Unable to display Fog Management Console - Newbie to Linux & Fog Project

tolaria

Hi All,

Would really appreciate some help as I have been banging my head against the wall for a week. Re-setup CentOS7 and Fog numerous times and this is my 4th attempt with a clean CentOS 7 setup with clean install of Fog 1.4.4

I am still unable to get the Fog Management Console to launch and getting a network error. I have followed the suggestions in the Fog Wiki to run the following command, tail -n 100 /var/log/httpd/error_log, and these are the results,

[root@sglfog01 jquek]# tail -n 100 /var/log/httpd/error_log
[Tue Nov 14 17:07:08.528476 2017] [core:notice] [pid 8091] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Tue Nov 14 17:07:08.530056 2017] [suexec:notice] [pid 8091] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Tue Nov 14 17:07:08.576043 2017] [auth_digest:notice] [pid 8091] AH01757: generating secret for digest authentication ...
[Tue Nov 14 17:07:08.577783 2017] [lbmethod_heartbeat:notice] [pid 8091] AH02282: No slotmem from mod_heartmonitor
[Tue Nov 14 17:07:08.595965 2017] [mpm_prefork:notice] [pid 8091] AH00163: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 configured -- resuming normal operations
[Tue Nov 14 17:07:08.595994 2017] [core:notice] [pid 8091] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
[Tue Nov 14 18:04:50.525805 2017] [:error] [pid 8108] [client 10.30.4.8:55431] PHP Parse error:  syntax error, unexpected '&' in /var/www/html/fog/commons/init.php on line 132
[Tue Nov 14 18:11:48.862112 2017] [mpm_prefork:notice] [pid 8091] AH00170: caught SIGWINCH, shutting down gracefully
[Wed Nov 15 08:33:31.453047 2017] [core:notice] [pid 1156] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Wed Nov 15 08:33:31.525563 2017] [suexec:notice] [pid 1156] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Nov 15 08:33:31.694538 2017] [auth_digest:notice] [pid 1156] AH01757: generating secret for digest authentication ...
[Wed Nov 15 08:33:31.695329 2017] [lbmethod_heartbeat:notice] [pid 1156] AH02282: No slotmem from mod_heartmonitor
[Wed Nov 15 08:33:31.958396 2017] [mpm_prefork:notice] [pid 1156] AH00163: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 configured -- resuming normal operations
[Wed Nov 15 08:33:31.958435 2017] [core:notice] [pid 1156] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'

These are the settings in my /var/www/html/fog/lib/fog/config.class.php

{
    define('DATABASE_TYPE', 'mysql'); // mysql or oracle
    define('DATABASE_HOST', 'localhost');
    define('DATABASE_NAME', 'fog');
    define('DATABASE_USERNAME', 'root');
    define('DATABASE_PASSWORD', "");
}

These are the setting in my /opt/fog/.fogsettings

installtype='N'
snmysqluser='root'
snmysqlpass=''
snmysqlhost='localhost'
installlang='1'

Any advice is appreciated, thank you!

Linux Noob

Sebastian Roth

@tolaria said in Unable to display Fog Management Console - Newbie to Linux & Fog Project:

[core:notice] [pid 8091] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0

You partly posted the answer yourself. Though I see that this is not something that jumps out if you’re new to the Linux world. SELinux is a security thing that causes big headaches if you don’t exactly know what you’re doing. Because of that we suggest disabling SELinux in our CentOS wiki article: https://wiki.fogproject.org/wiki/index.php?title=CentOS_7#Continue_pre-config

Don’t worry about reinstalling again. Set to permissive in /etc/selinux/config by running this magic command:

sed -i.bak 's/^.*\SELINUX=enforcing\b.*$/SELINUX=permissive/' /etc/selinux/config

As well you might want to make sure the firewall is disabled for now. (systemctl disable firewalld). You can always turn back on those security things when things are working and you had enough time to play with Linux and understand more things.

After the changes reboot your FOG server and things should be alright!

tolaria

Hi Sebastian,

Thank you for your advice. Unfortunately, I have already performed the steps in your reply

I re-ran them in multi-user mode as the root account again and rebooted in graphical mode and still the Fog Management Console was showing me the hourglass

I have tried both 10.30.4.240/fog/management and localhost/fog/management and there is no difference

Please kindly advise, thank you!

x23piracy

Hi,

i have some time to remote in if you like, but i never used cent os, that said

Regards X23

Sebastian Roth

@tolaria Than take a look at the apache error log and post new contents here again.

To make sure SELinux is actually turned off run this command and post output or picture here in the forums: getenforce (this is as root!)

tolaria

Hi Sebastian,

Sure, I will run the command getenforce as root and then post the output here tomorrow

May I know by apache error log, you are referring to this? tail -n 100 /var/log/httpd/error_log

Thank you in advance

Sebastian Roth

@tolaria said in Unable to display Fog Management Console - Newbie to Linux & Fog Project:

May I know by apache error log, you are referring to this? tail -n 100 /var/log/httpd/error_log

Yes, exactly

Tom Elliott

The problem, as far as I can see, is PHP installed is still older. 5.3 It would seem? (php -v to view the php version).
In particular, this is the line I think causing the issues:

[Tue Nov 14 18:04:50.525805 2017] [:error] [pid 8108] [client 10.30.4.8:55431] PHP Parse error:  syntax error, unexpected '&' in /var/www/html/fog/commons/init.php on line 132

Wayne Workman

@tolaria Just follow this guide, don’t skip any steps: https://wiki.fogproject.org/wiki/index.php?title=CentOS_7

tolaria

@wayne-workman Hi Wayne, yes, I have seen and followed the article you posted to the dot, but I still ended up with this problem

tolaria

@sebastian-roth Hi Sebastian, I managed to check out the contents of my SELINUX Config file by running this command using my root account,

cat /etc/systemconfig/selinux

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=permissive
# SELINUXTYPE= can take one of three two values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are pr$
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

And it does seem my SELINUX has already been set to permissive

And running the getenforce command does reveal my SELINUX to be permissive as well

[root@sglfog01 jquek]# getenforce
Permissive

And these are my httpd logs today as requested

[Tue Nov 14 17:07:08.528476 2017] [core:notice] [pid 8091] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Tue Nov 14 17:07:08.530056 2017] [suexec:notice] [pid 8091] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Tue Nov 14 17:07:08.576043 2017] [auth_digest:notice] [pid 8091] AH01757: generating secret for digest authentication …
[Tue Nov 14 17:07:08.577783 2017] [lbmethod_heartbeat:notice] [pid 8091] AH02282: No slotmem from mod_heartmonitor
[Tue Nov 14 17:07:08.595965 2017] [mpm_prefork:notice] [pid 8091] AH00163: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 configured – resuming normal operations
[Tue Nov 14 17:07:08.595994 2017] [core:notice] [pid 8091] AH00094: Command line: ‘/usr/sbin/httpd -D FOREGROUND’
[Tue Nov 14 18:04:50.525805 2017] [:error] [pid 8108] [client 10.30.4.8:55431] PHP Parse error: syntax error, unexpected ‘&’ in /var/www/html/fog/commons/init.php on line 132
[Tue Nov 14 18:11:48.862112 2017] [mpm_prefork:notice] [pid 8091] AH00170: caught SIGWINCH, shutting down gracefully
[Wed Nov 15 08:33:31.453047 2017] [core:notice] [pid 1156] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Wed Nov 15 08:33:31.525563 2017] [suexec:notice] [pid 1156] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Nov 15 08:33:31.694538 2017] [auth_digest:notice] [pid 1156] AH01757: generating secret for digest authentication …
[Wed Nov 15 08:33:31.695329 2017] [lbmethod_heartbeat:notice] [pid 1156] AH02282: No slotmem from mod_heartmonitor
[Wed Nov 15 08:33:31.958396 2017] [mpm_prefork:notice] [pid 1156] AH00163: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 configured – resuming normal operations
[Wed Nov 15 08:33:31.958435 2017] [core:notice] [pid 1156] AH00094: Command line: ‘/usr/sbin/httpd -D FOREGROUND’
[Wed Nov 15 10:48:50.587093 2017] [mpm_prefork:notice] [pid 1156] AH00170: caught SIGWINCH, shutting down gracefully
[Wed Nov 15 12:09:21.432902 2017] [core:notice] [pid 1102] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Wed Nov 15 12:09:21.473213 2017] [suexec:notice] [pid 1102] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Nov 15 12:10:11.623108 2017] [auth_digest:notice] [pid 1102] AH01757: generating secret for digest authentication …
[Wed Nov 15 12:10:11.624981 2017] [lbmethod_heartbeat:notice] [pid 1102] AH02282: No slotmem from mod_heartmonitor
[Wed Nov 15 12:10:11.707038 2017] [mpm_prefork:notice] [pid 1102] AH00163: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 configured – resuming normal operations
[Wed Nov 15 12:10:11.707073 2017] [core:notice] [pid 1102] AH00094: Command line: ‘/usr/sbin/httpd -D FOREGROUND’
[Wed Nov 15 17:06:35.819774 2017] [core:notice] [pid 1075] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Wed Nov 15 17:06:35.866727 2017] [suexec:notice] [pid 1075] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Nov 15 17:06:35.921879 2017] [auth_digest:notice] [pid 1075] AH01757: generating secret for digest authentication …
[Wed Nov 15 17:06:35.922957 2017] [lbmethod_heartbeat:notice] [pid 1075] AH02282: No slotmem from mod_heartmonitor
[Wed Nov 15 17:06:37.073578 2017] [mpm_prefork:notice] [pid 1075] AH00163: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 configured – resuming normal operations
[Wed Nov 15 17:06:37.073626 2017] [core:notice] [pid 1075] AH00094: Command line: ‘/usr/sbin/httpd -D FOREGROUND’
[Wed Nov 15 17:08:40.453667 2017] [mpm_prefork:notice] [pid 1075] AH00170: caught SIGWINCH, shutting down gracefully
[Wed Nov 15 17:09:25.976662 2017] [core:notice] [pid 1025] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Wed Nov 15 17:09:26.023377 2017] [suexec:notice] [pid 1025] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Nov 15 17:09:26.074633 2017] [auth_digest:notice] [pid 1025] AH01757: generating secret for digest authentication …
[Wed Nov 15 17:09:26.075763 2017] [lbmethod_heartbeat:notice] [pid 1025] AH02282: No slotmem from mod_heartmonitor
[Wed Nov 15 17:09:26.711910 2017] [mpm_prefork:notice] [pid 1025] AH00163: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 configured – resuming normal operations
[Wed Nov 15 17:09:26.711941 2017] [core:notice] [pid 1025] AH00094: Command line: ‘/usr/sbin/httpd -D FOREGROUND’
[Wed Nov 15 17:57:11.635827 2017] [mpm_prefork:notice] [pid 1025] AH00170: caught SIGWINCH, shutting down gracefully
[Thu Nov 16 08:30:02.089017 2017] [core:notice] [pid 1036] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Thu Nov 16 08:30:02.115647 2017] [suexec:notice] [pid 1036] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Nov 16 08:30:02.166028 2017] [auth_digest:notice] [pid 1036] AH01757: generating secret for digest authentication …
[Thu Nov 16 08:30:02.167229 2017] [lbmethod_heartbeat:notice] [pid 1036] AH02282: No slotmem from mod_heartmonitor
[Thu Nov 16 08:30:03.107308 2017] [mpm_prefork:notice] [pid 1036] AH00163: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 configured – resuming normal operations
[Thu Nov 16 08:30:03.107357 2017] [core:notice] [pid 1036] AH00094: Command line: ‘/usr/sbin/httpd -D FOREGROUND’
[Thu Nov 16 08:32:26.961388 2017] [mpm_prefork:notice] [pid 1036] AH00170: caught SIGWINCH, shutting down gracefully
[Thu Nov 16 08:34:56.136847 2017] [core:notice] [pid 978] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Thu Nov 16 08:34:56.261068 2017] [suexec:notice] [pid 978] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Nov 16 08:34:56.490859 2017] [auth_digest:notice] [pid 978] AH01757: generating secret for digest authentication …
[Thu Nov 16 08:34:56.607939 2017] [lbmethod_heartbeat:notice] [pid 978] AH02282: No slotmem from mod_heartmonitor
[Thu Nov 16 08:34:57.280474 2017] [mpm_prefork:notice] [pid 978] AH00163: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 configured – resuming normal operations
[Thu Nov 16 08:34:57.280518 2017] [core:notice] [pid 978] AH00094: Command line: ‘/usr/sbin/httpd -D FOREGROUND’

tolaria

This post is deleted!

tolaria

@tom-elliott Hi Tom, managed to upgrade PHP to version 7.0.25, but the Fog Console is still not launching

[root@sglfog01 jquek]# php -v
PHP 7.0.25 (cli) (built: Oct 27 2017 13:55:11) ( NTS )
Copyright 1997-2017 The PHP Group
Zend Engine v3.0.0, Copyright 1998-2017 Zend Technologies
with Zend OPcache v7.0.25, Copyright 1999-2017, by Zend Technologies

Any other ideas or suggestions?

Wayne Workman

@tolaria said in Unable to display Fog Management Console - Newbie to Linux & Fog Project:

cat /etc/systemconfig/selinux

That’s not where SELinux’s configuration is on CentOS 7. It’s here: /etc/selinux/config

tolaria

@wayne-workman Hi Wayne, thanks for spotting the error. Did another run and it also indicates SELINUX as permissive

cat /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=permissive
# SELINUXTYPE= can take one of three two values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

Sebastian Roth

@tolaria said in Unable to display Fog Management Console - Newbie to Linux & Fog Project:

Hi Tom, managed to upgrade PHP to version 7.0.25, but the Fog Console is still not launching

Forget about SELinux for now. I went on the wrong track with this. Apache still has this message in the logs just because it’s capable of running with SELinux. If getenforce is showing ‘permissive’’ you are on the save side about this for now.

I think you need to be more specific on what happens when you open the URL in the browser. Do you get a blank page now or does it return a 500 internal server error or not load the page at all. For the later I’d think the firewall is still on. Run iptables -L -n -v and post output here`.

[root@sglfog01 jquek]# php -v
PHP 7.0.25 (cli) (built: Oct 27 2017 13:55:11) ( NTS )

If you see a blank page check apache error log again. Possibly the PHP version you upgraded was only the PHP CLI. This is used when running PHP on the command line but apache uses a library which could be still the old version. Best to check in the apache error log. The following line is important:

... AH00163: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 configured ...

You need PHP to be at least 5.5.0 (reference in section “Changelog”)!

tolaria

@sebastian-roth Hi Sebastian, noted and I attempted to upgrade PHP from v5.4.16 to v7.0.25, but it seems that it only upgraded certain components

I then tried to remove all versions of PHP by running yum -y remove php* and then installing PHP v7, but then it seems that it is not able to remove certain components of v5.4.16, resulting in a mixed environment where there are components of both v5.4.16 and v7.0.25 when I run the tail -n command

Error message when trying to load the Fog Console is as shown:

Network Error
A communication error occurred: “Operation timed out”

The Web Server may be down, too busy, or experiencing other problems preventing it from responding to requests. You may wish to try again at a later time.

For assistance, contact your service desk.

Exception ID : tcp_error

As requested, ran the iptables -L -n -v and obtained the following results

iptables -L -n -v
Chain INPUT (policy ACCEPT 14086 packets, 2720K bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     udp  --  virbr0 *       0.0.0.0/0            0.0.0.0/0            udp dpt:53
    0     0 ACCEPT     tcp  --  virbr0 *       0.0.0.0/0            0.0.0.0/0            tcp dpt:53
    0     0 ACCEPT     udp  --  virbr0 *       0.0.0.0/0            0.0.0.0/0            udp dpt:67
    0     0 ACCEPT     tcp  --  virbr0 *       0.0.0.0/0            0.0.0.0/0            tcp dpt:67

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      virbr0  0.0.0.0/0            192.168.122.0/24     ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     all  --  virbr0 *       192.168.122.0/24     0.0.0.0/0        iptables -L -n -v
Chain INPUT (policy ACCEPT 14086 packets, 2720K bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     udp  --  virbr0 *       0.0.0.0/0            0.0.0.0/0            udp dpt:53
    0     0 ACCEPT     tcp  --  virbr0 *       0.0.0.0/0            0.0.0.0/0            tcp dpt:53
    0     0 ACCEPT     udp  --  virbr0 *       0.0.0.0/0            0.0.0.0/0            udp dpt:67
    0     0 ACCEPT     tcp  --  virbr0 *       0.0.0.0/0            0.0.0.0/0            tcp dpt:67

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      virbr0  0.0.0.0/0            192.168.122.0/24     ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     all  --  virbr0 *       192.168.122.0/24     0.0.0.0/0           
    0     0 ACCEPT     all  --  virbr0 virbr0  0.0.0.0/0            0.0.0.0/0           
    0     0 REJECT     all  --  *      virbr0  0.0.0.0/0            0.0.0.0/0            reject-with icmp-port-unreachable
    0     0 REJECT     all  --  virbr0 *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-port-unreachable

Chain OUTPUT (policy ACCEPT 4016 packets, 760K bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     udp  --  *      virbr0  0.0.0.0/0            0.0.0.0/0            udp dpt:68
   
    0     0 ACCEPT     all  --  virbr0 virbr0  0.0.0.0/0            0.0.0.0/0           
    0     0 REJECT     all  --  *      virbr0  0.0.0.0/0            0.0.0.0/0            reject-with icmp-port-unreachable
    0     0 REJECT     all  --  virbr0 *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-port-unreachable

Chain OUTPUT (policy ACCEPT 4016 packets, 760K bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     udp  --  *      virbr0  0.0.0.0/0            0.0.0.0/0            udp dpt:68

Sebastian Roth

@tolaria said in Unable to display Fog Management Console - Newbie to Linux & Fog Project:

A communication error occurred: “Operation timed out”

Ok, this is definitely a connection issue in the first place. Might be other things behind that but we need to fix that first. So run the following commands as root:

iptables -X
iptables -F
iptables -t nat -X
iptables -t nat -F
iptables -t mangle -X
iptables -t mangle -F
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT

This is just temporary till you reboot your server. We’ll add proper rules later on.

tolaria

@sebastian-roth Hi Sebastian, have run the commands as indicated. Running this in GUI mode with Terminal as Root

[root@sglfog01 jquek]# iptables -X
[root@sglfog01 jquek]# iptables -F
[root@sglfog01 jquek]# iptables -t nax -X
iptables v1.4.21: can’t initialize iptables table `nax’: Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
[root@sglfog01 jquek]# iptables -t nat -F
[root@sglfog01 jquek]# iptables -t mangle -X
[root@sglfog01 jquek]# iptables -t mangle -F
[root@sglfog01 jquek]# iptables -P INPUT ACCEPT
[root@sglfog01 jquek]# iptables -P FORWARD ACCEPT
[root@sglfog01 jquek]# iptables -P OUTPUT ACCEPT

After that, tried to open Fog Console and still fails

Sebastian Roth

@tolaria said in Unable to display Fog Management Console - Newbie to Linux & Fog Project:

After that, tried to open Fog Console and still fails

This is not helpful. Does it fail the same way as timeout or different? Maybe apache server is not running after PHP update anymore.

service httpd restart
tail -15 /var/log/httpd/error_log
date

Run as root and post full output here.