[Spacewalk-list] Jabber Issues after upgrading
Justin Edmands
shockwavecs at gmail.com
Wed Dec 11 16:33:18 UTC 2013
On Wed, Dec 11, 2013 at 11:17 AM, Balint Szigeti <balint.szgt at gmail.com>wrote:
> Is your /etc/pki/spacewalk/jabberd/server.pem file changed?
> Do you have backup from full /etc?
> Was your hostname/FQDN changed?
>
> I think, your DB access/FQDN or jabber's certs were changed during.
>
> Check your FQDN in c2s/s2s and sm.xml file. Plus check it in your backed
> up ones.
> If you replace the new jabber dir with the old one, the issue is still
> remain?
>
> Balint
>
>
> On 11/12/13 15:49, Net Warrior wrote:
>
> Yes, I notice the password section and others, changing the password made
> any difference, running the service like this
>
> /usr/bin/c2s -c /etc/jabberd//c2s.xml -D I see erros like these, no host
> available, do not know if it's trying to resolve by name or
> if it's something else
>
> s2c and router are loaded, c2s doesnt' start up that why I'm running it
> manually with -D
>
> Wed Dec 11 12:41:25 2013 c2s.c:836 coming online
> Wed Dec 11 12:41:25 2013 [notice] [0.0.0.0, port=5222] listening for
> connections
> Wed Dec 11 12:41:25 2013 [notice] ready for connections
>
>
> jabber 9764 1 0 12:28 ? 00:00:00 /usr/bin/router -c
> /etc/jabberd//router.xml
> jabber 9785 1 0 12:28 ? 00:00:00 /usr/bin/s2s -c
> /etc/jabberd//s2s.xml
>
> Wed Dec 11 12:39:36 2013 c2s.c:640 component available from 's2s'
> Wed Dec 11 12:39:36 2013 c2s.c:642 sm for serviced domain 's2s' online
> Wed Dec 11 12:39:52 2013 [notice] connection to router established
>
>
> The errors :
> Wed Dec 11 12:35:25 2013 c2s.c:185 no host available for requested domain
> 'spacewalk'
> Wed Dec 11 12:35:25 2013 c2s.c:185 no host available for requested
> domain 'spacewalk'
>
> Wed Dec 11 12:36:00 2013 c2s.c:185 no host available for requested
> domain 'spacewalk.domain.com'
> sx (error.c:79) prepared error: <stream:error xmlns:stream='
> http://etherx.jabber.org/streams'><host-unknown
> xmlns='urn:ietf:params:xml:ns:xmpp-streams'/><text
> xmlns='urn:ietf:params:xml:ns:xmpp-streams'>service requested for unknown
> domain</text></stream:error>
> sx (error.c:94) tag 8 event 1 data 0x0
> Wed Dec 11 12:36:00 2013 c2s.c:40 want write
> Wed Dec 11 12:36:00 2013 c2s.c:539 write action on fd 8
> sx (io.c:328) 8 ready for writing
> sx (io.c:286) encoding 229 bytes for writing: <stream:error xmlns:stream='
> http://etherx.jabber.org/streams'><host-unknown
> xmlns='urn:ietf:params:xml:ns:xmpp-streams'/><text
> xmlns='urn:ietf:params:xml:ns:xmpp-streams'>service requested for unknown
> domain</text></stream:error>
>
> I can alse see lots of request from differents IP, as if it were
> scanning something:
> Wed Dec 11 12:40:33 2013 c2s.c:544 close action on fd 8
> Wed Dec 11 12:40:33 2013 [notice] [8] [172.16.8.27, port=45487] disconnect
> jid=unbound, packets: 0
> sx (server.c:45) building features nad
>
> Leaving the c2s running and starting osad I get the
> [root at spacewalk ~]# osa-dispatcher start
> Spacewalk 10359 2013/12/11 12:43:08 -03:00: ('Not able to reconnect',)
> Spacewalk 10359 2013/12/11 12:43:08 -03:00: ('Traceback (most recent call
> last):\n File "/usr/share/rhn/osad/jabber_lib.py", line 252, in
> setup_connection\n c = self._get_jabber_client(js)\n File
> "/usr/share/rhn/osad/jabber_lib.py", line 309, in _get_jabber_client\n
> c.connect()\n File "/usr/share/rhn/osad/jabber_lib.py", line 589, in
> connect\n raise SSLDisabledError\nSSLDisabledError\n',)
>
>
> 2013/12/11 12:44:00 -03:00 10359 0.0.0.0:
> osad/jabber_lib.setup_connection('Could not connect to any jabber server',)
> 2013/12/11 12:44:00 -03:00 10359 0.0.0.0: osad/jabber_lib.main('Unable to
> connect to jabber servers, sleeping 10 seconds',)
> 2013/12/11 12:44:10 -03:00 10359 0.0.0.0: osad/jabber_lib.__init__
> 2013/12/11 12:44:10 -03:00 10359 0.0.0.0: osad/jabber_lib.connect('Server
> did not return a <features /> stanza, reconnecting',)
> 2013/12/11 12:44:11 -03:00 10359 0.0.0.0:
> osad/jabber_lib.connect('Server did not return a <features /> stanza,
> reconnecting',)
>
>
> 2013/12/11 12:44:12 -03:00 10359 0.0.0.0:
> osad/jabber_lib.connect('Server did not return a <features /> stanza,
> reconnecting',)
> 2013/12/11 12:44:13 -03:00 10359 0.0.0.0:
> osad/jabber_lib.connect('ERROR', 'Not able to reconnect')
> 2013/12/11 12:44:13 -03:00 10359 0.0.0.0:
> osad/jabber_lib.print_message('SSLError',)
>
> Restroring the old config I get the same error.
>
>
> Thanks for your time and support.
> Regards
>
> 2013/12/11 Balint Szigeti <balint.szgt at gmail.com>
>
>> Have you read the diff's output?
>>
>> The <pass> sections are modified. If I were you, I tried to with the new
>> conf file and the old pass sections.
>> Some other <> sections were affected as well:
>>
>>
>>
>> <!-- IP address to bind to (default: 0.0.0.0) -->
>> - <ip>::</ip>
>> + <ip>0.0.0.0</ip>
>>
>> <!-- Port to bind to, or 0 to disable unencrypted access to the
>> server (default: 5222) -->
>> @@ -301,7 +301,7 @@
>> the following checks applied.
>>
>> 0 disables all checks. (default: 0) -->
>> - <interval>60</interval>
>> + <interval>0</interval>
>>
>> <!-- Idle connection checks.
>>
>> @@ -319,7 +319,7 @@
>> disconnected without us knowing about it.
>>
>> 0 disables keepalives. (default: 0) -->
>> - <keepalive>60</keepalive>
>> + <keepalive>0</keepalive>
>>
>> Try the merge the old pass into the new xml file and let see.
>> I'm looking forward to the result :)
>>
>> B
>>
>>
>> On 11/12/13 14:05, Net Warrior wrote:
>>
>> Hi.
>>
>> I made a yum upgrade, I upgraded to CentOS 6.5, and obiously there were
>> updates related to spacewalk as well, I did not see any ssl regeneration,
>> if that happened in background do not know.
>>
>> Clients have:
>> osad-5.11.27-1.el6.noarch
>>
>> Server has:
>> osa-dispatcher-5.11.27-1.el6.noarch
>> osa-dispatcher-selinux-5.11.27-1.el6.noarch
>>
>> In the server I get
>> Starting osa-dispatcher:
>> The server log
>>
>> 2013/12/11 10:28:52 -03:00 26709 0.0.0.0:
>> osad/jabber_lib.setup_connection('ERROR', 'Traceback (most recent call
>> last):\n File "/usr/share/rhn/osad/jabber_lib.py", line 252, in
>> setup_connection\n c = self._get_jabber_client(js)\n File
>> "/usr/share/rhn/osad/jabber_lib.py", line 309, in _get_jabber_client\n
>> c.connect()\n File "/usr/share/rhn/osad/jabber_lib.py", line 567, in
>> connect\n jabber.Client.connect(self)\n File
>> "/usr/lib/python2.6/site-packages/jabber/xmlstream.py", line 488, in
>> connect\n raise socket.error("Unable to connect to the host and port
>> specified")\nerror: Unable to connect to the host and port specified\n')
>> 2013/12/11 10:28:52 -03:00 26709 0.0.0.0:
>> osad/jabber_lib.sertup_connection('Could not connect to any jabber server',)
>> 2013/12/11 10:28:52 -03:00 26709 0.0.0.0: osad/jabber_lib.main('Unable
>> to connect to jabber servers, sleeping 10 seconds',)
>> 2013/12/11 10:29:02 -03:00 26709 0.0.0.0: osad/jabber_lib.__init__
>> 2013/12/11 10:29:02 -03:00 26709 0.0.0.0:
>> osad/jabber_lib.print_message('socket error',)
>> 2013/12/11 10:29:02 -03:00 26709 0.0.0.0:
>> osad/jabber_lib.print_message('Could not connect to jabber server', '
>> spacewalk.domain.com')
>> 2013/12/11 10:29:02 -03:00 26709 0.0.0.0:
>> osad/jabber_lib.setup_connection('ERROR', 'Traceback (most recent call
>> last):\n File "/usr/share/rhn/osad/jabber_lib.py", line 252, in
>> setup_connection\n c = self._get_jabber_client(js)\n File
>> "/usr/share/rhn/osad/jabber_lib.py", line 309, in _get_jabber_client\n
>> c.connect()\n File "/usr/share/rhn/osad/jabber_lib.py", line 567, in
>> connect\n jabber.Client.connect(self)\n File
>> "/usr/lib/python2.6/site-packages/jabber/xmlstream.py", line 488, in
>> connect\n raise socket.error("Unable to connect to the host and port
>> specified")\nerror: Unable to connect to the host and port specified\n')
>> 2013/12/11 10:29:02 -03:00 26709 0.0.0.0:
>> osad/jabber_lib.setup_connection('Could not connect to any jabber server',)
>> 2013/12/11 10:29:02 -03:00 26709 0.0.0.0: osad/jabber_lib.main('Unable
>> to connect to jabber servers, sleeping 10 seconds',)
>>
>> These are the c2s diff.:
>>
>> [root at spacewalk jabberd]# diff -u /etc/jabberd/c2s.xml
>> /root/temp/jabberd/c2s.xml-orig
>>
>> --- /etc/jabberd/c2s.xml 2013-12-11 10:14:06.000000000 -0300
>> +++ /root/temp/jabberd/c2s.xml-orig 2013-12-09 11:34:15.000000000
>> -0300
>> @@ -10,12 +10,12 @@
>> <!-- Router connection configuration -->
>> <router>
>> <!-- IP/port the router is waiting for connections on -->
>> - <ip>::1</ip> <!-- default: 127.0.0.1 -->
>> + <ip>127.0.0.1</ip> <!-- default: 127.0.0.1 -->
>> <port>5347</port> <!-- default: 5347 -->
>>
>> <!-- Username/password to authenticate as -->
>> <user>jabberd</user> <!-- default: jabberd -->
>> - <pass>9b6d8078f992346e0537a6e5514def7ffc28374b</pass> <!--
>> default: secret -->
>> + <pass>71d26fd8f21c6cf9660217f363613a45d3a28e9d</pass> <!--
>> default: secret -->
>>
>> <!-- File containing an SSL certificate and private key to use when
>> setting up an encrypted channel with the router. From
>> @@ -50,7 +50,7 @@
>> </router>
>>
>> <!-- Log configuration - type is "syslog", "file" or "stdout" -->
>> - <log type="syslog">
>> + <log type='syslog'>
>> <!-- If logging to syslog, this is the log ident -->
>> <ident>jabberd/c2s</ident>
>>
>> @@ -133,7 +133,7 @@
>> you want this, add this attribute with any value, when you need
>> registration disabled.
>> -->
>> - <id require-starttls="false"
>> pemfile="/etc/pki/spacewalk/jabberd/server.pem" realm=""
>> register-enable="true">spacewalk</id>
>> + <id register-enable='mu'>localhost.localdomain</id>
>> <!-- or
>> <id realm='company.int'
>> pemfile='/etc/jabberd/server.pem'
>> @@ -149,7 +149,7 @@
>> <id password-change='mu' /> -->
>>
>> <!-- IP address to bind to (default: 0.0.0.0) -->
>> - <ip>::</ip>
>> + <ip>0.0.0.0</ip>
>>
>> <!-- Port to bind to, or 0 to disable unencrypted access to the
>> server (default: 5222) -->
>> @@ -301,7 +301,7 @@
>> the following checks applied.
>>
>> 0 disables all checks. (default: 0) -->
>> - <interval>60</interval>
>> + <interval>0</interval>
>>
>> <!-- Idle connection checks.
>>
>> @@ -319,7 +319,7 @@
>> disconnected without us knowing about it.
>>
>> 0 disables keepalives. (default: 0) -->
>> - <keepalive>60</keepalive>
>> + <keepalive>0</keepalive>
>>
>> </check>
>>
>> @@ -348,7 +348,7 @@
>> <path>/usr/lib64/jabberd</path>
>>
>> <!-- Backend module to use -->
>> - <module>db</module>
>> + <module>sqlite</module>
>>
>> <!-- Available authentication mechanisms -->
>> <mechanisms>
>> @@ -421,7 +421,7 @@
>>
>> <!-- Database username and password -->
>> <user>jabberd2</user>
>> - <pass>9b6d8078f992346e0537a6e5514def7ffc28374b</pass>
>> + <pass>71d26fd8f21c6cf9660217f363613a45d3a28e9d</pass>
>>
>> <!-- Passwords in DB may be stored in plain or hashed format -->
>> <!-- NOTE: If you are using hashed passwords, the only auth
>> @@ -456,7 +456,7 @@
>>
>> <!-- Database username and password -->
>> <user>jabberd2</user>
>> - <pass>9b6d8078f992346e0537a6e5514def7ffc28374b</pass>
>> + <pass>71d26fd8f21c6cf9660217f363613a45d3a28e9d</pass>
>> </pgsql>
>>
>> <!-- Oracle driver configuration -->
>> @@ -470,7 +470,7 @@
>>
>> <!-- Database username and password -->
>> <user>jabberd2</user>
>> - <pass>9b6d8078f992346e0537a6e5514def7ffc28374b</pass>
>> + <pass>71d26fd8f21c6cf9660217f363613a45d3a28e9d</pass>
>> </oracle>
>>
>> <!-- Berkeley DB module configuration -->
>> @@ -543,7 +543,7 @@
>> <!-- base DN of the tree. You should specify a DN for each
>> authentication realm declared in the <local/> section above,
>> by using the realm attribute. -->
>> - <basedn realm="company">o=Company.com</basedn>
>> + <basedn realm='company'>o=Company.com</basedn>
>> <basedn>o=Example Corp.</basedn>
>> </ldapfull>
>>
>> @@ -605,7 +605,7 @@
>> <!-- base DN of the tree. You should specify a DN for each
>> authentication realm declared in the <local/> section above,
>> by using the realm attribute. -->
>> - <basedn realm="company">o=Company.com</basedn>
>> + <basedn realm='company'>o=Company.com</basedn>
>> <basedn>o=Example Corp.</basedn>
>> </ldap>
>> <!-- if you want to configure more than one LDAP server
>> @@ -623,6 +623,7 @@
>>
>> </authreg>
>>
>> -</c2s><!--
>> +</c2s>
>> +<!--
>> vim: syntax=xml
>> -->
>>
>> Thanks for your time and support.
>> Regards.
>>
>>
>>
>> 2013/12/11 Balint Szigeti <balint.szgt at gmail.com>
>>
>>> How was the upgrade? Which version to where?
>>>
>>> Does client use the same version as server?
>>> Wasn't there SSL regenerating?
>>>
>>> Balint
>>>
>>>
>>> On 11/12/13 12:48, Net Warrior wrote:
>>>
>>>> Hi guys.
>>>>
>>>> I'm seeing this errors on the server logs after I upgraded my system:
>>>> 2013/12/11 09:36:36 -03:00 27397 0.0.0.0: osad/jabber_lib.__init__
>>>> 2013/12/11 09:36:36 -03:00 27397 0.0.0.0:
>>>> osad/jabber_lib.connect('Server did not return a <features /> stanza,
>>>> reconnecting',)
>>>> 2013/12/11 09:36:37 -03:00 27397 0.0.0.0:
>>>> osad/jabber_lib.connect('Server did not return a <features /> stanza,
>>>> reconnecting',)
>>>> 2013/12/11 09:36:38 -03:00 27397 0.0.0.0:
>>>> osad/jabber_lib.connect('Server did not return a <features /> stanza,
>>>> reconnecting',)
>>>> 2013/12/11 09:36:39 -03:00 27397 0.0.0.0:
>>>> osad/jabber_lib.connect('ERROR', 'Not able to reconnect')
>>>> 2013/12/11 09:36:39 -03:00 27397 0.0.0.0:
>>>> osad/jabber_lib.print_message('SSLError',)
>>>> 2013/12/11 09:36:39 -03:00 27397 0.0.0.0:
>>>> osad/jabber_lib.print_message('Could not connect to jabber server',
>>>> 'spacewalk.domain.com')
>>>> 2013/12/11 09:36:39 -03:00 27397 0.0.0.0:
>>>> osad/jabber_lib.setup_connection('ERROR', 'Traceback (most recent call
>>>> last):\n File "/usr/share/rhn/osad/jabber_lib.py", line 252, in
>>>> setup_connection\n c = self._get_jabber_client(js)\n File
>>>> "/usr/share/rhn/osad/jabber_lib.py", line 309, in _get_jabber_client\n
>>>> c.connect()\n File "/usr/share/rhn/osad/jabber_lib.py", line 589,
>>>> in connect\n raise SSLDisabledError\nSSLDisabledError\n')
>>>> 2013/12/11 09:36:39 -03:00 27397 0.0.0.0:
>>>> osad/jabber_lib.setup_connection('Could not connect to any jabber
>>>> server',)
>>>> 2013/12/11 09:36:39 -03:00 27397 0.0.0.0: osad/jabber_lib.main('Unable
>>>> to connect to jabber servers, sleeping 10 seconds',)
>>>>
>>>> It seems SSL was disabled and no c2s service is started at all in port
>>>> 5222, It seems there were lots of modifications in the c2s.xml but
>>>> cannot tell which one is causing the error or if the certificate got
>>>> corrupted, I restore the original configuration file and c2s starts,
>>>> but but the clients cannot connect to jabber server anymore:
>>>>
>>>> 013-12-11 09:36:59 jabber_lib.main: Unable to connect to jabber
>>>> servers, sleeping 108 seconds
>>>> 2013-12-11 09:38:50 jabber_lib.main: Unable to connect to jabber
>>>> servers, sleeping 119 seconds
>>>> 2013-12-11 09:40:53 jabber_lib.main: Unable to connect to jabber
>>>> servers, sleeping 109 seconds
>>>> 2013-12-11 09:42:45 jabber_lib.main: Unable to connect to jabber
>>>> servers, sleeping 68 seconds
>>>> 2013-12-11 09:43:56 jabber_lib.main: Unable to connect to jabber
>>>> servers, sleeping 71 seconds
>>>> 2013-12-11 09:45:10 jabber_lib.main: Unable to connect to jabber
>>>> servers, sleeping 110 seconds
>>>>
>>>>
>>>>
>>>>
>>>> Any help appreciated.
>>>> Regards
>>>>
>>>> _______________________________________________
>>>> Spacewalk-list mailing list
>>>> Spacewalk-list at redhat.com
>>>> https://www.redhat.com/mailman/listinfo/spacewalk-list
>>>>
>>>
>>> _______________________________________________
>>> Spacewalk-list mailing list
>>> Spacewalk-list at redhat.com
>>> https://www.redhat.com/mailman/listinfo/spacewalk-list
>>>
>>
>>
>>
>> _______________________________________________
>> Spacewalk-list mailing listSpacewalk-list at redhat.comhttps://www.redhat.com/mailman/listinfo/spacewalk-list
>>
>>
>>
>> _______________________________________________
>> Spacewalk-list mailing list
>> Spacewalk-list at redhat.com
>> https://www.redhat.com/mailman/listinfo/spacewalk-list
>>
>
>
>
> _______________________________________________
> Spacewalk-list mailing listSpacewalk-list at redhat.comhttps://www.redhat.com/mailman/listinfo/spacewalk-list
>
>
>
> _______________________________________________
> Spacewalk-list mailing list
> Spacewalk-list at redhat.com
> https://www.redhat.com/mailman/listinfo/spacewalk-list
>
1 - After the upgrade from CentOS 6.4 to 6.5, did SELinux or iptables turn
itself back on?
2 - service statuses
spacewalk-service status
...
sm (pid 17446) is running...
c2s (pid 17453) is running...
s2s (pid 17460) is running...
osa-dispatcher (pid 17663) is running...
...(plus others of course)
If those services are not all running, do the following:
spacewalk-service stop
rm -rf /var/lib/jabberd/db/*" #(back it up if you want, it's stale and is
regenerated if missing. Do not delete the db folder itself, though.)
spacewalk-service start
3 - Check the permissions on your jabberd stuff:
ls -lah /var/lib/jabberd/*
and for good measure:
chown -R jabber:jabber /var/lib/jabberd
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20131211/316b06eb/attachment.htm>
More information about the Spacewalk-list
mailing list