Error while creating volume in openstack - openstack
I installed devstack of openstack.
When I login using admin user and create a volume. It shows error as a status.
I got following in error log (syslog file). But couldn't find any resolution by google. What's wrong happening with this.
Jun 21 13:29:08 krishna-Lenovo-G550 cinder-volume[707]: ERROR oslo_service.service #033[01;35m#033[00mConnectionFailedError: HTTPConnectionPool(host='192.168.43.88', port=2379): Max retries exceeded with url: /v3alpha/lease/grant (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7f4b75d3c110>: Failed to establish a new connection: [Errno 101] ENETUNREACH',))
Jun 21 13:29:08 krishna-Lenovo-G550 cinder-volume[707]: ERROR oslo_service.service #033[01;35m#033[00m
Jun 21 13:29:08 krishna-Lenovo-G550 cinder-volume[707]: #033[00;32mDEBUG oslo_concurrency.lockutils [#033[01;36mNone req-a2a87ca1-802a-4e3d-abe9-e28601906c44 #033[00;36mNone None#033[00;32m] #033[01;35m#033[00;32mAcquired semaphore "singleton_lock"#033[00m #033[00;33m{{(pid=3263) lock /usr/local/lib/python2.7/dist-packages/oslo_concurrency/lockutils.py:212}}#033[00m
Jun 21 13:29:08 krishna-Lenovo-G550 cinder-volume[707]: #033[00;32mDEBUG oslo_concurrency.lockutils [#033[01;36mNone req-a2a87ca1-802a-4e3d-abe9-e28601906c44 #033[00;36mNone None#033[00;32m] #033[01;35m#033[00;32mReleasing semaphore "singleton_lock"#033[00m #033[00;33m{{(pid=3263) lock /usr/local/lib/python2.7/dist-packages/oslo_concurrency/lockutils.py:228}}#033[00m
Jun 21 13:29:08 krishna-Lenovo-G550 cinder-volume[707]: #033[00;36mINFO oslo_service.service [#033[01;36mNone req-a2a87ca1-802a-4e3d-abe9-e28601906c44 #033[00;36mNone None#033[00;36m] #033[01;35m#033[00;36mChild 3263 exited with status 1#033[00m
Jun 21 13:29:08 krishna-Lenovo-G550 cinder-volume[707]: #033[00;32mDEBUG oslo_service.service [#033[01;36mNone req-a2a87ca1-802a-4e3d-abe9-e28601906c44 #033[00;36mNone None#033[00;32m] #033[01;35m#033[00;32mStarted child 3264#033[00m #033[00;33m{{(pid=707) _start_child /usr/local/lib/python2.7/dist-packages/oslo_service/service.py:577}}#033[00m
Jun 21 13:29:08 krishna-Lenovo-G550 cinder-volume[707]: #033[00;36mINFO cinder.service [#033[00;36m-#033[00;36m] #033[01;35m#033[00;36mStarting cinder-volume node (version 13.0.0)#033[00m
Jun 21 13:29:08 krishna-Lenovo-G550 cinder-volume[707]: #033[01;31mERROR oslo_service.service [#033[00;36m-#033[01;31m] #033[01;35m#033[01;31mError starting thread.#033[00m: ConnectionFailedError: HTTPConnectionPool(host='192.168.43.88', port=2379): Max retries exceeded with url: /v3alpha/lease/grant (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7f4b75d3c110>: Failed to establish a new connection: [Errno 101] ENETUNREACH',))
Jun 21 13:29:08 krishna-Lenovo-G550 cinder-volume[707]: ERROR oslo_service.service #033[01;35m#033[00mTraceback (most recent call last):
Jun 21 13:29:08 krishna-Lenovo-G550 cinder-volume[707]: ERROR oslo_service.service #033[01;35m#033[00m File "/usr/local/lib/python2.7/dist-packages/oslo_service/service.py", line 792, in run_service
Jun 21 13:29:08 krishna-Lenovo-G550 cinder-volume[707]: ERROR oslo_service.service #033[01;35m#033[00m service.start()
Jun 21 13:29:08 krishna-Lenovo-G550 cinder-volume[707]: ERROR oslo_service.service #033[01;35m#033[00m File "/opt/stack/cinder/cinder/service.py", line 219, in start
Jun 21 13:29:08 krishna-Lenovo-G550 cinder-volume[707]: ERROR oslo_service.service #033[01;35m#033[00m coordination.COORDINATOR.start()
Jun 21 13:29:08 krishna-Lenovo-G550 cinder-volume[707]: ERROR oslo_service.service #033[01;35m#033[00m File "/opt/stack/cinder/cinder/coordination.py", line 67, in start
Jun 21 13:29:08 krishna-Lenovo-G550 cinder-volume[707]: ERROR oslo_service.service #033[01;35m#033[00m self.coordinator.start(start_heart=True)
Jun 21 13:29:08 krishna-Lenovo-G550 cinder-volume[707]: ERROR oslo_service.service #033[01;35m#033[00m File "/usr/local/lib/python2.7/dist-packages/tooz/coordination.py", line 687, in start
Jun 21 13:29:08 krishna-Lenovo-G550 cinder-volume[707]: ERROR oslo_service.service #033[01;35m#033[00m super(CoordinationDriverWithExecutor, self).start(start_heart)
Jun 21 13:29:08 krishna-Lenovo-G550 cinder-volume[707]: ERROR oslo_service.service #033[01;35m#033[00m File "/usr/local/lib/python2.7/dist-packages/tooz/coordination.py", line 423, in start
Jun 21 13:29:08 krishna-Lenovo-G550 cinder-volume[707]: ERROR oslo_service.service #033[01;35m#033[00m self._start()
Jun 21 13:29:08 krishna-Lenovo-G550 cinder-volume[707]: ERROR oslo_service.service #033[01;35m#033[00m File "/usr/local/lib/python2.7/dist-packages/tooz/drivers/etcd3gw.py", line 196, in _start
Jun 21 13:29:08 krishna-Lenovo-G550 cinder-volume[707]: ERROR oslo_service.service #033[01;35m#033[00m self._membership_lease = self.client.lease(self.membership_timeout)
Jun 21 13:29:08 krishna-Lenovo-G550 cinder-volume[707]: ERROR oslo_service.service #033[01;35m#033[00m File "/usr/local/lib/python2.7/dist-packages/etcd3gw/client.py", line 115, in lease
Jun 21 13:29:08 krishna-Lenovo-G550 cinder-volume[707]: ERROR oslo_service.service #033[01;35m#033[00m json={"TTL": ttl, "ID": 0})
Jun 21 13:29:08 krishna-Lenovo-G550 cinder-volume[707]: ERROR oslo_service.service #033[01;35m#033[00m File "/usr/local/lib/python2.7/dist-packages/etcd3gw/client.py", line 88, in post
Jun 21 13:29:08 krishna-Lenovo-G550 cinder-volume[707]: ERROR oslo_service.service #033[01;35m#033[00m raise exceptions.ConnectionFailedError(six.text_type(ex))
I have ubuntu 18.04 LTS boot from 64 gb USB.
Volume size is -> 1 GB.
Volume type is -> lvmdriver-1.
Volume source is -> No source, empty volume
As per following reference.
https://ask.openstack.org/en/question/51180/error-connectionerror-httpconnectionpoolhostopenstack-port8774-max-retries-exceeded-with-url-v24ca42a660b0c4ff48db51d3187215dd4imagesdetail-caused-by/
following command.
sudo nova-manage service list
gives following.
/usr/local/lib/python2.7/dist-packages/psycopg2/__init__.py:144: UserWarning: The psycopg2 wheel package will be renamed from release 2.8; in order to keep installing from binary please use "pip install psycopg2-binary" instead. For details see: <http://initd.org/psycopg/docs/install.html#binary-install-from-pypi>.
""")
usage: nova-manage [-h] [--remote_debug-host REMOTE_DEBUG_HOST]
[--remote_debug-port REMOTE_DEBUG_PORT] [--config-dir DIR]
[--config-file PATH] [--debug] [--log-config-append PATH]
[--log-date-format DATE_FORMAT] [--log-dir LOG_DIR]
[--log-file PATH] [--nodebug] [--nopost-mortem]
[--nouse-journal] [--nouse-json] [--nouse-syslog]
[--nowatch-log-file] [--post-mortem]
[--syslog-log-facility SYSLOG_LOG_FACILITY] [--use-journal]
[--use-json] [--use-syslog] [--version] [--watch-log-file]
{version,bash-completion,placement,network,cell_v2,db,cell,floating,api_db}
...
nova-manage: error: argument category: invalid choice: 'service' (choose from 'version', 'bash-completion', 'placement', 'network', 'cell_v2', 'db', 'cell', 'floating', 'api_db')
Following command:
sudo rabbitmqctl status
gives following:
Status of node 'rabbit#krishna-Lenovo-G550'
[{pid,1851},
{running_applications,
[{rabbit,"RabbitMQ","3.6.10"},
{ranch,"Socket acceptor pool for TCP protocols.","1.3.0"},
{ssl,"Erlang/OTP SSL application","8.2.3"},
{public_key,"Public key infrastructure","1.5.2"},
{asn1,"The Erlang ASN1 compiler version 5.0.4","5.0.4"},
{crypto,"CRYPTO","4.2"},
{rabbit_common,
"Modules shared by rabbitmq-server and rabbitmq-erlang-client",
"3.6.10"},
{compiler,"ERTS CXC 138 10","7.1.4"},
{xmerl,"XML parser","1.3.16"},
{os_mon,"CPO CXC 138 46","2.4.4"},
{mnesia,"MNESIA CXC 138 12","4.15.3"},
{syntax_tools,"Syntax tools","2.1.4"},
{sasl,"SASL CXC 138 11","3.1.1"},
{stdlib,"ERTS CXC 138 10","3.4.3"},
{kernel,"ERTS CXC 138 10","5.4.1"}]},
{os,{unix,linux}},
{erlang_version,
"Erlang/OTP 20 [erts-9.2] [source] [64-bit] [smp:2:2] [ds:2:2:10] [async-threads:64] [kernel-poll:true]\n"},
{memory,
[{total,127617792},
{connection_readers,813376},
{connection_writers,57704},
{connection_channels,182760},
{connection_other,1578088},
{queue_procs,747128},
{queue_slave_procs,0},
{plugins,0},
{other_proc,17494600},
{mnesia,173768},
{metrics,271752},
{mgmt_db,0},
{msg_index,58592},
{other_ets,1914184},
{binary,73692752},
{code,21401226},
{atom,900041},
{other_system,8600765}]},
{alarms,[]},
{listeners,[{clustering,25672,"::"},{amqp,5672,"::"}]},
{vm_memory_high_watermark,0.4},
{vm_memory_limit,3317874688},
{disk_free_limit,50000000},
{disk_free,44431437824},
{file_descriptors,
[{total_limit,65436},
{total_used,30},
{sockets_limit,58890},
{sockets_used,28}]},
{processes,[{limit,1048576},{used,549}]},
{run_queue,0},
{uptime,5312},
{kernel,{net_ticktime,60}}]
If you want to check the nova services status the command is:
Using openstack CLI:
openstack compute service list
Using nova CLI:
nova service-list
Related
Error ldap_sasl_bind_s failed (49) on Multi-Master
The error that appears is this: Dec 30 18:07:24 openldap03 slapd[16460]: slap_client_connect: URI=ldap://openldap02 DN="cn=config" ldap_sasl_bind_s failed (49) Dec 30 18:07:24 openldap03 slapd[16460]: do_syncrepl: rid=002 rc 49 retrying (1 retries left) Dec 30 18:07:24 openldap03 slapd[16460]: slap_client_connect: URI=ldap://openldap01 DN="cn=config" ldap_sasl_bind_s failed (49) Dec 30 18:07:24 openldap03 slapd[16460]: do_syncrepl: rid=001 rc 49 retrying (1 retries left) ... Dec 30 18:09:54 openldap03 slapd[16460]: slap_client_connect: URI=ldap://openldap02 DN="cn=ldapadm,dc=domain,dc=local" ldap_sasl_bind_s failed (49) Dec 30 18:09:54 openldap03 slapd[16460]: do_syncrepl: rid=005 rc 49 retrying (1 retries left) Dec 30 18:09:54 openldap03 slapd[16460]: slap_client_connect: URI=ldap://openldap01 DN="cn=ldapadm,dc=domain,dc=local" ldap_sasl_bind_s failed (49) Dec 30 18:09:54 openldap03 slapd[16460]: do_syncrepl: rid=004 rc 49 retrying (1 retries left) Connection is fine: [root#openldap03 ~]# telnet openldap01 389 Trying 172.16.11.203... Connected to openldap01. Escape character is '^]'. ^] [root#openldap03 ~]# telnet openldap02 389 Trying 172.16.11.205... Connected to openldap02. Escape character is '^]'. ^] I can add the configuration if they ask me what command to execute How can I troubleshoot this error? thanks!
The return code 49 stands for "Invalid credential". You do not have connectivity problem, but the credential you set are not the right one.
Snakemake: R script fails (almost) immediately
Once more I'm encountering an error in my snakemake workflow that doesn't make any sense to me.
This is the error I get:
[Thu Jan 25 10:47:00 2018] Building DAG of jobs...
[Thu Jan 25 10:47:01 2018] Provided cores: 24
[Thu Jan 25 10:47:01 2018] Rules claiming more threads will be scaled down.
[Thu Jan 25 10:47:01 2018] Job counts:
[Thu Jan 25 10:47:01 2018] count jobs
[Thu Jan 25 10:47:01 2018] 1 merging_seurat
[Thu Jan 25 10:47:01 2018] 1
[Thu Jan 25 10:47:01 2018] Job 0: --- Merging samples using seurat.
Error in setClass("Snakemake", slots = c(input = "list", output = "list", :
unused argument(s) (slots = c(input = "list", output = "list", params = "list", wildcards = "list", threads = "numeric", log = "list", resources = "list", config = "list", rule = "character"))
Execution halted
[Thu Jan 25 10:47:02 2018] Error in rule merging_seurat:
[Thu Jan 25 10:47:02 2018] jobid: 0
[Thu Jan 25 10:47:02 2018] output: merging_seurat/12_top10_heatmap_all_wilcox.pdf, merging_seurat/13_top10_heatmap_all_roc.pdf, merging_seurat/merging_seurat.RData
[Thu Jan 25 10:47:02 2018] RuleException:
[Thu Jan 25 10:47:02 2018] CalledProcessError in line 372 of .../snakemake_pipeline/Snakefile:
[Thu Jan 25 10:47:02 2018] Command ' set -euo pipefail; Rscript .../snakemake_pipeline/scripts/.snakemake.jv8ijpiw.merging_seurat.R ' returned non-zero exit status 1
[Thu Jan 25 10:47:02 2018] File ".../snakemake_pipeline/Snakefile", line 372, in __rule_merging_seurat
[Thu Jan 25 10:47:02 2018] File ".../tools/anaconda3/envs/Seurat/lib/python3.5/concurrent/futures/thread.py", line 55, in run
[Thu Jan 25 10:47:02 2018] Will exit after finishing currently running jobs.
[Thu Jan 25 10:47:02 2018] Exiting because a job execution failed. Look above for error message
[Thu Jan 25 10:47:02 2018] Complete log: .../snakemake_6/.snakemake/log/2018-01-25T104700.498155.snakemake.log
This is the rule in question:
rule merging_seurat:
input: expand("{sample}/molecule_count/counts_wide.tsv", sample=config["samples"]),
output: "merging_seurat/12_top10_heatmap_all_wilcox.pdf",
"merging_seurat/13_top10_heatmap_all_roc.pdf",
"merging_seurat/merging_seurat.RData"
message: "--- Merging samples using seurat."
script: "scripts/merging_seurat.R"
Here we have the top of the R script that is still executed:
sink('merging_seurat/output.txt')
print(installed.packages())
print(sessionInfo())
sink()
And these are the following lines in the R script that are not executed anymore:
library('Seurat')
library('dplyr')
library('org.Hs.eg.db')
Because I logged the packages that are available, I know that the three packages that should be loaded are also installed so it shouldn't fail because of that. In fact, commenting these lines out doesn't change anything, the script still breaks and the log message that should come right after loading the packages is not written to the log file.
Finally, this is the command that I use to run snakemake:
snakemake --use-conda \
--latency-wait 90 \
--rerun-incomplete \
--keep-going \
--timestamp \
--cluster-config SGE.json \
--cluster "qsub -cwd -N {cluster.name} -l h_vmem={cluster.h_vmem},h_stack=256M -o {cluster.stdout}{cluster.name}.o -e {cluster.stderr}{cluster.name}.e -m {cluster.mailtype} -M {cluster.mailuser}" \
-j 8 \
--directory .../snakemake_6
Does anybody have a clue what the error message could mean? unused argument of the snakemake R object is strange because I'm calling multiple parameters later on in the script.
What is even more strange is that I have another R script that works with different packages but has very similar first lines runs fine. I remember that in the beginning I had the same problem with that script (same error message) but don't remember how I solved it.
Any help is well appreciated.
openstack dashboard gives internal server error
when i try to open dashboard it gives internal server error. It was running fine earlier but suddenly this error occurred.
Here is my apache log :
[Fri Jun 23 16:43:50.321423 2017] [:error] [pid 31878:tid 140589128623872] [remote 10.0.30.11:41599] mod_wsgi (pid=31878): Exception occurred processing WSGI script '/usr/share/openstack-dashboard/openstack_dashboard/wsgi/django.wsgi'.
[Fri Jun 23 16:43:50.321468 2017] [:error] [pid 31878:tid 140589128623872] [remote 10.0.30.11:41599] Traceback (most recent call last):
[Fri Jun 23 16:43:50.321485 2017] [:error] [pid 31878:tid 140589128623872] [remote 10.0.30.11:41599] File "/usr/lib/python2.7/dist-packages/django/core/handlers/wsgi.py", line 168, in __call__
[Fri Jun 23 16:43:50.321506 2017] [:error] [pid 31878:tid 140589128623872] [remote 10.0.30.11:41599] self.load_middleware()
[Fri Jun 23 16:43:50.321607 2017] [:error] [pid 31878:tid 140589128623872] [remote 10.0.30.11:41599] File "/usr/lib/python2.7/dist-packages/django/core/handlers/base.py", line 46, in load_middleware
[Fri Jun 23 16:43:50.321620 2017] [:error] [pid 31878:tid 140589128623872] [remote 10.0.30.11:41599] mw_instance = mw_class()
[Fri Jun 23 16:43:50.321625 2017] [:error] [pid 31878:tid 140589128623872] [remote 10.0.30.11:41599] File "/usr/lib/python2.7/dist-packages/django/middleware/locale.py", line 23, in __init__
[Fri Jun 23 16:43:50.321633 2017] [:error] [pid 31878:tid 140589128623872] [remote 10.0.30.11:41599] for url_pattern in get_resolver(None).url_patterns:
[Fri Jun 23 16:43:50.321637 2017] [:error] [pid 31878:tid 140589128623872] [remote 10.0.30.11:41599] File "/usr/lib/python2.7/dist-packages/django/core/urlresolvers.py", line 372, in url_patterns
[Fri Jun 23 16:43:50.321644 2017] [:error] [pid 31878:tid 140589128623872] [remote 10.0.30.11:41599] patterns = getattr(self.urlconf_module, "urlpatterns", self.urlconf_module)
[Fri Jun 23 16:43:50.321648 2017] [:error] [pid 31878:tid 140589128623872] [remote 10.0.30.11:41599] File "/usr/lib/python2.7/dist-packages/django/core/urlresolvers.py", line 366, in urlconf_module
[Fri Jun 23 16:43:50.321654 2017] [:error] [pid 31878:tid 140589128623872] [remote 10.0.30.11:41599] self._urlconf_module = import_module(self.urlconf_name)
[Fri Jun 23 16:43:50.321658 2017] [:error] [pid 31878:tid 140589128623872] [remote 10.0.30.11:41599] File "/usr/lib/python2.7/importlib/__init__.py", line 37, in import_module
[Fri Jun 23 16:43:50.321665 2017] [:error] [pid 31878:tid 140589128623872] [remote 10.0.30.11:41599] __import__(name)
[Fri Jun 23 16:43:50.321669 2017] [:error] [pid 31878:tid 140589128623872] [remote 10.0.30.11:41599] File "/usr/share/openstack-dashboard/openstack_dashboard/wsgi/../../openstack_dashboard/urls.py", line 35, in <module>
[Fri Jun 23 16:43:50.321676 2017] [:error] [pid 31878:tid 140589128623872] [remote 10.0.30.11:41599] url(r'^api/', include('openstack_dashboard.api.rest.urls')),
[Fri Jun 23 16:43:50.321680 2017] [:error] [pid 31878:tid 140589128623872] [remote 10.0.30.11:41599] File "/usr/lib/python2.7/dist-packages/django/conf/urls/__init__.py", line 28, in include
[Fri Jun 23 16:43:50.321687 2017] [:error] [pid 31878:tid 140589128623872] [remote 10.0.30.11:41599] urlconf_module = import_module(urlconf_module)
[Fri Jun 23 16:43:50.321691 2017] [:error] [pid 31878:tid 140589128623872] [remote 10.0.30.11:41599] File "/usr/lib/python2.7/importlib/__init__.py", line 37, in import_module
[Fri Jun 23 16:43:50.321697 2017] [:error] [pid 31878:tid 140589128623872] [remote 10.0.30.11:41599] __import__(name)
[Fri Jun 23 16:43:50.321701 2017] [:error] [pid 31878:tid 140589128623872] [remote 10.0.30.11:41599] File "/usr/share/openstack-dashboard/openstack_dashboard/wsgi/../../openstack_dashboard/api/__init__.py", line 34, in <module>
[Fri Jun 23 16:43:50.321708 2017] [:error] [pid 31878:tid 140589128623872] [remote 10.0.30.11:41599] from openstack_dashboard.api import base
[Fri Jun 23 16:43:50.321726 2017] [:error] [pid 31878:tid 140589128623872] [remote 10.0.30.11:41599] ImportError: cannot import name base
If you Google for this error, you will find a bug report on Launchpad, with a long rambling set of comments. The last one says: From the responses here it seems that the root issue with those encountering this "bug" is that their Horizon installation is missing some dependency, and installing that dependency fixes the issue. The error reported "ImportError: cannot import name base" is a symptom of the failure to load all dependent modules. The cause therefore would appear to be incomplete or erroneous installation documentation. (Or possibly ... failure to follow the installation instructions.) In short, check that you have installed the correct versions of all of the dependencies for Horizon. A second bug report may offer more clues. You say: It was running fine earlier but suddenly this error occurred. That might be due to update / patch being applied.
postfix disable bounce for transport
I have postfix with different transport. For one of these transports I want to disable message bounce. master.cf smtp inet n - n - - smtpd pickup fifo n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr fifo n - n 300 1 qmgr tlsmgr unix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - n - - smtp relay unix - - n - - smtp -o smtp_fallback_relay= showq unix n - n - - showq error unix - - n - - error retry unix - - n - - error discard unix - - n - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scache unix - - n - 1 scache dovecot unix - n n - - pipe flags=DRhu user=vmail:mail argv=/usr/libexec/dovecot/deliver -d $(recipient) emailtransport unix - n n - - pipe flags=X user=transpostfix argv=/media/raid1m/mailparse/emailtransport.php #****** other options ************ other2emailtransport unix - n n - - pipe flags=X user=other2transpostfix argv=/media/raid1m/mailparse/other2emailtransport.php log output: Mar 26 15:35:14 machin1 postfix/smtpd[12110]: connect from client=68.ip-11-11-10.eu[11.12.13.14] Mar 26 15:35:14 machin1 postfix/smtpd[12125]: connect from client=68.ip-11-11-10.eu[11.12.13.14] Mar 26 15:35:14 machin1 postfix/pipe[3893]: 0738C180997: to=<transpostfix#localhost.localhost>, orig_to=<zauri.t#ass.exemple.com.domain>, relay=emailtransport, delay=0.5, delays=0.07/0/0/0.42, dsn=2.0.0, status=sent (delivered via emailtransport service) Mar 26 15:35:14 machin1 postfix/qmgr[12106]: 0738C180997: removed Mar 26 15:35:14 machin1 postfix/smtpd[12110]: setting up TLS connection from client=68.ip-11-11-10.eu[11.12.13.14] Mar 26 15:35:14 machin1 postfix/smtpd[12125]: CC0FF180996: client=client=68.ip-11-11-10.eu[11.12.13.14] Mar 26 15:35:14 machin1 postfix/smtpd[21657]: disconnect from client=68.ip-11-11-10.eu[11.12.13.14] Mar 26 15:35:14 machin1 postfix/smtpd[12110]: Anonymous TLS connection established from client=68.ip-11-11-10.eu[11.12.13.14]: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits) Mar 26 15:35:15 machin1 postfix/smtpd[12224]: 1662E180997: client=client=68.ip-11-11-10.eu[11.12.13.14] Mar 26 15:35:15 machin1 postfix/cleanup[20853]: CC0FF180996: message-id=<a779c13adb0ff35fc576b6a9a3a779c7#async.clubggff.com> Mar 26 15:35:15 machin1 postfix/qmgr[12106]: CC0FF180996: from=<notification+kjdkjivh3i_d#example-mail.com>, size=16051, nrcpt=1 (queue active) Mar 26 15:35:15 machin1 postfix/smtpd[12110]: 6873F180998: client=client=68.ip-11-11-10.eu[11.12.13.14] Mar 26 15:35:15 machin1 postfix/cleanup[21196]: 1662E180997: message-id=<cb01d448de2987547cd69fcab1e92f92#async.clubggff.com> Mar 26 15:35:15 machin1 postfix/pipe[6928]: CC0FF180996: to=<transpostfix#localhost.localhost>, orig_to=<s01064154705#add3000.exemple.com.domain>, relay=emailtransport, delay=0.97, delays=0.55/0/0/0.42, dsn=2.0.0, status=sent (delivered via emailtransport service) Mar 26 15:35:15 machin1 postfix/qmgr[12106]: CC0FF180996: removed Mar 26 15:35:15 machin1 postfix/cleanup[21201]: 6873F180998: message-id=<1729890133889801-1540059429539540#groups.clubggff.com> Mar 26 15:35:15 machin1 postfix/qmgr[12106]: 1662E180997: from=<notification+kjdkj5wd1k3_#example-mail.com>, size=18421, nrcpt=1 (queue active) Mar 26 15:35:15 machin1 postfix/qmgr[12106]: 6873F180998: from=<notification+kjdkpj3hdv5d#example-mail.com>, size=24947, nrcpt=1 (queue active) Mar 26 15:35:16 machin1 postfix/pipe[6941]: 1662E180997: to=<transpostfix#localhost.localhost>, orig_to=<margaretgarza#add3000.exemple.com.domain>, relay=emailtransport, delay=1.4, delays=0.95/0/0/0.41, dsn=2.0.0, status=sent (delivered via emailtransport service) Mar 26 15:35:16 machin1 postfix/qmgr[12106]: 1662E180997: removed Mar 26 15:35:16 machin1 postfix/smtpd[12154]: NOQUEUE: reject: RCPT from client=68.ip-11-11-10.eu[11.12.13.14]: 504 5.5.2 <164.132.109.68>: Helo command rejected: need fully-qualified hostname; from=<mbeuwen#sfilc.com> to=<t120304677#yahoo.com.tw> proto=SMTP helo=<164.132.109.68> Mar 26 15:35:16 machin1 postfix/smtpd[12130]: disconnect from client=68.ip-11-11-10.eu[11.12.13.14] Mar 26 15:35:16 machin1 postfix/smtpd[12157]: connect from client=68.ip-11-11-10.eu[11.12.13.14] Mar 26 15:35:16 machin1 postfix/pipe[6938]: 6873F180998: to=<transpostfix#localhost.localhost>, orig_to=<fgbdfscxw#my-dom.exemple.com.domain>, relay=emailtransport, delay=1, delays=0.58/0/0/0.47, dsn=5.3.0, status=bounced (Command died with status 255: "/media/raid1m/mailparse/emailtransport.php") Mar 26 15:35:16 machin1 postfix/cleanup[22236]: 4FFE918099A: message-id=<20160326133516.4FFE918099A#1.444.exemple.com.domain> Mar 26 15:35:16 machin1 postfix/bounce[10936]: 6873F180998: sender non-delivery notification: 4FFE918099A Mar 26 15:35:16 machin1 postfix/qmgr[12106]: 4FFE918099A: from=<>, size=27004, nrcpt=1 (queue active) Mar 26 15:35:16 machin1 postfix/qmgr[12106]: 6873F180998: removed Mar 26 15:35:16 machin1 postfix/error[10938]: 4FFE918099A: to=<notification+kjdkpj3hdv5d#example-mail.com>, relay=none, delay=0.03, delays=0.01/0.01/0/0.01, dsn=4.3.5, status=deferred (delivery temporarily suspended: Host or domain name not found. Name service error for name=delete-lev.exemple.com.domain type=A: Host not found) I need disable bounce for emailtransport. Some time emailtransport.php give a mistake, but it's exactly does the job I want. How to turn off any that bounce message to emailtransport and so that it did not affect the work or other transports such as other2emailtransport I don't need this: Mar 26 15:35:16 machin1 postfix/pipe[6938]: 6873F180998: to=<transpostfix#localhost.localhost>, orig_to=<fgbdfscxw#my-dom.exemple.com.domain>, relay=emailtransport, delay=1, delays=0.58/0/0/0.47, dsn=5.3.0, status=bounced (Command died with status 255: "/media/raid1m/mailparse/emailtransport.php") Mar 26 15:35:16 machin1 postfix/cleanup[22236]: 4FFE918099A: message-id=<20160326133516.4FFE918099A#1.444.exemple.com.domain> Mar 26 15:35:16 machin1 postfix/bounce[10936]: 6873F180998: sender non-delivery notification: 4FFE918099A After Command died with status 255 I need delete message 6873F180998. And don't send bound message 4FFE918099A.
I solved my problem but it does not quite answer my question.
In the documentation is written: http://www.postfix.org/pipe.8.html
DIAGNOSTICS
Command exit status codes are expected to follow the conventions
defined in <sysexits.h>. Exit status 0 means normal successful comple-
tion.
In the case of a non-zero exit status, a limited amount of command out-
put is logged, and reported in a delivery status notification. When
the output begins with a 4.X.X or 5.X.X enhanced status code, the sta-
tus code takes precedence over the non-zero exit status (Postfix ver-
sion 2.3 and later).
This means I need to have my PHP script gave out EXIT(0); I turned on the reporting of errors ini_set('error_reporting', -1); and found a problem in script. when I repaired this script error disappeared and the issue resolved.
Other theoretical options to think how to solve the problem (but I'm unsure if this is possible):
Disable for special postfix transport use bounce
Always rewrite error status PHP script to 0
edit something in sysexits.h
FreeRADIUS Google Dual Factor Authenticator, Pam
Hi I've been following this article to setup FreeRADIUS Google Dual Factor Authenticator
http://www.supertechguy.com/help/security/freeradius-google-auth
Hours of testing I still can't get it to work. If my /etc/pam.d/radiusd looks like the following it works well with
the following command
radtest test test localhost 18120 testing123
#
# /etc/pam.d/radiusd - PAM configuration for FreeRADIUS
#
# We fall back to the system default in /etc/pam.d/common-*
#
#include common-auth
#include common-account
#include common-password
#include common-session
However if it looks like the following
#
# /etc/pam.d/radiusd - PAM configuration for FreeRADIUS
#
# We fall back to the system default in /etc/pam.d/common-*
#
##include common-auth
##include common-account
##include common-password
##include common-session
auth requisite pam_google_authenticator.so forward_pass
auth required pam_unix.so use_first_pass
my log file says the following and auth fails.
rad_recv: Access-Request packet from host 127.0.0.1 port 43185, id=111, length=56
User-Name = "test"
User-Password = "test"
NAS-IP-Address = 127.0.1.1
NAS-Port = 18120
Thu Sep 26 16:38:19 2013 : Info: # Executing section authorize from file /etc/freeradius/sites-enabled/default
Thu Sep 26 16:38:19 2013 : Info: +- entering group authorize {...}
Thu Sep 26 16:38:19 2013 : Info: ++[preprocess] returns ok
Thu Sep 26 16:38:19 2013 : Info: ++[chap] returns noop
Thu Sep 26 16:38:19 2013 : Info: ++[mschap] returns noop
Thu Sep 26 16:38:19 2013 : Info: ++[digest] returns noop
Thu Sep 26 16:38:19 2013 : Info: [suffix] No '#' in User-Name = "test", looking up realm NULL
Thu Sep 26 16:38:19 2013 : Info: [suffix] No such realm "NULL"
Thu Sep 26 16:38:19 2013 : Info: ++[suffix] returns noop
Thu Sep 26 16:38:19 2013 : Info: [eap] No EAP-Message, not doing EAP
Thu Sep 26 16:38:19 2013 : Info: ++[eap] returns noop
Thu Sep 26 16:38:19 2013 : Info: [files] users: Matched entry DEFAULT at line 74
Thu Sep 26 16:38:19 2013 : Info: ++[files] returns ok
Thu Sep 26 16:38:19 2013 : Info: ++[expiration] returns noop
Thu Sep 26 16:38:19 2013 : Info: ++[logintime] returns noop
Thu Sep 26 16:38:19 2013 : Info: [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.
Thu Sep 26 16:38:19 2013 : Info: ++[pap] returns noop
Thu Sep 26 16:38:19 2013 : Info: Found Auth-Type = PAM
Thu Sep 26 16:38:19 2013 : Info: # Executing group from file /etc/freeradius/sites-enabled/default
Thu Sep 26 16:38:19 2013 : Info: +- entering group authenticate {...}
Thu Sep 26 16:38:19 2013 : Debug: pam_pass: using pamauth string <radiusd> for pam.conf lookup
Thu Sep 26 16:38:19 2013 : Debug: pam_pass: function pam_authenticate FAILED for <test>. Reason: Cannot make/remove an entry for the specified session
Thu Sep 26 16:38:19 2013 : Info: ++[pam] returns reject
Thu Sep 26 16:38:19 2013 : Info: Failed to authenticate the user.
Thu Sep 26 16:38:19 2013 : Info: Using Post-Auth-Type Reject
Thu Sep 26 16:38:19 2013 : Info: # Executing group from file /etc/freeradius/sites-enabled/default
Thu Sep 26 16:38:19 2013 : Info: +- entering group REJECT {...}
Thu Sep 26 16:38:19 2013 : Info: [attr_filter.access_reject] expand: %{User-Name} -> test
Thu Sep 26 16:38:19 2013 : Debug: attr_filter: Matched entry DEFAULT at line 11
Thu Sep 26 16:38:19 2013 : Info: ++[attr_filter.access_reject] returns updated
Thu Sep 26 16:38:19 2013 : Info: Delaying reject of request 0 for 1 seconds
Thu Sep 26 16:38:19 2013 : Debug: Going to the next request
Thu Sep 26 16:38:19 2013 : Debug: Waking up in 0.9 seconds.
Thu Sep 26 16:38:20 2013 : Info: Sending delayed reject for request 0
Sending Access-Reject of id 111 to 127.0.0.1 port 43185
Thu Sep 26 16:38:20 2013 : Debug: Waking up in 4.9 seconds.
Thu Sep 26 16:38:25 2013 : Info: Cleaning up request 0 ID 111 with timestamp +3
Thu Sep 26 16:38:25 2013 : Info: Ready to process requests.
I'm using Ubuntu latest
Does anyone know what the issue here?
Many Thanks
After so much internet surfing and forum hunting I manage to fix this problem. If anyone else having this issue this might help them :) Thu Sep 26 16:38:19 2013 : Debug: pam_pass: using pamauth string <radiusd> for pam.conf lookup Thu Sep 26 16:38:19 2013 : Debug: pam_pass: function pam_authenticate FAILED for <test>. Reason: Cannot make/remove an entry for the specified session The above line actually means a auth fail, even though it doesn't sound like it, also it could mean that .google_authenticator file in the user's home directory isn't accessible. FreeRadius log file not help you much with this issue, but have a look through /var/log/secure on CentOS and /var/log/auth.log in Ubuntu. This will explain which is the issue. Issue with my system was my time was out and my random generated number by Google Dual Factor Authenticator application on my iPhone wasn't valid. I had to install NTP and change my servers time to the correct time which fixed the issue!!!! hope this help someone else :)
The how-to on Super Tech Guy's page (http://www.supertechguy.com/help/security/freeradius-google-auth) has a typo. DEFAULT Auth-Type := PAM should be DEFAULT Auth-Type = PAM I don't know why he put a colon in there, but removing it fixed my issue. This was after I made sure the server had the correct time (and timezone), which it didn't. So thanks for that suggestion too!