1. Store
  2. Apps
  3. Hardware
  4. Support
  5. Solutions

ClearFoundation

Forums
Welcome, Guest
Can't logon to Webconfig after upgrade
(1 viewing) 1 Guest
Go to bottomPage: 1
TOPIC: Can't logon to Webconfig after upgrade
#2349
Can't logon to Webconfig after upgrade 4 Years, 11 Months ago  
First the good; I have just upgraded from CC5.0 to ClearOs5.1 and everything has mostly gone OK

Now the bad; I cannot login to the Webconfig to actually change anything. I can get to Samba shares/Websites/etc that existed before the upgrade and can also ssh to the server as root.

I think I have problems with the sudoers file as I see the messages below when trying to logon to webconfig.

Any ideas?

Thanks,

-- Stuart

Code:


/var/log/secure;

Dec 27 08:56:11 mrnosey sudo: webconfig : sorry, you must have a tty to run sudo ; TTY=unknown ; PWD=/var/webconfig/htdocs ; USER=root ; COMMAND=/bin/ls /etc/kolab/kolab.conf



And turning on Webconfig debugging gives me;
Code:


/tmp/webconfig.log

Dec 27 9:08:19 EST 2009: 0.0003: error: debug: Daemon::__construct (131): called
Dec 27 9:08:19 EST 2009: 0.0026: error: debug: Software::__construct (126): called
Dec 27 9:08:21 EST 2009: 2.0776: error: debug: User::__construct (203): called
Dec 27 9:08:21 EST 2009: 2.0792: error: debug: User::CheckPassword (400): called
Dec 27 9:08:23 EST 2009: 4.0811: error: debug: User::_CalculateShaPassword (1373): called
Dec 27 9:08:23 EST 2009: 4.0816: error: debug: User::_GetLdapHandle (1780): called
Dec 27 9:08:23 EST 2009: 4.0819: error: debug: Ldap::__construct (136): called
Dec 27 9:08:23 EST 2009: 4.0822: error: debug: Daemon::__construct (131): called
Dec 27 9:08:23 EST 2009: 4.0829: error: debug: Software::__construct (126): called
Dec 27 9:08:23 EST 2009: 4.0840: error: debug: User::_GetUserInfo (1830): called
Dec 27 9:08:23 EST 2009: 4.0844: error: debug: Ldap::GetDnForUid (465): called
Dec 27 9:08:23 EST 2009: 4.0847: error: debug: Ldap::Bind (175): called
Dec 27 9:08:23 EST 2009: 4.0849: error: debug: Ldap::_LoadConfig (940): called
Dec 27 9:08:23 EST 2009: 4.0852: error: debug: ConfigurationFile::__construct (121): called
Dec 27 9:08:23 EST 2009: 4.0856: error: debug: File::__construct (273): called
Dec 27 9:08:23 EST 2009: 4.0866: error: debug: ConfigurationFile::Load (168): called
Dec 27 9:08:23 EST 2009: 4.0869: error: debug: File::GetContentsAsArray (334): called
Dec 27 9:08:23 EST 2009: 4.0871: error: debug: File::Exists (454): called
Dec 27 9:08:23 EST 2009: 4.0873: error: debug: ShellExec::__construct (74): called
Dec 27 9:08:23 EST 2009: 4.0878: error: debug: ShellExec::Execute (102): called
Dec 27 9:08:23 EST 2009: 4.0880: error: debug: ShellExec::Execute (105): command is: /bin/ls '/etc/kolab/kolab.conf'
Dec 27 9:08:23 EST 2009: 4.1073: error: debug: ShellExec::__destruct (220): called
Dec 27 9:08:23 EST 2009: 4.1079: exception: error: Ldap.class.php (947): File does not exist - - /etc/kolab/kolab.conf
Dec 27 9:08:23 EST 2009: exception: debug backtrace: Ldap.class.php (178): _LoadConfig
Dec 27 9:08:23 EST 2009: exception: debug backtrace: Ldap.class.php (468): Bind
Dec 27 9:08:23 EST 2009: exception: debug backtrace: User.class.php (1836): GetDnForUid
Dec 27 9:08:23 EST 2009: exception: debug backtrace: User.class.php (413): _GetUserInfo
Dec 27 9:08:23 EST 2009: exception: debug backtrace: Webconfig.inc.php (1096): CheckPassword
Dec 27 9:08:23 EST 2009: exception: debug backtrace: index.php (46): WebAuthenticate
Dec 27 9:08:23 EST 2009: 4.1088: error: debug: ConfigurationFile::__destruct (304): called
Dec 27 9:08:23 EST 2009: 4.1090: error: debug: File::__destruct (1499): called
Dec 27 9:08:23 EST 2009: 4.1092: exception: warning: User.class.php (1840): File does not exist - - /etc/kolab/kolab.conf
Dec 27 9:08:23 EST 2009: exception: debug backtrace: User.class.php (413): _GetUserInfo
Dec 27 9:08:23 EST 2009: exception: debug backtrace: Webconfig.inc.php (1096): CheckPassword
Dec 27 9:08:23 EST 2009: exception: debug backtrace: index.php (46): WebAuthenticate
Dec 27 9:08:23 EST 2009: 4.1108: error: debug: Webconfig::__destruct (519): called
Dec 27 9:08:23 EST 2009: 4.1111: error: debug: Daemon::__destruct (409): called
Dec 27 9:08:23 EST 2009: 4.1113: error: debug: Software::__destruct (462): called
Dec 27 9:08:23 EST 2009: 4.1115: error: debug: User::__destruct (1981): called
Dec 27 9:08:23 EST 2009: 4.1117: error: debug: Ldap::__destruct (962): called
Dec 27 9:08:23 EST 2009: 4.1119: error: debug: Daemon::__destruct (409): called
Dec 27 9:08:23 EST 2009: 4.1120: error: debug: Software::__destruct (462): called

stuliet
Junior Boarder
Posts: 20
graphgraph
User Offline Click here to see the profile of this user
The administrator has disabled public write access.
 
#2352
Re: Can't logon to Webconfig after upgrade 4 Years, 11 Months ago  
What has happened to /etc/kolab/kolab.conf ? it appears to be missing. It appears something broke during the ldap config change

Does 'ldapsync' give any output / errors?
Tim Burgess
Moderator
Posts: 6679
graph
User Offline Click here to see the profile of this user
The administrator has disabled public write access.
 
#2353
Re: Can't logon to Webconfig after upgrade 4 Years, 11 Months ago  
What does 'rpm -qi kolabd' say? ClearOS5.1 should have the following version
Code:

Name        : kolabd                       Relocations: (not relocatable)
Version     : 2.2.0                             Vendor: (none)
Release     : 5.5.v5                        Build Date: Mon 22 Jun 2009 07:39:02 PM BST
Install Date: Thu 09 Jul 2009 07:26:06 PM BST      Build Host: cc5devel.lan
Group       : System Environment/Daemons    Source RPM: kolabd-2.2.0-5.5.v5.src.rpm
Size        : 116730                           License: GPL
Signature   : DSA/SHA1, Wed 24 Jun 2009 04:27:42 AM BST, Key ID 14824ad1d1ac268d
Packager    : Point Clark Networks
Summary     : Kolab Groupware Server
Description :
Kolab is a Groupware Solution for Emails, Appointments, Contacts and more.
It supports mixed clients environments (Outlook/KDE) because of an open
storage format called Kolab-XML.

Tim Burgess
Moderator
Posts: 6679
graph
User Offline Click here to see the profile of this user
The administrator has disabled public write access.
 
#2354
Re:Can't logon to Webconfig after upgrade 4 Years, 11 Months ago  
The kolab.conf files is still there (and seems to have valid contents);

Code:


[root@mrnosey squeeze]# ls -l /etc/kolab/kolab.conf
-rw------- 1 root root 525 Jul 11 16:10 /etc/kolab/kolab.conf



as is the RPM package;

Code:


[root@mrnosey squeeze]# rpm -qi kolabd
Name        : kolabd                       Relocations: (not relocatable)
Version     : 2.2.0                             Vendor: (none)
Release     : 5.5.v5                        Build Date: Mon 22 Jun 2009 02:39:02 PM EDT
Install Date: Sat 11 Jul 2009 08:52:35 PM EDT      Build Host: cc5devel.lan
Group       : System Environment/Daemons    Source RPM: kolabd-2.2.0-5.5.v5.src.rpm
Size        : 116730                           License: GPL
Signature   : DSA/SHA1, Tue 23 Jun 2009 11:27:42 PM EDT, Key ID 14824ad1d1ac268d
Packager    : Point Clark Networks
Summary     : Kolab Groupware Server
Description :
Kolab is a Groupware Solution for Emails, Appointments, Contacts and more.
It supports mixed clients environments (Outlook/KDE) because of an open
storage format called Kolab-XML.



I think this is a sudo problem, my sudoers file has no mention of a webconfig user, so I suspect this is at least one of my problems. I tried to force reinstall the sudo rpm but this did not alter the sudoers file
stuliet
Junior Boarder
Posts: 20
graphgraph
User Offline Click here to see the profile of this user
The administrator has disabled public write access.
 
#2355
Re:Can't logon to Webconfig after upgrade 4 Years, 11 Months ago  
Forgot to say, ldapsync seems ok...

Code:


[root@mrnosey squeeze]# ldapsync
running full LDAP synchronization
restarting LDAP server
Stopping slapd: [  OK  ]
Starting slapd: [  OK  ]
restarting authentication server
Stopping saslauthd: [  OK  ]
Starting saslauthd: [  OK  ]
synchronizing configuration
synchronizing daemons with domain heronwood.co.uk
synchronizing Samba file and print services
Shutting down SMB services: [  OK  ]
Starting SMB services: [  OK  ]
synchronizing Samba netbios services
Shutting down NMB services: [  OK  ]
Starting NMB services: [  OK  ]
synchronizing POP/IMAP mail
Shutting down cyrus-imapd: [  OK  ]
Exporting cyrus-imapd databases: [  OK  ]
Importing cyrus-imapd databases: [  OK  ]
Starting cyrus-imapd: [  OK  ]
synchronizing SMTP mail
Reloading postfix: [  OK  ]
synchronizing webmail
synchronizing web proxy
2009/12/27 10:27:28| WARNING: '192.168.1.0/255.255.255.0' is a subnetwork of '192.168.1.0/255.255.255.0'
2009/12/27 10:27:28| WARNING: because of this '192.168.1.0/255.255.255.0' is ignored to keep splay tree searching predictable
2009/12/27 10:27:28| WARNING: You should probably remove '192.168.1.0/255.255.255.0' from the ACL named 'webconfig_lan'
2009/12/27 10:27:28| WARNING: '192.168.1.0/255.255.255.0' is a subnetwork of '192.168.1.0/255.255.255.0'
2009/12/27 10:27:28| WARNING: because of this '192.168.1.0/255.255.255.0' is ignored to keep splay tree searching predictable
2009/12/27 10:27:28| WARNING: You should probably remove '192.168.1.0/255.255.255.0' from the ACL named 'webconfig_to_lan'
synchronizing FTP
Reloading proftpd: [  OK  ]
synchronizing antivirus
[root@mrnosey squeeze]#

stuliet
Junior Boarder
Posts: 20
graphgraph
User Offline Click here to see the profile of this user
The administrator has disabled public write access.
 
#2363
Re:Can't logon to Webconfig after upgrade 4 Years, 11 Months ago  
Can anyone post up or send me a copy of the /etc/sudoers from a vanilla 5.1 install so I can compare to my file? Thx
stuliet
Junior Boarder
Posts: 20
graphgraph
User Offline Click here to see the profile of this user
The administrator has disabled public write access.
 
#2366
Re:Can't logon to Webconfig after upgrade 4 Years, 11 Months ago  
Code:

## Sudoers allows particular users to run various commands as
## the root user, without needing the root password.
##
## Examples are provided at the bottom of the file for collections
## of related commands, which can then be delegated out to particular
## users or groups.
##
## This file must be edited with the 'visudo' command.

## Host Aliases
## Groups of machines. You may prefer to use hostnames (perhap using
## wildcards for entire domains) or IP addresses instead.
# Host_Alias     FILESERVERS = fs1, fs2
# Host_Alias     MAILSERVERS = smtp, smtp2

## User Aliases
## These aren't often necessary, as you can use regular groups
## (ie, from files, LDAP, NIS, etc) in this file - just use %groupname
## rather than USERALIAS
# User_Alias ADMINS = jsmith, mikem


## Command Aliases
## These are groups of related commands...

## Networking
Cmnd_Alias NETWORKING = /sbin/route, /sbin/ifconfig, /bin/ping, /sbin/dhclient, /usr/bin/net, /sbin/iptables, /usr/bin/rfcomm, /usr/bin/wvdial, /sbin/iwconfig, /sbin/mii-tool

## Installation and management of software
Cmnd_Alias SOFTWARE = /bin/rpm, /usr/bin/up2date, /usr/bin/yum

## Services
Cmnd_Alias SERVICES = /sbin/service, /sbin/chkconfig

## Updating the locate database
Cmnd_Alias LOCATE = /usr/sbin/updatedb

## Storage
Cmnd_Alias STORAGE = /sbin/fdisk, /sbin/sfdisk, /sbin/parted, /sbin/partprobe, /bin/mount, /bin/umount

## Delegating permissions
Cmnd_Alias DELEGATING = /usr/sbin/visudo, /bin/chown, /bin/chmod, /bin/chgrp

## Processes
Cmnd_Alias PROCESSES = /bin/nice, /bin/kill, /usr/bin/kill, /usr/bin/killall

## Drivers
Cmnd_Alias DRIVERS = /sbin/modprobe

# Defaults specification

#
# Disable "ssh hostname sudo <cmd>", because it will show the password in clear.
#         You have to run "ssh -t hostname sudo <cmd>".
#
# Defaults    requiretty

Defaults    env_reset
Defaults    env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR \
                        LS_COLORS MAIL PS1 PS2 QTDIR USERNAME \
                        LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION \
                        LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC \
                        LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS \
                        _XKB_CHARSET XAUTHORITY"

## Next comes the main part: which users can run what software on
## which machines (the sudoers file can be shared between multiple
## systems).
## Syntax:
##
##      user    MACHINE=COMMANDS
##
## The COMMANDS section may have other options added to it.
##
## Allow root to run any commands anywhere
root    ALL=(ALL)       ALL

## Allows members of the 'sys' group to run networking, software
## service management apps and more.
# %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS

## Allows people in group wheel to run all commands
# %wheel        ALL=(ALL)       ALL

## Same thing without a password
# %wheel        ALL=(ALL)       NOPASSWD: ALL

## Allows members of the users group to mount and unmount the
## cdrom as root
# %users  ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom

## Allows members of the users group to shutdown this system
# %users  localhost=/sbin/shutdown -h now

Defaults:webconfig !syslog
Defaults:root !syslog
Cmnd_Alias CC = /sbin/reboot, /sbin/halt, /usr/sbin/add-samba-directories, /usr/bin/api, /usr/sbin/syncmailboxes, /usr/sbin/api, /sbin/iptables, /var/webconfig/scripts/userimport.php, /usr/sbin/awstatsreports, /var/webconfig/scripts/avscan.php, /var/webconfig/scripts/archive_resend.php, /var/webconfig/scripts/archive.php, /usr/bin/archive_bootstrap, /usr/sbin/postsuper, /usr/sbin/postmap, /usr/sbin/postfix, /usr/sbin/postconf, /usr/sbin/mailqfmt.pl, /usr/bin/newaliases, /usr/sbin/usersetup, /usr/sbin/syncusers, /usr/sbin/groupmod, /usr/sbin/groupdel, /usr/sbin/groupadd, /usr/sbin/useradd, /usr/bin/passwd, /usr/bin/snortsam-state, /usr/bin/zgrep, /usr/bin/pdbedit, /usr/bin/net, /usr/bin/smbpasswd, /usr/sbin/dhcptest, /usr/sbin/tracklist, /usr/sbin/hping2, /usr/sbin/tw_cli, /usr/sbin/mpt-status, /sbin/sfdisk, /sbin/mdadm, /bin/umount, /bin/mount, /usr/sbin/updateflexperms, /usr/sbin/proftpd, /usr/sbin/httpd, /usr/bin/freshclam, /usr/bin/yum, /var/webconfig/scripts/rbs-schedule.php, /var/webconfig/scripts/rbs-client.php, /usr/bin/killall, /usr/bin/mkhost.sh, /bin/tar, /sbin/iwconfig, /sbin/ifup, /sbin/ifdown, /sbin/ifconfig, /sbin/ethtool, /bin/netstat, /bin/hostname, /usr/sbin/authconfig, /usr/sbin/ldapsync, /usr/sbin/kolabconf, /usr/sbin/slapcat, /usr/sbin/slapadd, /usr/sbin/slappasswd, /usr/bin/openssl, /usr/sbin/ntpdate, /sbin/hwclock, /usr/sbin/userdel, /usr/sbin/app-rename, /usr/sbin/app-realpath, /usr/sbin/app-passwd, /usr/bin/du, /usr/bin/chfn, /usr/bin/head, /usr/bin/find, /usr/bin/file, /sbin/service, /sbin/shutdown, /sbin/chkconfig, /bin/touch, /bin/rm, /bin/mv, /bin/mkdir, /bin/ls, /bin/kill, /bin/cp, /bin/chown, /bin/chmod, /bin/cat
webconfig ALL=NOPASSWD: CC
Cmnd_Alias CLEARCONSOLE = /usr/bin/iptraf, /usr/sbin/console_start, /usr/sbin/tc-yum, /bin/rpm, /sbin/halt, /sbin/reboot
clearconsole ALL=NOPASSWD: CLEARCONSOLE

Might help? from my 5.1 install
Tim Burgess
Moderator
Posts: 6679
graph
User Offline Click here to see the profile of this user
The administrator has disabled public write access.
 
#2367
Re:Can't logon to Webconfig after upgrade 4 Years, 11 Months ago  
We have a winner!

Many thanks; now I am off to see what else I have managed to break!
stuliet
Junior Boarder
Posts: 20
graphgraph
User Offline Click here to see the profile of this user
The administrator has disabled public write access.
 
Go to topPage: 1
  get the latest posts directly to your desktop