First the good; I have just upgraded from CC5.0 to ClearOs5.1 and everything has mostly gone OK 
Now the bad; I cannot login to the Webconfig to actually change anything. I can get to Samba shares/Websites/etc that existed before the upgrade and can also ssh to the server as root.
I think I have problems with the sudoers file as I see the messages below when trying to logon to webconfig.
Any ideas? :unsure:
Thanks,
-- Stuart
And turning on Webconfig debugging gives me;
Now the bad; I cannot login to the Webconfig to actually change anything. I can get to Samba shares/Websites/etc that existed before the upgrade and can also ssh to the server as root.
I think I have problems with the sudoers file as I see the messages below when trying to logon to webconfig.
Any ideas? :unsure:
Thanks,
-- Stuart
/var/log/secure;
Dec 27 08:56:11 mrnosey sudo: webconfig : sorry, you must have a tty to run sudo ; TTY=unknown ; PWD=/var/webconfig/htdocs ; USER=root ; COMMAND=/bin/ls /etc/kolab/kolab.conf
And turning on Webconfig debugging gives me;
/tmp/webconfig.log
Dec 27 9:08:19 EST 2009: 0.0003: error: debug: Daemon::__construct (131): called
Dec 27 9:08:19 EST 2009: 0.0026: error: debug: Software::__construct (126): called
Dec 27 9:08:21 EST 2009: 2.0776: error: debug: User::__construct (203): called
Dec 27 9:08:21 EST 2009: 2.0792: error: debug: User::CheckPassword (400): called
Dec 27 9:08:23 EST 2009: 4.0811: error: debug: User::_CalculateShaPassword (1373): called
Dec 27 9:08:23 EST 2009: 4.0816: error: debug: User::_GetLdapHandle (1780): called
Dec 27 9:08:23 EST 2009: 4.0819: error: debug: Ldap::__construct (136): called
Dec 27 9:08:23 EST 2009: 4.0822: error: debug: Daemon::__construct (131): called
Dec 27 9:08:23 EST 2009: 4.0829: error: debug: Software::__construct (126): called
Dec 27 9:08:23 EST 2009: 4.0840: error: debug: User::_GetUserInfo (1830): called
Dec 27 9:08:23 EST 2009: 4.0844: error: debug: Ldap::GetDnForUid (465): called
Dec 27 9:08:23 EST 2009: 4.0847: error: debug: Ldap::Bind (175): called
Dec 27 9:08:23 EST 2009: 4.0849: error: debug: Ldap::_LoadConfig (940): called
Dec 27 9:08:23 EST 2009: 4.0852: error: debug: ConfigurationFile::__construct (121): called
Dec 27 9:08:23 EST 2009: 4.0856: error: debug: File::__construct (273): called
Dec 27 9:08:23 EST 2009: 4.0866: error: debug: ConfigurationFile::Load (168): called
Dec 27 9:08:23 EST 2009: 4.0869: error: debug: File::GetContentsAsArray (334): called
Dec 27 9:08:23 EST 2009: 4.0871: error: debug: File::Exists (454): called
Dec 27 9:08:23 EST 2009: 4.0873: error: debug: ShellExec::__construct (74): called
Dec 27 9:08:23 EST 2009: 4.0878: error: debug: ShellExec::Execute (102): called
Dec 27 9:08:23 EST 2009: 4.0880: error: debug: ShellExec::Execute (105): command is: /bin/ls '/etc/kolab/kolab.conf'
Dec 27 9:08:23 EST 2009: 4.1073: error: debug: ShellExec::__destruct (220): called
Dec 27 9:08:23 EST 2009: 4.1079: exception: error: Ldap.class.php (947): File does not exist - - /etc/kolab/kolab.conf
Dec 27 9:08:23 EST 2009: exception: debug backtrace: Ldap.class.php (178): _LoadConfig
Dec 27 9:08:23 EST 2009: exception: debug backtrace: Ldap.class.php (468): Bind
Dec 27 9:08:23 EST 2009: exception: debug backtrace: User.class.php (1836): GetDnForUid
Dec 27 9:08:23 EST 2009: exception: debug backtrace: User.class.php (413): _GetUserInfo
Dec 27 9:08:23 EST 2009: exception: debug backtrace: Webconfig.inc.php (1096): CheckPassword
Dec 27 9:08:23 EST 2009: exception: debug backtrace: index.php (46): WebAuthenticate
Dec 27 9:08:23 EST 2009: 4.1088: error: debug: ConfigurationFile::__destruct (304): called
Dec 27 9:08:23 EST 2009: 4.1090: error: debug: File::__destruct (1499): called
Dec 27 9:08:23 EST 2009: 4.1092: exception: warning: User.class.php (1840): File does not exist - - /etc/kolab/kolab.conf
Dec 27 9:08:23 EST 2009: exception: debug backtrace: User.class.php (413): _GetUserInfo
Dec 27 9:08:23 EST 2009: exception: debug backtrace: Webconfig.inc.php (1096): CheckPassword
Dec 27 9:08:23 EST 2009: exception: debug backtrace: index.php (46): WebAuthenticate
Dec 27 9:08:23 EST 2009: 4.1108: error: debug: Webconfig::__destruct (519): called
Dec 27 9:08:23 EST 2009: 4.1111: error: debug: Daemon::__destruct (409): called
Dec 27 9:08:23 EST 2009: 4.1113: error: debug: Software::__destruct (462): called
Dec 27 9:08:23 EST 2009: 4.1115: error: debug: User::__destruct (1981): called
Dec 27 9:08:23 EST 2009: 4.1117: error: debug: Ldap::__destruct (962): called
Dec 27 9:08:23 EST 2009: 4.1119: error: debug: Daemon::__destruct (409): called
Dec 27 9:08:23 EST 2009: 4.1120: error: debug: Software::__destruct (462): called
In Installation
Share this post:
Responses (7)
-
Accepted Answer
-
Accepted Answer
What does 'rpm -qi kolabd' say? ClearOS5.1 should have the following version
Name : kolabd Relocations: (not relocatable)
Version : 2.2.0 Vendor: (none)
Release : 5.5.v5 Build Date: Mon 22 Jun 2009 07:39:02 PM BST
Install Date: Thu 09 Jul 2009 07:26:06 PM BST Build Host: cc5devel.lan
Group : System Environment/Daemons Source RPM: kolabd-2.2.0-5.5.v5.src.rpm
Size : 116730 License: GPL
Signature : DSA/SHA1, Wed 24 Jun 2009 04:27:42 AM BST, Key ID 14824ad1d1ac268d
Packager : Point Clark Networks
Summary : Kolab Groupware Server
Description :
Kolab is a Groupware Solution for Emails, Appointments, Contacts and more.
It supports mixed clients environments (Outlook/KDE) because of an open
storage format called Kolab-XML.
-
Accepted Answer
The kolab.conf files is still there (and seems to have valid contents);
[root@mrnosey squeeze]# ls -l /etc/kolab/kolab.conf
-rw------- 1 root root 525 Jul 11 16:10 /etc/kolab/kolab.conf
as is the RPM package;
[root@mrnosey squeeze]# rpm -qi kolabd
Name : kolabd Relocations: (not relocatable)
Version : 2.2.0 Vendor: (none)
Release : 5.5.v5 Build Date: Mon 22 Jun 2009 02:39:02 PM EDT
Install Date: Sat 11 Jul 2009 08:52:35 PM EDT Build Host: cc5devel.lan
Group : System Environment/Daemons Source RPM: kolabd-2.2.0-5.5.v5.src.rpm
Size : 116730 License: GPL
Signature : DSA/SHA1, Tue 23 Jun 2009 11:27:42 PM EDT, Key ID 14824ad1d1ac268d
Packager : Point Clark Networks
Summary : Kolab Groupware Server
Description :
Kolab is a Groupware Solution for Emails, Appointments, Contacts and more.
It supports mixed clients environments (Outlook/KDE) because of an open
storage format called Kolab-XML.
I think this is a sudo problem, my sudoers file has no mention of a webconfig user, so I suspect this is at least one of my problems. I tried to force reinstall the sudo rpm but this did not alter the sudoers file :-( -
Accepted Answer
Forgot to say, ldapsync seems ok...
[root@mrnosey squeeze]# ldapsync
running full LDAP synchronization
restarting LDAP server
Stopping slapd: [ OK ]
Starting slapd: [ OK ]
restarting authentication server
Stopping saslauthd: [ OK ]
Starting saslauthd: [ OK ]
synchronizing configuration
synchronizing daemons with domain heronwood.co.uk
synchronizing Samba file and print services
Shutting down SMB services: [ OK ]
Starting SMB services: [ OK ]
synchronizing Samba netbios services
Shutting down NMB services: [ OK ]
Starting NMB services: [ OK ]
synchronizing POP/IMAP mail
Shutting down cyrus-imapd: [ OK ]
Exporting cyrus-imapd databases: [ OK ]
Importing cyrus-imapd databases: [ OK ]
Starting cyrus-imapd: [ OK ]
synchronizing SMTP mail
Reloading postfix: [ OK ]
synchronizing webmail
synchronizing web proxy
2009/12/27 10:27:28| WARNING: '192.168.1.0/255.255.255.0' is a subnetwork of '192.168.1.0/255.255.255.0'
2009/12/27 10:27:28| WARNING: because of this '192.168.1.0/255.255.255.0' is ignored to keep splay tree searching predictable
2009/12/27 10:27:28| WARNING: You should probably remove '192.168.1.0/255.255.255.0' from the ACL named 'webconfig_lan'
2009/12/27 10:27:28| WARNING: '192.168.1.0/255.255.255.0' is a subnetwork of '192.168.1.0/255.255.255.0'
2009/12/27 10:27:28| WARNING: because of this '192.168.1.0/255.255.255.0' is ignored to keep splay tree searching predictable
2009/12/27 10:27:28| WARNING: You should probably remove '192.168.1.0/255.255.255.0' from the ACL named 'webconfig_to_lan'
synchronizing FTP
Reloading proftpd: [ OK ]
synchronizing antivirus
[root@mrnosey squeeze]#
-
Accepted Answer
-
Accepted Answer
Might help? from my 5.1 install## Sudoers allows particular users to run various commands as
## the root user, without needing the root password.
##
## Examples are provided at the bottom of the file for collections
## of related commands, which can then be delegated out to particular
## users or groups.
##
## This file must be edited with the 'visudo' command.
## Host Aliases
## Groups of machines. You may prefer to use hostnames (perhap using
## wildcards for entire domains) or IP addresses instead.
# Host_Alias FILESERVERS = fs1, fs2
# Host_Alias MAILSERVERS = smtp, smtp2
## User Aliases
## These aren't often necessary, as you can use regular groups
## (ie, from files, LDAP, NIS, etc) in this file - just use %groupname
## rather than USERALIAS
# User_Alias ADMINS = jsmith, mikem
## Command Aliases
## These are groups of related commands...
## Networking
Cmnd_Alias NETWORKING = /sbin/route, /sbin/ifconfig, /bin/ping, /sbin/dhclient, /usr/bin/net, /sbin/iptables, /usr/bin/rfcomm, /usr/bin/wvdial, /sbin/iwconfig, /sbin/mii-tool
## Installation and management of software
Cmnd_Alias SOFTWARE = /bin/rpm, /usr/bin/up2date, /usr/bin/yum
## Services
Cmnd_Alias SERVICES = /sbin/service, /sbin/chkconfig
## Updating the locate database
Cmnd_Alias LOCATE = /usr/sbin/updatedb
## Storage
Cmnd_Alias STORAGE = /sbin/fdisk, /sbin/sfdisk, /sbin/parted, /sbin/partprobe, /bin/mount, /bin/umount
## Delegating permissions
Cmnd_Alias DELEGATING = /usr/sbin/visudo, /bin/chown, /bin/chmod, /bin/chgrp
## Processes
Cmnd_Alias PROCESSES = /bin/nice, /bin/kill, /usr/bin/kill, /usr/bin/killall
## Drivers
Cmnd_Alias DRIVERS = /sbin/modprobe
# Defaults specification
#
# Disable "ssh hostname sudo <cmd>", because it will show the password in clear.
# You have to run "ssh -t hostname sudo <cmd>".
#
# Defaults requiretty
Defaults env_reset
Defaults env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR \
LS_COLORS MAIL PS1 PS2 QTDIR USERNAME \
LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION \
LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC \
LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS \
_XKB_CHARSET XAUTHORITY"
## Next comes the main part: which users can run what software on
## which machines (the sudoers file can be shared between multiple
## systems).
## Syntax:
##
## user MACHINE=COMMANDS
##
## The COMMANDS section may have other options added to it.
##
## Allow root to run any commands anywhere
root ALL=(ALL) ALL
## Allows members of the 'sys' group to run networking, software
## service management apps and more.
# %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS
## Allows people in group wheel to run all commands
# %wheel ALL=(ALL) ALL
## Same thing without a password
# %wheel ALL=(ALL) NOPASSWD: ALL
## Allows members of the users group to mount and unmount the
## cdrom as root
# %users ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom
## Allows members of the users group to shutdown this system
# %users localhost=/sbin/shutdown -h now
Defaults:webconfig !syslog
Defaults:root !syslog
Cmnd_Alias CC = /sbin/reboot, /sbin/halt, /usr/sbin/add-samba-directories, /usr/bin/api, /usr/sbin/syncmailboxes, /usr/sbin/api, /sbin/iptables, /var/webconfig/scripts/userimport.php, /usr/sbin/awstatsreports, /var/webconfig/scripts/avscan.php, /var/webconfig/scripts/archive_resend.php, /var/webconfig/scripts/archive.php, /usr/bin/archive_bootstrap, /usr/sbin/postsuper, /usr/sbin/postmap, /usr/sbin/postfix, /usr/sbin/postconf, /usr/sbin/mailqfmt.pl, /usr/bin/newaliases, /usr/sbin/usersetup, /usr/sbin/syncusers, /usr/sbin/groupmod, /usr/sbin/groupdel, /usr/sbin/groupadd, /usr/sbin/useradd, /usr/bin/passwd, /usr/bin/snortsam-state, /usr/bin/zgrep, /usr/bin/pdbedit, /usr/bin/net, /usr/bin/smbpasswd, /usr/sbin/dhcptest, /usr/sbin/tracklist, /usr/sbin/hping2, /usr/sbin/tw_cli, /usr/sbin/mpt-status, /sbin/sfdisk, /sbin/mdadm, /bin/umount, /bin/mount, /usr/sbin/updateflexperms, /usr/sbin/proftpd, /usr/sbin/httpd, /usr/bin/freshclam, /usr/bin/yum, /var/webconfig/scripts/rbs-schedule.php, /var/webconfig/scripts/rbs-client.php, /usr/bin/killall, /usr/bin/mkhost.sh, /bin/tar, /sbin/iwconfig, /sbin/ifup, /sbin/ifdown, /sbin/ifconfig, /sbin/ethtool, /bin/netstat, /bin/hostname, /usr/sbin/authconfig, /usr/sbin/ldapsync, /usr/sbin/kolabconf, /usr/sbin/slapcat, /usr/sbin/slapadd, /usr/sbin/slappasswd, /usr/bin/openssl, /usr/sbin/ntpdate, /sbin/hwclock, /usr/sbin/userdel, /usr/sbin/app-rename, /usr/sbin/app-realpath, /usr/sbin/app-passwd, /usr/bin/du, /usr/bin/chfn, /usr/bin/head, /usr/bin/find, /usr/bin/file, /sbin/service, /sbin/shutdown, /sbin/chkconfig, /bin/touch, /bin/rm, /bin/mv, /bin/mkdir, /bin/ls, /bin/kill, /bin/cp, /bin/chown, /bin/chmod, /bin/cat
webconfig ALL=NOPASSWD: CC
Cmnd_Alias CLEARCONSOLE = /usr/bin/iptraf, /usr/sbin/console_start, /usr/sbin/tc-yum, /bin/rpm, /sbin/halt, /sbin/reboot
clearconsole ALL=NOPASSWD: CLEARCONSOLE
-
Accepted Answer
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »