnection():
>>>>>> ldap_set_option
>>>>>> failed to disable cache for :156321008
>>>>>> [Mon Dec 05 11:20:11 2005] [warn] Unable to open initial
>>>>>> LDAPConnection
>>>>>> to populate LocalAdmin tasks into cache.
>>>>>> [Mon Dec 05 11:20:12 2005] [crit] openLDAPConnection():
>>>>>> ldap_set_option
>>>>>> failed to disable cache for :141018352
>>>>>> [Mon Dec 05 11:20:12 2005] [warn] Unable to open initial
>>>>>> LDAPConnection
>>>>>> to populate LocalAdmin tasks into cache.
>>>>>> [Mon Dec 05 11:20:13 2005] [crit] openLDAPConnection():
>>>>>> ldap_set_option
>>>>>> failed to disable cache for :144086256
>>>>>> [Mon Dec 05 11:20:13 2005] [warn] Unable to open initial
>>>>>> LDAPConnection
>>>>>> to populate LocalAdmin tasks into cache.
>>>>>> [Mon Dec 05 11:20:14 2005] [crit] openLDAPConnection():
>>>>>> ldap_set_option
>>>>>> failed to disable cache for :163882224
>>>>>> [Mon Dec 05 11:20:14 2005] [warn] Unable to open initial
>>>>>> LDAPConnection
>>>>>> to populate LocalAdmin tasks into cache.
>>>>>> [Mon Dec 05 11:20:16 2005] [crit] openLDAPConnection():
>>>>>> ldap_set_option
>>>>>> failed to disable cache for :161109232
>>>>>> [Mon Dec 05 11:20:16 2005] [warn] Unable to open initial
>>>>>> LDAPConnection
>>>>>> to populate LocalAdmin tasks into cache.
>>>>>> [Mon Dec 05 11:20:45 2005] [crit] openLDAPConnection():
>>>>>> ldap_set_option
>>>>>> failed to disable cache for :144094448
>>>>>> [Mon Dec 05 11:20:45 2005] [warn] Unable to open initial
>>>>>> LDAPConnection
>>>>>> to populate LocalAdmin tasks into cache.
>>>>>> [Mon Dec 05 11:20:47 2005] [crit] openLDAPConnection():
>>>>>> ldap_set_option
>>>>>> failed to disable cache for :152855792
>>>>>> [Mon Dec 05 11:20:47 2005] [warn] Unable to open initial
>>>>>> LDAPConnection
>>>>>> to populate LocalAdmin tasks into cache.
>>>>>> [Mon Dec 05 11:20:49 2005] [crit] openLDAPConnection():
>>>>>> ldap_set_option
>>>>>> failed to disable cache for :163517680
>>>>>> [Mon Dec 05 11:20:49 2005] [warn] Unable to open initial
>>>>>> LDAPConnection
>>>>>> to populate LocalAdmin tasks into cache.
>>>>>> [Mon Dec 05 11:21:37 2005] [crit] openLDAPConnection():
>>>>>> ldap_set_option
>>>>>> failed to disable cache for :145147120
>>>>>> [Mon Dec 05 11:21:37 2005] [warn] Unable to open initial
>>>>>> LDAPConnection
>>>>>> to populate LocalAdmin tasks into cache.
>>>>>> [Mon Dec 05 11:21:55 2005] [crit] openLDAPConnection():
>>>>>> ldap_set_option
>>>>>> failed to disable cache for :152823024
>>>>>> [Mon Dec 05 11:21:55 2005] [warn] Unable to open initial
>>>>>> LDAPConnection
>>>>>> to populate LocalAdmin tasks into cache.
>>>>>> [Mon Dec 05 11:21:56 2005] [crit] openLDAPConnection():
>>>>>> ldap_set_option
>>>>>> failed to disable cache for :152845528
>>>>>> [Mon Dec 05 11:21:56 2005] [warn] Unable to open initial
>>>>>> LDAPConnection
>>>>>> to populate LocalAdmin tasks into cache.
>>>>>> [Mon Dec 05 11:21:56 2005] [notice] Apache/2.0 configured --
>>>>>> resuming
>>>>>> normal operations
>>>>>> [Mon Dec 05 11:22:39 2005] [notice] [client 212.103.165.84]
>>>>>> admserv_host_ip_check: Unauthorized host ip=xxx.xxx.xxx.xxx
>>>>>> connection
>>>>>> rejected
>>>>>>
>>>>>> xxx.xxx.xxx.xxx is my ip address (both the server and console run
>>>>>> on it)
>>>>>>
>>>>>> Any help ?
>>>>>>
>>>>>>
>>>>>>
>>>>>>            
>>>>>
>>>>> ------------------------------------------------------------------------
>>>>>
>>>>>
>>>>>
>>>>> -- 
>>>>> Fedora-directory-users mailing list
>>>>> Fedora-directory-users at redhat.com
>>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>>
>>>>>
>>>>>  
>>>>>       
>>>>
>>>>
>>>>
>>>>
>>>>     
>>>
>>> ------------------------------------------------------------------------
>>>
>>>
>>> -- 
>>> Fedora-directory-users mailing list
>>> Fedora-directory-users at redhat.com
>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>
>>>
>>>   
>>
>>
>>
>>  
>>
>------------------------------------------------------------------------
>
>--
>Fedora-directory-users mailing list
>Fedora-directory-users at redhat.com
>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>  
>


-- 
Taymour A El Erian
System Division Manager
RHCE, LPIC, CCNA, MCSE, CNA
TE Data
E-mail: taymour.elerian at tedata.net
Web:     www.tedata.net
Tel:    +(202)-4166600
Fax:	+(202)-4166700
Ext:    1101

More information about the Fedora-directory-users mailing list