Bug 465228

Summary: prelude-admin is looking for /etc/prelude/default/tls.conf in /usr/prelude/default/tls.conf
Product: [Fedora] Fedora Reporter: Dominick Grift <dominick.grift>
Component: prelude-managerAssignee: Steve Grubb <sgrubb>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: sgrubb
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-10-07 18:21:45 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Dominick Grift 2008-10-02 10:10:16 UTC
Description of problem:

sh-3.2# prelude-admin add prelude-manager --uid 61 --gid 61
02 Oct 11:51:13 (process:28454) WARNING: config-file: could not open /usr/prelude/default/tls.conf: could not open '/usr/prelude/default/tls.conf' for reading: No such file or directory.

sh-3.2# rpm -ql libprelude | grep tls.conf
/etc/prelude/default/tls.conf

Version-Release number of selected component (if applicable):

prelude-correlator-0.9.0-0.3.beta3.fc10.x86_64
libpreludedb-mysql-0.9.15.1-1.fc10.x86_64
prelude-manager-0.9.14.2-1.fc10.x86_64
libpreludedb-0.9.15.1-1.fc10.x86_64
prelude-manager-db-plugin-0.9.14.2-1.fc10.x86_64
libprelude-0.9.21-1.fc10.x86_64
libprelude-python-0.9.21-1.fc10.x86_64
libpreludedb-python-0.9.15.1-1.fc10.x86_64
prelude-lml-0.9.13-1.fc10.x86_64

How reproducible:

prelude-admin add prelude-manager --uid 61 --gid 61
  
Actual results:

WARNING: config-file: could not open /usr/prelude/default/tls.conf: could not open '/usr/prelude/default/tls.conf' for reading: No such file or directory.

Expected results:

work

Additional info:

none

Comment 1 Steve Grubb 2008-10-06 18:41:56 UTC
libprelude-0.9.21.1-1 was built to hopefully solve this problem. Could you please give it a try and let me know how it goes? Thanks.

Comment 2 Dominick Grift 2008-10-07 10:22:54 UTC
This seems to fix it.

There is another thing that i noticed. Prelude-manager has a bunch of connections open to 127.0.0.1:

tcp        0      0 0.0.0.0:4690                0.0.0.0:*                   LISTEN      2757/prelude-manage 
tcp        0      0 127.0.0.1:4690              127.0.0.1:42052             ESTABLISHED 2757/prelude-manage 
tcp        0      0 127.0.0.1:4690              127.0.0.1:42051             ESTABLISHED 2757/prelude-manage 
tcp        0      0 127.0.0.1:4690              127.0.0.1:42049             ESTABLISHED 2757/prelude-manage 
tcp        0      0 127.0.0.1:4690              127.0.0.1:42050             ESTABLISHED 2757/prelude-manage 

Also i received some warning for prelude-lml that i am not sure what to do with:

Oct  7 12:09:35 rawhide prelude-lml: WARNING: no appropriate format defined for log entry: 'rsyslogd:  [origin software="rsyslogd" swVersion="3.21.3" x-pid="2188" x-info="http://ww
w.rsyslog.com"] exiting on signal 15.'.
Oct  7 12:09:35 rawhide prelude-lml: WARNING: no appropriate format defined for log entry: 'rsyslogd:  [origin software="rsyslogd" swVersion="3.21.3" x-pid="2192" x-info="http://ww
w.rsyslog.com"] restart'.

prelude (and a lot of other daemons, like snort,ntp etc) do not play nice with with networkmanager. I switched to network on my prelude-manager server.

Also your prelude.txt howto requires some updating. For example prelude-manager now runs under uid/gid 62 instead of 0. There are a few more little issues in there.

pads also seem to show some issues. on reboot it show as status online in prewikka but after a while that status changes to missing. not sure why that is.

Also it appears that prelude suite needs some more selinux permissions:

#============= httpd_prewikka_script_t ==============
allow httpd_prewikka_script_t sysctl_t:file read;

#============= pads_t ==============
allow pads_t self:capability dac_override;
allow pads_t sysctl_t:file read;
kernel_read_sysctl(pads_t)

#============= prelude_audisp_t ==============
allow prelude_audisp_t self:capability dac_override;
allow prelude_audisp_t sysctl_t:file read;

#============= prelude_correlator_t ==============
allow prelude_correlator_t self:capability dac_override;
allow prelude_correlator_t sysctl_t:file read;

#============= prelude_lml_t ==============
allow prelude_lml_t sysctl_t:file read;

#============= prelude_t ==============
allow prelude_t self:capability dac_override;
allow prelude_t sysctl_t:file read;

#============= snort_t ==============
allow snort_t sysctl_t:file read;

I will report these to dwalsh.

Other then the above issues it seems to runs ok. I will watch it for a while to see if it stays ok.

Thanks

Comment 3 Steve Grubb 2008-10-07 11:35:12 UTC
Thanks for the feedback. Each of these issues should be filed under a bug against the correct component. I think you are saying that this bug is fixed. Should you find a new problem against libprelude, please file a new bug. Yes, I need to update the HOWTO, for example, I don't mention the prelude-notify component which needs explaining and testing.

Comment 4 Dominick Grift 2008-10-07 13:42:01 UTC
Yes this bug can be closed. prelude-notify is neat. I will probably file a new bug against pads soon...

Comment 5 Steve Grubb 2008-10-07 18:21:45 UTC
Thanks for reporting this bug (and the other items). For the prelude-lml issue, take a look and see if you have a rpm[new|save] file for prelude-lml config. It recently changed some settings. If that does not help, file a bug and let us also know if your rsyslog settings are deviated from how they are shipped. lml is sensitive to log formats not being just the way it likes it.