John Thurston | 25 Mar 23:13 2015

OpenSSL 1.0.1m problems with BIND 9.9.7

I thought it might be time to update the openSSL on my BIND servers. I 
was using 1.0.1L. The update was to be to 1.0.1M. But when I do so, BIND 
refuses to start. When I turn up debugging on the named process, I see 
that it fails with
> 25-Mar-2015 13:49:21.756 initializing DST: crypto failure
> 25-Mar-2015 13:49:21.756 exiting (due to fatal error)

Has anyone else seen similar problems with the most recent openssl?

-- 
    Do things because you should, not just because you can.

John Thurston    907-465-8591
John.Thurston@...
Enterprise Technology Services
Department of Administration
State of Alaska

:: Environment ::

Solaris 10 on SPARC

SunOS nstest 5.10 Generic_150400-17 sun4v sparc sun4v

:: Packages prior to update ::
package                   installed
CSWbind                   9.9.7,REV=2015.02.26
CSWbindutils              9.9.7,REV=2015.02.26
CSWcacertificates         20120511,REV=2012.05.11
CSWcas-cpsampleconf       1.50,REV=2015.01.17
(Continue reading)

Dvorak Andreas | 24 Mar 09:37 2015
Picon

CSWrsyslog Warning: backward compatibility layer added

Dear all

 

I have rsyslog 5.8.13 installed.

The messages file says it is running in compatibility mode but I do not know why. And imsolaris does not run. Can somebody please help me?

 

When it starts I get the messages:

 

Mar 24 09:02:21 sv2507 rsyslogd: [origin software="rsyslogd" swVersion="5.8.13" x-pid="21775" x-info="http://www.rsyslog.com"] exiting on signal 15.

Mar 24 09:02:21 sv2507 rsyslogd: imuxsock does not run because we could not aquire any socket

 

Mar 24 09:02:21 sv2507 rsyslogd: [origin software="rsyslogd" swVersion="5.8.13" x-pid="19031" x-info="http://www.rsyslog.com"] start

Mar 24 09:02:21 sv2507 rsyslogd: WARNING: rsyslogd is running in compatibility mode. Automatically generated config directives may interfer with your rsyslog.conf settings. We suggest upgrading your c

onfig and adding -c5 as the first rsyslogd option.

Mar 24 09:02:21 sv2507 rsyslogd: Warning: backward compatibility layer added to following directive to rsyslog.conf: ModLoad immark

Mar 24 09:02:21 sv2507 rsyslogd: Warning: backward compatibility layer added to following directive to rsyslog.conf: MarkMessagePeriod 1200

Mar 24 09:02:21 sv2507 rsyslogd: Warning: backward compatibility layer added to following directive to rsyslog.conf: ModLoad imuxsock

Mar 24 09:16:55 sv2507 dvoraka: [ID 702911 user.notice] UNIGW#PROBLEM#4#test#sv2507#Test von Andreas#PWCHANGE#test

 

rsyslog.conf

$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat

$ModLoad imsolaris

$RepeatedMsgReduction on

$IncludeConfig /etc/rsyslog.d/*.conf

 

*.info;mail.none;authpriv.none;cron.none                /var/log/messages

authpriv.*                                              /var/log/secure

mail.*                                                  -/var/log/maillog

cron.*                                                  /var/log/cron

*.emerg                                                :omusrmsg:*

uucp,news.crit                                          /var/log/spooler

local7.*                                                /var/log/boot.log

*.*;local5.none;local6.none                             <at> 10.112.10.69

 

Best regards

Andreas Dvorak

Carsten Grzemba | 21 Mar 21:08 2015
Picon

Re: netsnmp Solaris 9 using v3


netsnmp is only in catalog unstable now, so for that you have to set mirror for unstable in /etc/opt/csw/pkgutil.conf
There is no package 5.7.3 for Solaris9

Carsten

One last question: The page for netsnmp list version 5.7.3,REV=2015.03.18 but I can't seem to find it in the mirrors I've searched. Is there a plan to release this version?


Jesse Carroll
jesse.carroll | 20 Mar 20:01 2015
Picon

netsnmp Solaris 9 using v3

So installing and configuring net-snmnp (netsnmp) v3 on Solaris 10 was actually quite easy. However on
Solaris 9 I have two issues. First /etc/opt/csw/snmp/snmpd.conf in not included in the Solaris 9
package. It is in Solaris 10. Fairly trivial as I copied the file from a Solaris 10 server. 

The second issue is a bit more critical. When I create a v3 user via net-snmp-create-v3-user the
information is not placed in /var/opt/csw/net-snmp/snmpd.conf after I start snmpd. The command with
sensitive information redacted: 

    net-snmp-create-v3-user -a SHA -x AES -A <AES passphrase> -X <SHA passphrase> <user_name>

Before I start snmpd I see 'createUser NMSusr1 SHA "5hASnMP3nM5!" AES ae5SnMP3nM5!'. After I start snmpd
the user information is missing from /var/opt/csw/net-snmp/snmpd.conf. Looking at my Solaris 10 I see
information for the user that starts with 'usmUser'. Is there something I'm missing or is this a bug? I'm
running 5.6.1.1 on both systems.

One last question: The page for netsnmp list version 5.7.3,REV=2015.03.18 but I can't seem to find it in the
mirrors I've searched. Is there a plan to release this version?

Jesse Carroll

Ben Walton | 18 Mar 20:14 2015

Re: OpenCSW question about package php5

(Bcc: Oriol, To:user list)

Hi Oriol,

I no longer use php, or any Solaris, so I won't be updating the packages any time soon. I'd be happy to show you the ropes if your willing to do the update though.

That goes for any CSW user that needs this update. I'll spend time teaching, but not doing as the personal cost/benefit ratio isn't high enough for me anymore.

Thanks
-Ben

On Wed, Mar 18, 2015, 3:40 PM null <

oriol <at> scrubbed

> wrote:

I wondering when is planned to prepare php5.5 for csw?

Hello there,
I am wondering when php5.5 will be ready in the csw-system.
Otherwise, I wonder if there is a right way to install in solaris and get along with apache-csw.

Many tyanks.


Dagobert Michelsen | 17 Mar 10:49 2015

Re: OpenCSW question about package CSWfreetds-dev

Hi Aakash,

> Am 17.03.2015 um 10:47 schrieb aakash_bkn@...:
> 
> I have installed unixODBC-2.2.14-sparcv9.pkg and freetds-dev.0.92.950.tar on my sun sparc 64 bit
operating system, but I am unable to found libtdsodbc.so file after installation.
> 
> ls -ltr /usr/local/lib/libt*
> /usr/local/lib/libt*: No such file or directory
> 
> PLEASE SUGGEST

The names for the packages suggest that you are not using the OpenCSW packages
at all. I suggest to use the „Getting Started“ guide:
  http://www.opencsw.org/manual/for-administrators/getting-started.html#getting-started

Best regards

  — Dago

--

-- 
"You don't become great by trying to be great, you become great by wanting to do something,
and then doing it so hard that you become great in the process." - xkcd #896

Attachment (smime.p7s): application/pkcs7-signature, 3266 bytes
Dagobert Michelsen | 16 Mar 16:16 2015

Re: OpenCSW question about package wdiff

Hi,

> Am 16.03.2015 um 14:58 schrieb kulkarniashish88@...:
> 
> Hello sir,
>      I am interested in contributing to wdiff project.I have created a patch to add the feature to be able to
specify what is a whitespace from command line.I am attaching the link herewith.Please guide me further
on this, there has been no response on the savannah page so far.
> Link to patch: http://savannah.gnu.org/patch/?8604
>      Looking forward for further guidance from you. 

I am the maintainer of the Solaris package, you should better contact the
wdiff-dev mailing list:
  https://savannah.gnu.org/mail/?group=wdiff

Best regards

  — Dago

--

-- 
"You don't become great by trying to be great, you become great by wanting to do something,
and then doing it so hard that you become great in the process." - xkcd #896

Attachment (smime.p7s): application/pkcs7-signature, 3266 bytes
Robert A. Schmied | 10 Mar 23:06 2015
Picon

Minimum libc version is 1.22.5

aloha opencsw

the home page shows the subject libc version at 1.22.5.

can anyone identify the first solaris 10 sparc update release that supplies that libc version.

thanks

ras

Ibraheem Saleh | 6 Mar 00:45 2015
Picon

Software Compilation Request: Mozilla Firefox ESR 24 & 31

Hi,

Could one of you compiling geniuses compile Mozilla Firefox ESR 24.8.1 or 31.5 for Solaris 10?

I've been trying to do it for the past week and have failed miserably :(

Any help would be tremendous.

If you are able to figure it out, I would love to know how you did it!

Thanks,
Abraham
Carsten Grzemba | 5 Mar 09:03 2015
Picon

Re: Need help configuring cswopenldap client

Do you don't need a ldap server (slapd) for connect Solaris to FreeIPA DS.
I guess you also don't need a openldap client for sudo. This sould use the normal getpwent system calls, so you can configure the Solaris LDAP client. If the DS provides no DUAconfigprofiles, then you have to configure the LDAP client manually. There are how to's on the 389DS documentation.

Am 04.03.15 schrieb nathan <at> nathanpeters.com:

I have a Solaris 10 system on which I have installed the CSWopenldap
packages because I am trying to get sudo working through ldap (to a
FreeIPA server).

The problem I am having is that I can't figure out how to configure the
thing.  I have read everything I can find on
http://www.opencsw.org/manual/ but the documentation is pretty much
nonexistent.

Here is the list of packages I have installed from CSW : CSWbdb4,
CSWcommon, CSWlibnet, CSWosslutils, CSWsasl, CSWsudoldap, CSWsudo-ldap,
CSWsudo-common, CSWopenldap-back-bdb, CSWopenldap-client, CSWopenldap

I can't seem to figure out how to configure the CSW openldap client
though.  With the regular built-in solaris ldap client there is a command
that I can use to auto-create the configuration files in /var/ldap.  I
just run :
ldapclient -v init -a domainName=mydomain.net dc1.mydomain.net

However, the CSW package apparently expects a different format of file,
ldap.conf to be installed at /etc/opt/csw/ldap.conf.

So my first question is
-----------------------
How do I get that file autoconfigured?  Is there a csw command similar to
ldapclient init that will just connnect to the directory, download the
default duaprofile and update ldap.conf for me the same way the default
solaris client does it?  The default Solaris client does not seem to be
aware of the CSW packages so does not change anything other than /var/ldap
when I run it

My second question is : why does the CSW openldap client crash when I
attempt to start it up?

The manual I linked above gave exactly zero information on whether any
sort of post-install configuration was necessary so I installed the
packages, and then tried to do a 'svcadm enable cswopenldap'

Here is what I've done to troubleshoot :
# svcs -xv
svc:/network/cswopenldap:default (?)
 State: maintenance since March  4, 2015 11:21:17 AM PST
Reason: Start method failed repeatedly, last exited with status 1.
   See: http://sun.com/msg/SMF-8000-KS
   See: /var/svc/log/network-cswopenldap:default.log
Impact: This service is not running.

# tail /var/svc/log/network-cswopenldap:default.log
[ Mar  4 10:51:09 Leaving maintenance because clear requested. ]
[ Mar  4 10:51:09 Enabled. ]
[ Mar  4 10:51:09 Executing start method
("/var/opt/csw/svc/method/svc-cswopenldap start") ]
Starting openldap-slapd:                                    [FAILED]
[ Mar  4 10:51:09 Method "start" exited with status 1 ]
[ Mar  4 11:21:17 Leaving maintenance because clear requested. ]
[ Mar  4 11:21:17 Enabled. ]
[ Mar  4 11:21:17 Executing start method
("/var/opt/csw/svc/method/svc-cswopenldap start") ]
Starting openldap-slapd:                                    [FAILED]
[ Mar  4 11:21:17 Method "start" exited with status 1 ]

Note that its the openldap-slapd that is not starting?

Does anyonw know why slapd would try to start?  I intend to use regular
ldap, and not ldaps so I'm not sure why the slapd is trying to start.
Also, why would it fail?  that log entry is very non-verbose about what
the cause of failure was.

I had previously been getting an error about bdb not recognized but I
solved that by uncommenting the following lines :
modulepath      /opt/csw/libexec/amd64/openldap
moduleload      back_bdb.la

However, now the server is just not starting, and as you can see from the
logs above, not giving a bdb error, but still failing to start or tell me
why it didn't start.

nathan | 4 Mar 20:41 2015

Need help configuring cswopenldap client

I have a Solaris 10 system on which I have installed the CSWopenldap
packages because I am trying to get sudo working through ldap (to a
FreeIPA server).

The problem I am having is that I can't figure out how to configure the
thing.  I have read everything I can find on
http://www.opencsw.org/manual/ but the documentation is pretty much
nonexistent.

Here is the list of packages I have installed from CSW : CSWbdb4,
CSWcommon, CSWlibnet, CSWosslutils, CSWsasl, CSWsudoldap, CSWsudo-ldap,
CSWsudo-common, CSWopenldap-back-bdb, CSWopenldap-client, CSWopenldap

I can't seem to figure out how to configure the CSW openldap client
though.  With the regular built-in solaris ldap client there is a command
that I can use to auto-create the configuration files in /var/ldap.  I
just run :
ldapclient -v init -a domainName=mydomain.net dc1.mydomain.net

However, the CSW package apparently expects a different format of file,
ldap.conf to be installed at /etc/opt/csw/ldap.conf.

So my first question is
-----------------------
How do I get that file autoconfigured?  Is there a csw command similar to
ldapclient init that will just connnect to the directory, download the
default duaprofile and update ldap.conf for me the same way the default
solaris client does it?  The default Solaris client does not seem to be
aware of the CSW packages so does not change anything other than /var/ldap
when I run it

My second question is : why does the CSW openldap client crash when I
attempt to start it up?

The manual I linked above gave exactly zero information on whether any
sort of post-install configuration was necessary so I installed the
packages, and then tried to do a 'svcadm enable cswopenldap'

Here is what I've done to troubleshoot :
# svcs -xv
svc:/network/cswopenldap:default (?)
 State: maintenance since March  4, 2015 11:21:17 AM PST
Reason: Start method failed repeatedly, last exited with status 1.
   See: http://sun.com/msg/SMF-8000-KS
   See: /var/svc/log/network-cswopenldap:default.log
Impact: This service is not running.

# tail /var/svc/log/network-cswopenldap:default.log
[ Mar  4 10:51:09 Leaving maintenance because clear requested. ]
[ Mar  4 10:51:09 Enabled. ]
[ Mar  4 10:51:09 Executing start method
("/var/opt/csw/svc/method/svc-cswopenldap start") ]
Starting openldap-slapd:                                    [FAILED]
[ Mar  4 10:51:09 Method "start" exited with status 1 ]
[ Mar  4 11:21:17 Leaving maintenance because clear requested. ]
[ Mar  4 11:21:17 Enabled. ]
[ Mar  4 11:21:17 Executing start method
("/var/opt/csw/svc/method/svc-cswopenldap start") ]
Starting openldap-slapd:                                    [FAILED]
[ Mar  4 11:21:17 Method "start" exited with status 1 ]

Note that its the openldap-slapd that is not starting?

Does anyonw know why slapd would try to start?  I intend to use regular
ldap, and not ldaps so I'm not sure why the slapd is trying to start. 
Also, why would it fail?  that log entry is very non-verbose about what
the cause of failure was.

I had previously been getting an error about bdb not recognized but I
solved that by uncommenting the following lines :
modulepath      /opt/csw/libexec/amd64/openldap
moduleload      back_bdb.la

However, now the server is just not starting, and as you can see from the
logs above, not giving a bdb error, but still failing to start or tell me
why it didn't start.


Gmane