| *** nowen (~nowen@99-174-93-102.lightspeed.tukrga.sbcglobal.net) has joined #wikid | 12:17 | |
| *** nowen1 (~nowen@99-174-93-102.lightspeed.tukrga.sbcglobal.net) has joined #wikid | 12:24 | |
| *** nowen1 is now known as nowen_work | 12:24 | |
| *** nowen has quit (Ping timeout: 246 seconds) | 12:24 | |
| *** mkirank (7ab35238@gateway/web/freenode/ip.122.179.82.56) has joined #wikid | 15:31 | |
| *** mkirank has quit (Client Quit) | 15:34 | |
| *** mkirank (7ab35238@gateway/web/freenode/ip.122.179.82.56) has joined #wikid | 16:00 | |
| mkirank | Hi | 16:01 |
|---|---|---|
| nowen_work | hi | 16:01 |
| mkirank | @nowen_work I need some help on getting the slave wikid system running as master | 16:01 |
| nowen_work | ok | 16:02 |
| mkirank | just to give you a background | 16:02 |
| mkirank | we had wikid configured as master and slave, at some point we tried to upgrade the master and it failed, it has been broken till date | 16:03 |
| nowen_work | ok - I remember | 16:03 |
| mkirank | and now we want to see if we can bring the slave system back up | 16:03 |
| mkirank | yeah I had to check with our team to see if this was fine and I heard back today | 16:03 |
| nowen_work | good to hear | 16:04 |
| nowen_work | on the slave, run 'wikidctl setup' | 16:04 |
| nowen_work | choose N when asked about the network | 16:04 |
| nowen_work | and Y about replication | 16:05 |
| mkirank | ok | 16:05 |
| mkirank | ok now I'm at will this system function as master ,slave or none | 16:05 |
| nowen_work | none | 16:05 |
| nowen_work | confirm that and then run 'wikidctl start' | 16:06 |
| mkirank | ok basic setup done | 16:06 |
| mkirank | we have a local mod for wikid it's asking me for password let me check | 16:07 |
| mkirank | tried to bail out and got these messages | 16:08 |
| mkirank | Starting Logger service...Database listener not available! Logger NOT started! Starting TimeCop service...Database listener not available! Timecop NOT started! | 16:08 |
| nowen_work | by bail out, do you mean ctrl-c? | 16:09 |
| mkirank | yes | 16:09 |
| nowen_work | ok | 16:09 |
| nowen_work | do you not know the password? | 16:09 |
| mkirank | It is asking me for wikid user password | 16:09 |
| nowen_work | what user are you now? | 16:10 |
| mkirank | wikid | 16:10 |
| nowen_work | can you su to root? | 16:10 |
| mkirank | yes I can su to root but there seems to be a modification in our wikidctl that has a check to make sure that script is run as wikid user | 16:10 |
| mkirank | I can comment that and try | 16:10 |
| nowen_work | well, you can su to wikid as root, right? | 16:11 |
| mkirank | I can su to wikid user but there seems to be some sudo setup so it asks me for wikid user password | 16:12 |
| nowen_work | is this something you'll set up? | 16:12 |
| mkirank | no it has already been setup by someone else | 16:14 |
| nowen_work | I mean at your company. We have support for sudo now, but I don't think it was in your version | 16:14 |
| nowen_work | sudo support was added in 3.50-b1342 | 16:15 |
| mkirank | I guess the person who setup wikid added some modification to wikidctl , it looks like the wikid user needs sudo only for rsync which is used for replication | 16:15 |
| nowen_work | ok - so when you ran start, you got prompted for the user's password or for the passphrase for the server? | 16:16 |
| *** nowen_work is now known as nowen | 16:16 | |
| mkirank | it prompted for wikid users password | 16:17 |
| nowen | su to root and change their password | 16:17 |
| mkirank | ok did that will now try wikidctl start | 16:18 |
| mkirank | wikidctl start Starting database...Success! Success! [sudo] password for wikid: [sudo] password for wikid: [sudo] password for wikid: Success! Starting Logger service...Database listener not available! Logger NOT started! Starting TimeCop service...Database listener not available! Timecop NOT started! Tomcat server already started. | 16:19 |
| nowen | tell me the version of WiKID again? | 16:20 |
| mkirank | wikid-server-enterprise-3.4.1.b3314-1 | 16:21 |
| nowen | hmm. well you can try 'service postgresql start' and then 'wikidctl start' | 16:21 |
| mkirank | service postgresql status shows it is running | 16:22 |
| nowen | what port is it listening to? | 16:22 |
| nowen | or on, | 16:22 |
| mkirank | its listening on non standard port 5434 | 16:22 |
| nowen | run 'wikidctl promote' | 16:24 |
| nowen | hmm | 16:25 |
| nowen | that probably won't do it | 16:25 |
| nowen | look in /var/lib/pqsql/data/postgresql.conf | 16:25 |
| nowen | do you see the port listed? | 16:25 |
| mkirank | the port line is commented there but I can login to postgres using psql -p 5434 wikid tomcat | 16:27 |
| nowen | 5434 is the port for replication. for some reason, the change back to 5432 didn't take | 16:28 |
| nowen | I suggest editing it back to 5432, restarting postgres and restarting wikid | 16:28 |
| mkirank | ok I looked in the log directory | 16:28 |
| mkirank | install.log has todays date and these entries | 16:28 |
| mkirank | sudo: no tty present and no askpass program specified Initializing WiKID database ... /opt/WiKID/sbin/sudo.sh: line 11: [: too many arguments | 16:29 |
| mkirank | This may be a local modification done by the previous sysadmin | 16:31 |
| mkirank | Should we comment out the modification and run the setup as root ? | 16:32 |
| nowen | probably. | 16:33 |
| nowen | you could also try updating sudo | 16:34 |
| mkirank | update to ? | 16:35 |
| nowen | the latest. 'yum update sudo' | 16:35 |
| nowen | I know that when we added sudo to wikid, it required an update for sudo | 16:35 |
| mkirank | looks like there is no update to sudo | 16:36 |
| nowen | rpm -qa | grep sudo | 16:36 |
| nowen | sudo-1.7.2p1-22.el5_9.1 | 16:36 |
| mkirank | I saw this in the log | 16:36 |
| mkirank | Sorry, user wikid is not allowed to execute '/usr/bin/psql -h localhost -d wikid -f /opt/WiKID/conf/database/db-data.sql' as postgres on mgmt2.genares.net. | 16:36 |
| nowen | so you have that problem and postgres is on the wrong port | 16:37 |
| mkirank | sudo-1.7.2p1-10.el5 | 16:37 |
| nowen | what are the perms on /opt/WiKID ? | 16:37 |
| mkirank | drwxr-xr-x 14 wikid wikid 4096 Mar 21 2013 WiKID | 16:38 |
| nowen | I suggest changing the port first, starting postgres and then wikid | 16:38 |
| nowen | if you still have sudo issues, I can get you a fresh copy of the script | 16:39 |
| mkirank | Is that sudo.sh script part of wikid ? | 16:40 |
| nowen | no | 16:40 |
| mkirank | ok it must be the local modification | 16:41 |
| mkirank | I looked in the bin directory, there is a backup of the original wikidctl script | 16:42 |
| nowen | oh, wait | 16:42 |
| nowen | it is a wikid script | 16:42 |
| nowen | is it this: http://pastebin.com/7DLX414q | 16:42 |
| mkirank | it is similar , but we seem to have an older version with a few changes | 16:45 |
| nowen | change the port, I'm not convinced it is a sudo error | 16:46 |
| mkirank | ok so do I change it in the postgre.conf ? | 16:46 |
| nowen | yes, that should work | 16:46 |
| mkirank | ok I did a grep on wikid directory to check for 5434 it looks like there has been some local changes to even wikid.pl, there seems to be a backup of the original wilid.pl I can paste a diff if you want to look at it | 16:49 |
| nowen | did you change the port in postgresql.conf? | 16:49 |
| nowen | once we get it running, we can update via rpm and all the customizations will be over-written | 16:50 |
| mkirank | ok but if wikidctl uses wikid.pl then does the local customization be used ? | 16:51 |
| nowen | I doubt it. | 16:52 |
| mkirank | ok | 16:52 |
| nowen | if postgres is running it won't | 16:52 |
| mkirank | I'll change the port | 16:52 |
| mkirank | changed the port and restarted postgre it's still running on port 5434 | 16:54 |
| nowen | hmm | 16:55 |
| nowen | you have port = 5432 ? | 16:55 |
| mkirank | yes | 16:55 |
| nowen | and you just ran 'service postgresql restart' ? | 16:56 |
| mkirank | did a stop changed conf file and then start | 16:56 |
| nowen | huh, why would it not use it's own conf file? | 16:57 |
| mkirank | we use puppet to configure the system, let me see if there is anything there | 16:58 |
| mkirank | ok it looks like the port can be defined in sysconfig/postgres | 17:02 |
| mkirank | ok now the port is changed | 17:02 |
| mkirank | now do I run wikidctl start ? | 17:04 |
| nowen | yes | 17:04 |
| mkirank | ok got these messages | 17:05 |
| mkirank | wikidctl start Database already started. Starting Logger service...Success! Starting TimeCop service...Success! Starting wAuth protocol daemon... Passphrase is good. Proceeding ...Success! Tomcat server already started. Starting RADIUS protocol daemon ...Success! LDAP protocol not enabled. | 17:05 |
| nowen | that seems good. | 17:05 |
| nowen | log into the WiKIDAdmin | 17:05 |
| mkirank | hmm getting a service temporarily unavailable | 17:06 |
| nowen | hmm run 'netstat -anp | grep 443' | 17:06 |
| mkirank | tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 17363/httpd | 17:07 |
| nowen | is apache running on this machine? | 17:07 |
| nowen | that should be java/tomcat | 17:07 |
| mkirank | its apache talking to tomcat via ajp | 17:08 |
| nowen | why? | 17:08 |
| mkirank | hold on a minute , I'm checking something quick | 17:09 |
| nowen | apache should not be running on the server | 17:09 |
| mkirank | ok let me see if I can stop apache and only use tomcat | 17:12 |
| mkirank | Ok I have stopped http but I guess we need to make tomcat changes | 17:15 |
| nowen | no | 17:16 |
| nowen | just restart wikid | 17:16 |
| mkirank | gave a wikidctl restart its just waiting there | 17:17 |
| mkirank | ok now I see the messages | 17:18 |
| mkirank | there does not seem to be any process listening on 80 | 17:19 |
| mkirank | we have a tomcat connector on 8009 | 17:19 |
| nowen | did you'll modify tomcat too? | 17:19 |
| mkirank | I guess they had modified it too | 17:20 |
| mkirank | there are 2 files server.xm and server-wikid.xml does tomcat use both ? | 17:21 |
| nowen | how about we re-install the rpm | 17:24 |
| nowen | http://wikidsystems-dl.com/wikid-server-enterprise-3.4.1.b3314-1.noarch.rpm | 17:24 |
| mkirank | If we do install this does it wipe out the configurations ? | 17:27 |
| nowen | the database will not change. That's where the token data is. You can tar that up anyway. | 17:28 |
| nowen | running rpm -Uvh --force should fix the mods | 17:29 |
| nowen | you can tar up /opt/WIKID, /var/lib/pgsql/data and /etc/WiKID and have it all backed up | 17:29 |
| mkirank | give me a couple of minutes | 17:32 |
| mkirank | once we get the new wikid running how do we get the old configurations back , from the database backup ? | 17:34 |
| nowen | what configurations? | 17:38 |
| nowen | or which configurations do you mean? | 17:38 |
| mkirank | the old setup from the master | 17:38 |
| nowen | do you mean the user's token data? | 17:39 |
| mkirank | I do not know how the system was used but my question is when we do a new install how do we configure the server to act as a radius server | 17:40 |
| mkirank | do we need something from the old setup of wikid | 17:40 |
| nowen | any configurations for things like your VPN are in the database and won't be affected | 17:40 |
| nowen | all the stuff you see in the WiKIDAdmin are in the database | 17:41 |
| mkirank | ok | 17:42 |
| mkirank | my only worry is that when we tried the upgrade on the master it failed | 17:43 |
| mkirank | but I guess in this case there is nothing to worry as it is already broken | 17:43 |
| nowen | well, you'll have really messed with the system. I'm not sure of anything | 17:43 |
| mkirank | :-) | 17:44 |
| nowen | I hope this will at least get it started | 17:44 |
| nowen | are these virtual machines? | 17:44 |
| mkirank | another question | 17:44 |
| mkirank | no these are not vm;s | 17:45 |
| mkirank | now that we have wikid runnin but unable to access it via http, in case we are able to access it , will it have the same settings as master assuming that it was replicating fine | 17:45 |
| nowen | yes, it should have all the data that the master had, if it was replicating | 17:46 |
| nowen | what company are you with again? | 17:48 |
| mkirank | genares | 17:48 |
| mkirank | ok let me take a backup of the directories | 17:51 |
| mkirank | I will confirm once with the team before the install | 18:01 |
| mkirank | this might take a while , I will not be able to go forward without permission | 18:07 |
| nowen | a bit confused by that since it isn't working. | 18:15 |
| mkirank | yeah If it was my decision I would have gone for it :-) | 18:17 |
| nowen | also, it's not really an update - since it is the same version! | 18:18 |
| mkirank | I will try to convince them | 18:18 |
| mkirank | would'nt it be a good option to start with the latest version | 18:19 |
| nowen | the database schema is differnt | 18:19 |
| nowen | you have you upgrade from the older version | 18:19 |
| mkirank | ah | 18:19 |
| mkirank | so the upgrade would be from the web UI ? | 18:20 |
| nowen | no, an rpm -U | 18:21 |
| mkirank | no I meant from the version we have to the new version with changed schema | 18:21 |
| mkirank | would that be a rpm -U too | 18:22 |
| nowen | rpm -U is the only upgrade systems we have. the webui upgrade doesn't work | 18:23 |
| *** immotus (~immotus@rrcs-24-153-193-34.sw.biz.rr.com) has joined #wikid | 18:30 | |
| nowen | immotus: let me know if you have any questions | 18:41 |
| immotus | nowen: thanks! I'm actually looking at the same problem you were helping mkirank with Sept 27th. I'm learning WiKID from the ground up, so I thought I'd lurk in here for awhile to see what I can pick up :^) | 18:43 |
| nowen | gotcha | 18:43 |
| nowen | you know, another thing we could do it set up another wikid server and just copy the database to it | 18:44 |
| immotus | nowen: copy the slave's database over to a new wikid server to be the master? | 18:44 |
| nowen | yes | 18:45 |
| nowen | it has to be the same version as the slave | 18:45 |
| nowen | what utilities rpm do you have? | 18:46 |
| nowen | it can be a VM | 18:46 |
| immotus | nowen: interesting.. that might at least get us back to where we were when we started.. are there any major configs that we would lose.. or important data files.. or is most of WiKID neatly tucked into the database? | 18:47 |
| nowen | it is mostly in the db. the certs are in /opt/WIKID/private. | 18:48 |
| immotus | nowen: I like that idea.. that way we could bring it up in a VM, test it, and then boss will be more confident about rolling it into production. One of his concerns, though, is to find out exactly what went wrong so we don't run into the same problem again when we upgrade. | 18:50 |
| mkirank | I was able to get a new install on my dev sandbox | 18:50 |
| nowen | based on what I have seen there were a number of customizations that would screw up any upgrade | 18:50 |
| nowen | mkirank: it needs to be http://wikidsystems-dl.com/wikid-server-enterprise-3.4.1.b3314-1.noarch.rpm | 18:51 |
| nowen | or the db won't work | 18:51 |
| mkirank | so install the same version and copy over the db | 18:52 |
| nowen | yes | 18:52 |
| * immotus thanks WiKIDLogBot for having readable IRC logs | 18:52 | |
| nowen | what wikid-utilities rpm are you running ? | 18:52 |
| nowen | immotus: :-) | 18:53 |
| mkirank | wikid-utilities-3.0.5-1 | 18:53 |
| nowen | http://wikidsystems-dl/wikid-utilities-3.0.5-1.i386.rpm | 18:55 |
| mkirank | @nowen thanks | 18:58 |
| nowen | was apache running on the master too? | 19:06 |
| immotus | nowen: looks like it is | 19:08 |
| nowen | if you turn it off, does WiKID start correctly? | 19:08 |
| mkirank | @nowen on the master we did an upgrade to a different version , I suspect the schema changes might be the issue | 19:09 |
| nowen | upgrading via rpm updates the schema | 19:10 |
| mkirank | ok | 19:12 |
| immotus | nowen: just curious.. what timezone are you in? | 19:28 |
| immotus | nowen: I'm in CDT | 19:28 |
| nowen | EDT | 19:30 |
| immotus | nowen: thanks. from the logs it looks like you're king of this chat room so I wanted to have a good guess as to what your office hours are :^) | 19:31 |
| nowen | ;-) | 19:31 |
| *** mkirank has quit (Quit: Page closed) | 19:37 | |
| *** nowen has quit (Ping timeout: 248 seconds) | 20:18 | |
| *** nowen (~nowen@99-174-93-102.lightspeed.tukrga.sbcglobal.net) has joined #wikid | 20:20 | |
| *** nowen has quit (Quit: Leaving.) | 21:10 | |
| *** nowen (~nowen@99-174-93-102.lightspeed.tukrga.sbcglobal.net) has joined #wikid | 21:11 | |
| *** immotus has parted #wikid ("Konversation terminated!") | 21:13 | |
| *** nowen has quit (Quit: Leaving.) | 22:56 | |
Generated by irclog2html.py 2.11.0 by Marius Gedminas - find it at mg.pov.lt!