[Spacewalk-list] Jabber Issues after upgrading
Net Warrior
netwarrior863 at gmail.com
Wed Dec 11 17:22:14 UTC 2013
Hi Justin.
1 /etc/pki/spacewalk/jabberd/server.pem is the same, did not change
2 I have no backup
3 no issues with the FQDN server configuration.
4 Gonna check the FQDN in the c2s/s2s files, I restored the c2s.xml-swsave
which were created duting the update and none of the jabbers services start
up. routes/sm/c2s/s2s
On the other hand, is there a way to reconfigure this,? can I use
spacewalk-setup-jabberd to do so? in this moment the system is useless and
reinstalling wont be very funny, have 500 servers more than less plus
kickstart configurations and other stuff.
Thanks for your time and support.
Regards.
2013/12/11 Justin Edmands <shockwavecs at gmail.com>
> On Wed, Dec 11, 2013 at 11:17 AM, Balint Szigeti <balint.szgt at gmail.com>wrote:
>
>> Is your /etc/pki/spacewalk/jabberd/server.pem file changed?
>> Do you have backup from full /etc?
>> Was your hostname/FQDN changed?
>>
>> I think, your DB access/FQDN or jabber's certs were changed during.
>>
>> Check your FQDN in c2s/s2s and sm.xml file. Plus check it in your backed
>> up ones.
>> If you replace the new jabber dir with the old one, the issue is still
>> remain?
>>
>> Balint
>>
>>
>> On 11/12/13 15:49, Net Warrior wrote:
>>
>> Yes, I notice the password section and others, changing the password made
>> any difference, running the service like this
>>
>> /usr/bin/c2s -c /etc/jabberd//c2s.xml -D I see erros like these, no host
>> available, do not know if it's trying to resolve by name or
>> if it's something else
>>
>> s2c and router are loaded, c2s doesnt' start up that why I'm running it
>> manually with -D
>>
>> Wed Dec 11 12:41:25 2013 c2s.c:836 coming online
>> Wed Dec 11 12:41:25 2013 [notice] [0.0.0.0, port=5222] listening for
>> connections
>> Wed Dec 11 12:41:25 2013 [notice] ready for connections
>>
>>
>> jabber 9764 1 0 12:28 ? 00:00:00 /usr/bin/router -c
>> /etc/jabberd//router.xml
>> jabber 9785 1 0 12:28 ? 00:00:00 /usr/bin/s2s -c
>> /etc/jabberd//s2s.xml
>>
>> Wed Dec 11 12:39:36 2013 c2s.c:640 component available from 's2s'
>> Wed Dec 11 12:39:36 2013 c2s.c:642 sm for serviced domain 's2s' online
>> Wed Dec 11 12:39:52 2013 [notice] connection to router established
>>
>>
>> The errors :
>> Wed Dec 11 12:35:25 2013 c2s.c:185 no host available for requested domain
>> 'spacewalk'
>> Wed Dec 11 12:35:25 2013 c2s.c:185 no host available for requested domain
>> 'spacewalk'
>>
>> Wed Dec 11 12:36:00 2013 c2s.c:185 no host available for requested
>> domain 'spacewalk.domain.com'
>> sx (error.c:79) prepared error: <stream:error xmlns:stream='
>> http://etherx.jabber.org/streams'><host-unknown
>> xmlns='urn:ietf:params:xml:ns:xmpp-streams'/><text
>> xmlns='urn:ietf:params:xml:ns:xmpp-streams'>service requested for unknown
>> domain</text></stream:error>
>> sx (error.c:94) tag 8 event 1 data 0x0
>> Wed Dec 11 12:36:00 2013 c2s.c:40 want write
>> Wed Dec 11 12:36:00 2013 c2s.c:539 write action on fd 8
>> sx (io.c:328) 8 ready for writing
>> sx (io.c:286) encoding 229 bytes for writing: <stream:error xmlns:stream='
>> http://etherx.jabber.org/streams'><host-unknown
>> xmlns='urn:ietf:params:xml:ns:xmpp-streams'/><text
>> xmlns='urn:ietf:params:xml:ns:xmpp-streams'>service requested for unknown
>> domain</text></stream:error>
>>
>> I can alse see lots of request from differents IP, as if it were scanning
>> something:
>> Wed Dec 11 12:40:33 2013 c2s.c:544 close action on fd 8
>> Wed Dec 11 12:40:33 2013 [notice] [8] [172.16.8.27, port=45487]
>> disconnect jid=unbound, packets: 0
>> sx (server.c:45) building features nad
>>
>> Leaving the c2s running and starting osad I get the
>> [root at spacewalk ~]# osa-dispatcher start
>> Spacewalk 10359 2013/12/11 12:43:08 -03:00: ('Not able to reconnect',)
>> Spacewalk 10359 2013/12/11 12:43:08 -03:00: ('Traceback (most recent call
>> last):\n File "/usr/share/rhn/osad/jabber_lib.py", line 252, in
>> setup_connection\n c = self._get_jabber_client(js)\n File
>> "/usr/share/rhn/osad/jabber_lib.py", line 309, in _get_jabber_client\n
>> c.connect()\n File "/usr/share/rhn/osad/jabber_lib.py", line 589, in
>> connect\n raise SSLDisabledError\nSSLDisabledError\n',)
>>
>>
>> 2013/12/11 12:44:00 -03:00 10359 0.0.0.0:
>> osad/jabber_lib.setup_connection('Could not connect to any jabber server',)
>> 2013/12/11 12:44:00 -03:00 10359 0.0.0.0: osad/jabber_lib.main('Unable
>> to connect to jabber servers, sleeping 10 seconds',)
>> 2013/12/11 12:44:10 -03:00 10359 0.0.0.0: osad/jabber_lib.__init__
>> 2013/12/11 12:44:10 -03:00 10359 0.0.0.0:
>> osad/jabber_lib.connect('Server did not return a <features /> stanza,
>> reconnecting',)
>> 2013/12/11 12:44:11 -03:00 10359 0.0.0.0:
>> osad/jabber_lib.connect('Server did not return a <features /> stanza,
>> reconnecting',)
>>
>>
>> 2013/12/11 12:44:12 -03:00 10359 0.0.0.0:
>> osad/jabber_lib.connect('Server did not return a <features /> stanza,
>> reconnecting',)
>> 2013/12/11 12:44:13 -03:00 10359 0.0.0.0:
>> osad/jabber_lib.connect('ERROR', 'Not able to reconnect')
>> 2013/12/11 12:44:13 -03:00 10359 0.0.0.0:
>> osad/jabber_lib.print_message('SSLError',)
>>
>> Restroring the old config I get the same error.
>>
>>
>> Thanks for your time and support.
>> Regards
>>
>> 2013/12/11 Balint Szigeti <balint.szgt at gmail.com>
>>
>>> Have you read the diff's output?
>>>
>>> The <pass> sections are modified. If I were you, I tried to with the new
>>> conf file and the old pass sections.
>>> Some other <> sections were affected as well:
>>>
>>>
>>>
>>> <!-- IP address to bind to (default: 0.0.0.0) -->
>>> - <ip>::</ip>
>>> + <ip>0.0.0.0</ip>
>>>
>>> <!-- Port to bind to, or 0 to disable unencrypted access to the
>>> server (default: 5222) -->
>>> @@ -301,7 +301,7 @@
>>> the following checks applied.
>>>
>>> 0 disables all checks. (default: 0) -->
>>> - <interval>60</interval>
>>> + <interval>0</interval>
>>>
>>> <!-- Idle connection checks.
>>>
>>> @@ -319,7 +319,7 @@
>>> disconnected without us knowing about it.
>>>
>>> 0 disables keepalives. (default: 0) -->
>>> - <keepalive>60</keepalive>
>>> + <keepalive>0</keepalive>
>>>
>>> Try the merge the old pass into the new xml file and let see.
>>> I'm looking forward to the result :)
>>>
>>> B
>>>
>>>
>>> On 11/12/13 14:05, Net Warrior wrote:
>>>
>>> Hi.
>>>
>>> I made a yum upgrade, I upgraded to CentOS 6.5, and obiously there were
>>> updates related to spacewalk as well, I did not see any ssl regeneration,
>>> if that happened in background do not know.
>>>
>>> Clients have:
>>> osad-5.11.27-1.el6.noarch
>>>
>>> Server has:
>>> osa-dispatcher-5.11.27-1.el6.noarch
>>> osa-dispatcher-selinux-5.11.27-1.el6.noarch
>>>
>>> In the server I get
>>> Starting osa-dispatcher:
>>> The server log
>>>
>>> 2013/12/11 10:28:52 -03:00 26709 0.0.0.0:
>>> osad/jabber_lib.setup_connection('ERROR', 'Traceback (most recent call
>>> last):\n File "/usr/share/rhn/osad/jabber_lib.py", line 252, in
>>> setup_connection\n c = self._get_jabber_client(js)\n File
>>> "/usr/share/rhn/osad/jabber_lib.py", line 309, in _get_jabber_client\n
>>> c.connect()\n File "/usr/share/rhn/osad/jabber_lib.py", line 567, in
>>> connect\n jabber.Client.connect(self)\n File
>>> "/usr/lib/python2.6/site-packages/jabber/xmlstream.py", line 488, in
>>> connect\n raise socket.error("Unable to connect to the host and port
>>> specified")\nerror: Unable to connect to the host and port specified\n')
>>> 2013/12/11 10:28:52 -03:00 26709 0.0.0.0:
>>> osad/jabber_lib.sertup_connection('Could not connect to any jabber server',)
>>> 2013/12/11 10:28:52 -03:00 26709 0.0.0.0: osad/jabber_lib.main('Unable
>>> to connect to jabber servers, sleeping 10 seconds',)
>>> 2013/12/11 10:29:02 -03:00 26709 0.0.0.0: osad/jabber_lib.__init__
>>> 2013/12/11 10:29:02 -03:00 26709 0.0.0.0:
>>> osad/jabber_lib.print_message('socket error',)
>>> 2013/12/11 10:29:02 -03:00 26709 0.0.0.0:
>>> osad/jabber_lib.print_message('Could not connect to jabber server', '
>>> spacewalk.domain.com')
>>> 2013/12/11 10:29:02 -03:00 26709 0.0.0.0:
>>> osad/jabber_lib.setup_connection('ERROR', 'Traceback (most recent call
>>> last):\n File "/usr/share/rhn/osad/jabber_lib.py", line 252, in
>>> setup_connection\n c = self._get_jabber_client(js)\n File
>>> "/usr/share/rhn/osad/jabber_lib.py", line 309, in _get_jabber_client\n
>>> c.connect()\n File "/usr/share/rhn/osad/jabber_lib.py", line 567, in
>>> connect\n jabber.Client.connect(self)\n File
>>> "/usr/lib/python2.6/site-packages/jabber/xmlstream.py", line 488, in
>>> connect\n raise socket.error("Unable to connect to the host and port
>>> specified")\nerror: Unable to connect to the host and port specified\n')
>>> 2013/12/11 10:29:02 -03:00 26709 0.0.0.0:
>>> osad/jabber_lib.setup_connection('Could not connect to any jabber server',)
>>> 2013/12/11 10:29:02 -03:00 26709 0.0.0.0: osad/jabber_lib.main('Unable
>>> to connect to jabber servers, sleeping 10 seconds',)
>>>
>>> These are the c2s diff.:
>>>
>>> [root at spacewalk jabberd]# diff -u /etc/jabberd/c2s.xml
>>> /root/temp/jabberd/c2s.xml-orig
>>>
>>> --- /etc/jabberd/c2s.xml 2013-12-11 10:14:06.000000000 -0300
>>> +++ /root/temp/jabberd/c2s.xml-orig 2013-12-09 11:34:15.000000000
>>> -0300
>>> @@ -10,12 +10,12 @@
>>> <!-- Router connection configuration -->
>>> <router>
>>> <!-- IP/port the router is waiting for connections on -->
>>> - <ip>::1</ip> <!-- default: 127.0.0.1 -->
>>> + <ip>127.0.0.1</ip> <!-- default: 127.0.0.1 -->
>>> <port>5347</port> <!-- default: 5347 -->
>>>
>>> <!-- Username/password to authenticate as -->
>>> <user>jabberd</user> <!-- default: jabberd -->
>>> - <pass>9b6d8078f992346e0537a6e5514def7ffc28374b</pass>
>>> <!-- default: secret -->
>>> + <pass>71d26fd8f21c6cf9660217f363613a45d3a28e9d</pass>
>>> <!-- default: secret -->
>>>
>>> <!-- File containing an SSL certificate and private key to use when
>>> setting up an encrypted channel with the router. From
>>> @@ -50,7 +50,7 @@
>>> </router>
>>>
>>> <!-- Log configuration - type is "syslog", "file" or "stdout" -->
>>> - <log type="syslog">
>>> + <log type='syslog'>
>>> <!-- If logging to syslog, this is the log ident -->
>>> <ident>jabberd/c2s</ident>
>>>
>>> @@ -133,7 +133,7 @@
>>> you want this, add this attribute with any value, when you need
>>> registration disabled.
>>> -->
>>> - <id require-starttls="false"
>>> pemfile="/etc/pki/spacewalk/jabberd/server.pem" realm=""
>>> register-enable="true">spacewalk</id>
>>> + <id register-enable='mu'>localhost.localdomain</id>
>>> <!-- or
>>> <id realm='company.int'
>>> pemfile='/etc/jabberd/server.pem'
>>> @@ -149,7 +149,7 @@
>>> <id password-change='mu' /> -->
>>>
>>> <!-- IP address to bind to (default: 0.0.0.0) -->
>>> - <ip>::</ip>
>>> + <ip>0.0.0.0</ip>
>>>
>>> <!-- Port to bind to, or 0 to disable unencrypted access to the
>>> server (default: 5222) -->
>>> @@ -301,7 +301,7 @@
>>> the following checks applied.
>>>
>>> 0 disables all checks. (default: 0) -->
>>> - <interval>60</interval>
>>> + <interval>0</interval>
>>>
>>> <!-- Idle connection checks.
>>>
>>> @@ -319,7 +319,7 @@
>>> disconnected without us knowing about it.
>>>
>>> 0 disables keepalives. (default: 0) -->
>>> - <keepalive>60</keepalive>
>>> + <keepalive>0</keepalive>
>>>
>>> </check>
>>>
>>> @@ -348,7 +348,7 @@
>>> <path>/usr/lib64/jabberd</path>
>>>
>>> <!-- Backend module to use -->
>>> - <module>db</module>
>>> + <module>sqlite</module>
>>>
>>> <!-- Available authentication mechanisms -->
>>> <mechanisms>
>>> @@ -421,7 +421,7 @@
>>>
>>> <!-- Database username and password -->
>>> <user>jabberd2</user>
>>> - <pass>9b6d8078f992346e0537a6e5514def7ffc28374b</pass>
>>> + <pass>71d26fd8f21c6cf9660217f363613a45d3a28e9d</pass>
>>>
>>> <!-- Passwords in DB may be stored in plain or hashed format -->
>>> <!-- NOTE: If you are using hashed passwords, the only auth
>>> @@ -456,7 +456,7 @@
>>>
>>> <!-- Database username and password -->
>>> <user>jabberd2</user>
>>> - <pass>9b6d8078f992346e0537a6e5514def7ffc28374b</pass>
>>> + <pass>71d26fd8f21c6cf9660217f363613a45d3a28e9d</pass>
>>> </pgsql>
>>>
>>> <!-- Oracle driver configuration -->
>>> @@ -470,7 +470,7 @@
>>>
>>> <!-- Database username and password -->
>>> <user>jabberd2</user>
>>> - <pass>9b6d8078f992346e0537a6e5514def7ffc28374b</pass>
>>> + <pass>71d26fd8f21c6cf9660217f363613a45d3a28e9d</pass>
>>> </oracle>
>>>
>>> <!-- Berkeley DB module configuration -->
>>> @@ -543,7 +543,7 @@
>>> <!-- base DN of the tree. You should specify a DN for each
>>> authentication realm declared in the <local/> section above,
>>> by using the realm attribute. -->
>>> - <basedn realm="company">o=Company.com</basedn>
>>> + <basedn realm='company'>o=Company.com</basedn>
>>> <basedn>o=Example Corp.</basedn>
>>> </ldapfull>
>>>
>>> @@ -605,7 +605,7 @@
>>> <!-- base DN of the tree. You should specify a DN for each
>>> authentication realm declared in the <local/> section above,
>>> by using the realm attribute. -->
>>> - <basedn realm="company">o=Company.com</basedn>
>>> + <basedn realm='company'>o=Company.com</basedn>
>>> <basedn>o=Example Corp.</basedn>
>>> </ldap>
>>> <!-- if you want to configure more than one LDAP server
>>> @@ -623,6 +623,7 @@
>>>
>>> </authreg>
>>>
>>> -</c2s><!--
>>> +</c2s>
>>> +<!--
>>> vim: syntax=xml
>>> -->
>>>
>>> Thanks for your time and support.
>>> Regards.
>>>
>>>
>>>
>>> 2013/12/11 Balint Szigeti <balint.szgt at gmail.com>
>>>
>>>> How was the upgrade? Which version to where?
>>>>
>>>> Does client use the same version as server?
>>>> Wasn't there SSL regenerating?
>>>>
>>>> Balint
>>>>
>>>>
>>>> On 11/12/13 12:48, Net Warrior wrote:
>>>>
>>>>> Hi guys.
>>>>>
>>>>> I'm seeing this errors on the server logs after I upgraded my system:
>>>>> 2013/12/11 09:36:36 -03:00 27397 0.0.0.0: osad/jabber_lib.__init__
>>>>> 2013/12/11 09:36:36 -03:00 27397 0.0.0.0:
>>>>> osad/jabber_lib.connect('Server did not return a <features /> stanza,
>>>>> reconnecting',)
>>>>> 2013/12/11 09:36:37 -03:00 27397 0.0.0.0:
>>>>> osad/jabber_lib.connect('Server did not return a <features /> stanza,
>>>>> reconnecting',)
>>>>> 2013/12/11 09:36:38 -03:00 27397 0.0.0.0:
>>>>> osad/jabber_lib.connect('Server did not return a <features /> stanza,
>>>>> reconnecting',)
>>>>> 2013/12/11 09:36:39 -03:00 27397 0.0.0.0:
>>>>> osad/jabber_lib.connect('ERROR', 'Not able to reconnect')
>>>>> 2013/12/11 09:36:39 -03:00 27397 0.0.0.0:
>>>>> osad/jabber_lib.print_message('SSLError',)
>>>>> 2013/12/11 09:36:39 -03:00 27397 0.0.0.0:
>>>>> osad/jabber_lib.print_message('Could not connect to jabber server',
>>>>> 'spacewalk.domain.com')
>>>>> 2013/12/11 09:36:39 -03:00 27397 0.0.0.0:
>>>>> osad/jabber_lib.setup_connection('ERROR', 'Traceback (most recent call
>>>>> last):\n File "/usr/share/rhn/osad/jabber_lib.py", line 252, in
>>>>> setup_connection\n c = self._get_jabber_client(js)\n File
>>>>> "/usr/share/rhn/osad/jabber_lib.py", line 309, in _get_jabber_client\n
>>>>> c.connect()\n File "/usr/share/rhn/osad/jabber_lib.py", line 589,
>>>>> in connect\n raise SSLDisabledError\nSSLDisabledError\n')
>>>>> 2013/12/11 09:36:39 -03:00 27397 0.0.0.0:
>>>>> osad/jabber_lib.setup_connection('Could not connect to any jabber
>>>>> server',)
>>>>> 2013/12/11 09:36:39 -03:00 27397 0.0.0.0: osad/jabber_lib.main('Unable
>>>>> to connect to jabber servers, sleeping 10 seconds',)
>>>>>
>>>>> It seems SSL was disabled and no c2s service is started at all in port
>>>>> 5222, It seems there were lots of modifications in the c2s.xml but
>>>>> cannot tell which one is causing the error or if the certificate got
>>>>> corrupted, I restore the original configuration file and c2s starts,
>>>>> but but the clients cannot connect to jabber server anymore:
>>>>>
>>>>> 013-12-11 09:36:59 jabber_lib.main: Unable to connect to jabber
>>>>> servers, sleeping 108 seconds
>>>>> 2013-12-11 09:38:50 jabber_lib.main: Unable to connect to jabber
>>>>> servers, sleeping 119 seconds
>>>>> 2013-12-11 09:40:53 jabber_lib.main: Unable to connect to jabber
>>>>> servers, sleeping 109 seconds
>>>>> 2013-12-11 09:42:45 jabber_lib.main: Unable to connect to jabber
>>>>> servers, sleeping 68 seconds
>>>>> 2013-12-11 09:43:56 jabber_lib.main: Unable to connect to jabber
>>>>> servers, sleeping 71 seconds
>>>>> 2013-12-11 09:45:10 jabber_lib.main: Unable to connect to jabber
>>>>> servers, sleeping 110 seconds
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> Any help appreciated.
>>>>> Regards
>>>>>
>>>>> _______________________________________________
>>>>> Spacewalk-list mailing list
>>>>> Spacewalk-list at redhat.com
>>>>> https://www.redhat.com/mailman/listinfo/spacewalk-list
>>>>>
>>>>
>>>> _______________________________________________
>>>> Spacewalk-list mailing list
>>>> Spacewalk-list at redhat.com
>>>> https://www.redhat.com/mailman/listinfo/spacewalk-list
>>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> Spacewalk-list mailing listSpacewalk-list at redhat.comhttps://www.redhat.com/mailman/listinfo/spacewalk-list
>>>
>>>
>>>
>>> _______________________________________________
>>> Spacewalk-list mailing list
>>> Spacewalk-list at redhat.com
>>> https://www.redhat.com/mailman/listinfo/spacewalk-list
>>>
>>
>>
>>
>> _______________________________________________
>> Spacewalk-list mailing listSpacewalk-list at redhat.comhttps://www.redhat.com/mailman/listinfo/spacewalk-list
>>
>>
>>
>> _______________________________________________
>> Spacewalk-list mailing list
>> Spacewalk-list at redhat.com
>> https://www.redhat.com/mailman/listinfo/spacewalk-list
>>
>
> 1 - After the upgrade from CentOS 6.4 to 6.5, did SELinux or iptables turn
> itself back on?
>
> 2 - service statuses
> spacewalk-service status
>
> ...
> sm (pid 17446) is running...
> c2s (pid 17453) is running...
> s2s (pid 17460) is running...
> osa-dispatcher (pid 17663) is running...
> ...(plus others of course)
>
> If those services are not all running, do the following:
> spacewalk-service stop
> rm -rf /var/lib/jabberd/db/*" #(back it up if you want, it's stale and is
> regenerated if missing. Do not delete the db folder itself, though.)
> spacewalk-service start
>
>
> 3 - Check the permissions on your jabberd stuff:
> ls -lah /var/lib/jabberd/*
>
> and for good measure:
> chown -R jabber:jabber /var/lib/jabberd
>
> _______________________________________________
> Spacewalk-list mailing list
> Spacewalk-list at redhat.com
> https://www.redhat.com/mailman/listinfo/spacewalk-list
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20131211/6ab476b3/attachment.htm>
More information about the Spacewalk-list
mailing list