[Pulp-list] issues with pulp 2.9 on centos

Reitmayer, Jeffrey S jeffr at doit.tamu.edu
Mon Oct 3 12:53:22 UTC 2016 

Well this turned out to be an issue with SeLinux. Disabling or setting it to permissive let me access the repositories. I have to go back in and set up a new rule for Pulp and Selinux today. At least it was fixable. Thanks.

Jeff Reitmayer
Lead Systems Administrator
Texas A&M University
Division of Student Affairs IT
John J. Koldus | Suite 233
College Station, TX 77843
jeffr at doit.tamu.edu<mailto:jeffr at doit.tamu.edu>
Phone | 979-458-9224
Web | doit.tamu.edu<http://doit.tamu.edu>

From: pulp-list-bounces at redhat.com [mailto:pulp-list-bounces at redhat.com] On Behalf Of Reitmayer, Jeffrey S
Sent: Thursday, September 29, 2016 12:12 PM
To: Konstantin M. Khankin <khankin.konstantin at gmail.com>
Cc: pulp-list at redhat.com
Subject: Re: [Pulp-list] issues with pulp 2.9 on centos

Well I’m making some progress. I can finally make pulp-admin talk to the pulp workers. I still get errors when I try to access the server from yum.


[12:08:59 root at reposrv:/etc/httpd/conf.d]$<mailto:root at reposrv:/etc/httpd/conf.d%5d$> yum update
Loaded plugins: fastestmirror, pulp-profile-update
Setting up Update Process
Loading mirror speeds from cached hostfile
https://reposrv.dsa.reldom.tamu.edu/pulp/repos/centos/base/repodata/repomd.xml: [Errno 14] PYCURL ERROR 22 - "NSS: client certificate not found (nickname not specified)"
Trying other mirror.
Error: Cannot retrieve repository metadata (repomd.xml) for repository: centos-base. Please verify its path and try again
[12:10:15 root at reposrv:/etc/httpd/conf.d]$<mailto:root at reposrv:/etc/httpd/conf.d%5d$>

==> https-reposrv.dsa.reldom.tamu.edu_error_ssl.log <==
[Thu Sep 29 12:10:15 2016] [error] [client 128.194.188.68] (13)Permission denied: mod_wsgi (pid=92301, process='', application=''): Call to fopen() failed for '/srv/pulp/repo_auth.wsgi'.
[Thu Sep 29 12:10:15 2016] [error] [client 128.194.188.68] mod_wsgi (pid=92301): Client denied by server configuration: '/var/www/pub/yum/https/repos/centos/base/repodata/repomd.xml'.

==> https-reposrv.dsa.reldom.tamu.edu_access_ssl.log <==
[29/Sep/2016:12:10:15 -0500] reposrv.dsa.reldom.tamu.edu 128.194.188.68 - - 443 "GET /pulp/repos/centos/base/repodata/repomd.xml HTTP/1.1" 403 244 "-" "urlgrabber/3.9.1 yum/3.2.29"

I’m thinking I have a setting in my vhost file that is wrong similar to what the problem was with my pulp.conf I ended up having to point

WSGISocketPrefix run/wsgi
WSGIScriptAlias /pulp/api /usr/share/pulp/wsgi/webservices.wsgi
WSGIImportScript /usr/share/pulp/wsgi/webservices.wsgi process-group=pulp application-group=pulp

It was set to:
#WSGISocketPrefix run/wsgi
#WSGIScriptAlias /pulp/api /srv/pulp/webservices.wsgi
#WSGIImportScript /srv/pulp/webservices.wsgi process-group=pulp application-group=pulp

If you have any ideas, I’m all ears. I have been doing through those docs that you sent but I’m not finding much on setting up these Vhost files yet.
Jeff Reitmayer
Lead Systems Administrator
Texas A&M University
Division of Student Affairs IT
John J. Koldus | Suite 233
College Station, TX 77843
jeffr at doit.tamu.edu<mailto:jeffr at doit.tamu.edu>
Phone | 979-458-9224
Web | doit.tamu.edu<http://doit.tamu.edu>

From: Konstantin M. Khankin [mailto:khankin.konstantin at gmail.com]
Sent: Thursday, September 29, 2016 12:01 PM
To: Reitmayer, Jeffrey S <jeffr at doit.tamu.edu<mailto:jeffr at doit.tamu.edu>>
Cc: pulp-list at redhat.com<mailto:pulp-list at redhat.com>
Subject: Re: [Pulp-list] issues with pulp 2.9 on centos

It seems like Apache is looking for pulp wsgi file in /srv/pulp directory. If it's empty as you say, it's expected that Apache cannot read anything from there :) I would recommend to either verify your installation (which packets are installed and where, how things are configured) or just reinstall everything from scratch by this manual - https://docs.pulpproject.org/user-guide/installation/index.html<https://urldefense.proofpoint.com/v2/url?u=https-3A__docs.pulpproject.org_user-2Dguide_installation_index.html&d=CwMFaQ&c=ODFT-G5SujMiGrKuoJJjVg&r=MFiN7iXU2x3gY25BmN9dtRxf6xeyq3fs5ZfQPm3sPdI&m=fTUyfj9jUiRrqNSn42ZhSpEwnupUtfgFp1Phc0SLXrw&s=wzbQvmvl0fISHk3mGr2LsRnW09TmkfBt2R_url9cj6g&e=>

2016-09-29 15:44 GMT+03:00 Reitmayer, Jeffrey S <jeffr at doit.tamu.edu<mailto:jeffr at doit.tamu.edu>>:
Hey Konstantin,

Thanks for the reply. I’m not sure which apache config you need. I didn’t build this server so the last guy left me with a mess. The /srv/pulp directory is empty right now and the directory permissions are set to root:root

If you let me know what Apache configs you need I can provide them. It looks like he has everything set in vhost files in /etc/httpd/conf.d/

Please let me know what you need I’ll be happy to provide.

Thanks

Jeff

From: Konstantin M. Khankin [mailto:khankin.konstantin at gmail.com<mailto:khankin.konstantin at gmail.com>]
Sent: Thursday, September 29, 2016 12:12 AM
To: Reitmayer, Jeffrey S <jeffr at doit.tamu.edu<mailto:jeffr at doit.tamu.edu>>
Cc: pulp-list at redhat.com<mailto:pulp-list at redhat.com>
Subject: Re: [Pulp-list] issues with pulp 2.9 on centos

Hi Jeffrey,

Could you please show your Apache config? Is your pulp instance installed in /srv/pulp? Are permissions set up so that Apach can read webservices.wsgi?

2016-09-28 22:59 GMT+03:00 Reitmayer, Jeffrey S <jeffr at doit.tamu.edu<mailto:jeffr at doit.tamu.edu>>:
Good Afternoon.

I am having issues with our reposrv running pulp. We cannot access and download any updates through yum. I am getting this error when I restart apache:

==> error_log <==
[Wed Sep 28 14:54:09 2016] [notice] caught SIGTERM, shutting down
[Wed Sep 28 14:54:09 2016] [notice] SELinux policy enabled; httpd running as context unconfined_u:system_r:httpd_t:s0
[Wed Sep 28 14:54:09 2016] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Sep 28 14:54:09 2016] [notice] Digest: generating secret for digest authentication ...
[Wed Sep 28 14:54:09 2016] [notice] Digest: done
[Wed Sep 28 14:54:09 2016] [notice] Apache/2.2.15 (Unix) DAV/2 mod_ssl/2.2.15 OpenSSL/1.0.1e-fips mod_wsgi/3.4 Python/2.6.6 configured -- resuming normal operations
[Wed Sep 28 14:54:09 2016] [error] (2)No such file or directory: mod_wsgi (pid=16171, process='pulp', application='pulp'): Call to fopen() failed for '/srv/pulp/webservices.wsgi'.
[Wed Sep 28 14:54:09 2016] [error] (2)No such file or directory: mod_wsgi (pid=16170, process='pulp', application='pulp'): Call to fopen() failed for '/srv/pulp/webservices.wsgi'.
[Wed Sep 28 14:54:09 2016] [error] (2)No such file or directory: mod_wsgi (pid=16172, process='pulp', application='pulp'): Call to fopen() failed for '/srv/pulp/webservices.wsgi'.

I don’t know if this is enough to start troubleshooting the process but I would greatly appreciate any help

Thanks.
Jeff


_______________________________________________
Pulp-list mailing list
Pulp-list at redhat.com<mailto:Pulp-list at redhat.com>
https://www.redhat.com/mailman/listinfo/pulp-list<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.redhat.com_mailman_listinfo_pulp-2Dlist&d=CwMFaQ&c=ODFT-G5SujMiGrKuoJJjVg&r=MFiN7iXU2x3gY25BmN9dtRxf6xeyq3fs5ZfQPm3sPdI&m=fjj3W-ZcbnrnFZqfUMbu8WoxalJA7mP2rL6utTJx83A&s=B0STBK0gS1fBBAbyaKmUfN5fPg5_EAI1Q6YB0CMyFGw&e=>



--
Ханкин Константин



--
Ханкин Константин
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pulp-list/attachments/20161003/89bcbf69/attachment.htm>

More information about the Pulp-list mailing list