[Fedora-directory-users] Fedora DS 1.0.4 build on Solaris 10?
Scott Ding
scott.ding at autodesk.com
Wed Sep 12 17:46:28 UTC 2007
Using the certutil-bin instructions given by Rob, I was able to generate slapd-lsctsol06-key3.db,slapd-lsctsol06-cert8.db, and secmod.db successfully under /home/dings/fds/alias. However, when I call start-slapd as root, I still get the same errors. Attached is the errors log file under logs.
-----Original Message-----
From: fedora-directory-users-bounces at redhat.com [mailto:fedora-directory-users-bounces at redhat.com] On Behalf Of Rob Crittenden
Sent: Wednesday, September 12, 2007 6:09 AM
To: General discussion list for the Fedora Directory server project.
Subject: Re: [Fedora-directory-users] Fedora DS 1.0.4 build on Solaris 10?
Dave Augustus wrote:
>
>
> On Tue, 2007-09-11 at 19:56 -0700, Scott Ding wrote:
>> /home/dings/fds/alias does exist. I am starting FDS by using
>> start-slapd as root user. /home/dings/fds/alias is writable by the
>> server. It looks like start-slapd is looking for some certificate
>> under /home/dings/fds/alias. I checked the content under
>> /home/dings/alias. It contains only one file: libnssckbi.so.
>>
>>
>>
>> -----Original Message-----
>> From: fedora-directory-users-bounces at redhat.com
>> <mailto:fedora-directory-users-bounces at redhat.com>
>> [mailto:fedora-directory-users-bounces at redhat.com
>> <mailto:fedora-directory-users-bounces at redhat.com>] On Behalf Of
>> Richard Megginson
>> Sent: Tuesday, September 11, 2007 5:56 PM
>> To: General discussion list for the Fedora Directory server project.
>> Subject: Re: [Fedora-directory-users] Fedora DS 1.0.4 build on
>> Solaris 10?
>>
>> Scott Ding wrote:
>> > I got the FDS installed on Solaris 10 by calling ds_newinst.pl with
>> > a inf file. However, when I tried to start the FDS, I got the
>> > following error. It looks like I did not set up SSL correctly. Can anyone help?
>> >
>> > [11/Sep/2007:16:05:13 -0700] - SSL alert: Security Initialization:
>> > NSS
>>
>> > initialization failed (Netscape Portable Runtime error -8174 -
>> > security
>> > library: bad database.): path: /home/dings/fds/alias/, certdb prefix:
>> > slapd-lsctsol06-, keydb prefix: slapd-lsctsol06-.
>> >
>> Does the directory /home/dings/fds/alias exist? Is it owned by the
>> server user? Is it writable by the server user?
>> > [11/Sep/2007:16:05:13 -0700] - ERROR: NSS Initialization Failed.
>> >
>> > -----Original Message-----
>> > From: Scott Ding
>> > Sent: Tuesday, September 11, 2007 2:50 PM
>> > To: General discussion list for the Fedora Directory server project.
>> > Subject: RE: [Fedora-directory-users] Fedora DS 1.0.4 build on
>> > Solaris
>>
>> > 10?
>> >
>> > Rob,
>> >
>> > We got the FDS compiled on Solaris 10 with NET-SNMP 5.4.1. The
>> > compiled result contains the following files:
>> >
>> > LICENSE.txt
>> > README.txt
>> > disktune
>> > slapd.tar.gz
>> >
>> >
>> > After I untar slapd.tar.gz, I got the following:
>> >
>> > alias
>> > manual
>> > shared
>> > bin
>> > - slapd
>> > - admin
>> > - server
>> > - install
>> > - property
>> > -lib
>> > lib
>> > plugins
>> >
>> > I checked the Installation Guide. The instructions are based on
>> RedHat.
>> > Are there any installation instructions based on Solaris?
>> >
>> > Regards,
>> > Scott
>> >
>> >
>> >
>> >
>> > -----Original Message-----
>> > From: fedora-directory-users-bounces at redhat.com
>> > <mailto:fedora-directory-users-bounces at redhat.com>
>> > [mailto:fedora-directory-users-bounces at redhat.com
>> > <mailto:fedora-directory-users-bounces at redhat.com>] On Behalf Of
>> > Rob Crittenden
>> > Sent: Tuesday, September 11, 2007 7:25 AM
>> > To: General discussion list for the Fedora Directory server project.
>> > Subject: Re: [Fedora-directory-users] Fedora DS 1.0.4 build on
>> > Solaris
>>
>> > 10?
>> >
>> > Scott Ding wrote:
>> >
>> >> Has anyone built Fedora DS 1.0.4 on Solaris 10 (SPARC 32bit)?
>> >>
>> >>
>> >
>> > In theory this should work ok.
>> >
>> > I spent a little time many months ago to try to build it on Solaris
>> > 10
>> > x86 and nearly got there before running out of time and I never got
>> > back to it because I needed to reclaim the disk space :-(
>> >
>> > I would recommend the manual build process defined at
>> > http://directory.fedoraproject.org/wiki/Building . I would avoid
>> > the "one-step build" because I suspect this is going to be very
>> > iterative and while the auto-fetching is nice developing in that
>> > environment just adds another layer of pain.
>> >
>> > It is possible to build on Solaris with gcc, the trick is figuring
>> > out
>>
>> > the magic to tell the various components to use it. I think things
>> > like NSS, NSPR and FDS itself use the env variable NS_USE_GCC. Set
>> > that to 1 and give it a go. There may be other tweaks required.
>> >
>> > And note that the manual instructions just cover the server itself.
>> > For console, the plugins, etc there is more to do.
>> >
>> > rob
>> >
>> >
>> > --
>> > Fedora-directory-users mailing list
>> > Fedora-directory-users at redhat.com
>> > <mailto:Fedora-directory-users at redhat.com>
>> > https://www.redhat.com/mailman/listinfo/fedora-directory-users
>> >
>>
>>
>>
>> --
>> Fedora-directory-users mailing list
>> Fedora-directory-users at redhat.com
>> <mailto:Fedora-directory-users at redhat.com>
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
> My guess is that you just need to create the cert files. Look for the
> certutil-bin binary in /opt/fedora-ds/shared/bin (no clue where on
> Solaris). Do certutil-bin -h . The cert db files will need to be named
> appropriately and located in alias. Something like:
> slapd-lsctsol06-key3.db
> slapd-lsctsol06-cert8.db
> Also, I think that secmod.db is needed but I don't know what it contains.
Solaris should already have certutil. You need to run something like:
# certutil -N -d /home/dings/fds/alias -P slapd-lsctsol06-
Note that there is a trailing dash. This is important.
You'll be prompted to set a security password. Enter one or just press ENTER twice to not set one.
That should do the trick.
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: errors
Type: application/octet-stream
Size: 430 bytes
Desc: errors
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20070912/5a679f9d/attachment.obj>
More information about the Fedora-directory-users
mailing list