• I am trying to install 1.5.9 onto Cent OS 7. Using the instruction found on the wiki, I eventually get an error.

    OK
     * Backing up user reports.....................................Done
     * Stopping web service........................................OK
     * Setting up Apache and PHP files.............................OK
     * Testing and removing symbolic links if found................OK
     * Backing up old data.........................................OK
     * Copying new files to web folder.............................OK
     * Creating config file........................................OK
     * Creating redirection index file.............................Skipped
     * Downloading kernel, init and fog-client binaries............Done
     * Copying binaries to destination paths.......................OK
     * Enabling apache and fpm services on boot....................OK
     * Creating SSL CA.............................................OK
     * Creating SSL Private Key....................................Failed!
    
    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
    !! The installer was not able to run all the way to the end as   !!
    !! something has caused it to fail. The following few lines are  !!
    !! from the error log file which might help us figure out what's !!
    !! wrong. Please add this information when reporting an error.   !!
    !! As well you might want to take a look at the full error log   !!
    !! in /root/git/fogproject/bin/error_logs/fog_error_1.5.9.log !!
    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
    
    ........++
    .........................................................++
    e is 65537 (0x10001)
    error on line 7 of /opt/fog/snapins/ssl//req.cnf
    140189682390928:error:0E079065:configuration file routines:DEF_LOAD_BIO:missing equal sign:conf_def.c:345:line 7
    
    

    I check the file that the file log is referencing.
    /opt/fog/snapins/ssl//req.cnf

    [req]
    distinguished_name = req_distinguished_name
    req_extensions = v3_req
    prompt = yes
    [req_distinguished_name]
    CN = 10.4.6.44
    10.4.1.101
    [v3_req]
    subjectAltName = @alt_names
    [alt_names]
    IP.1 = 10.4.6.44
    10.4.1.101
    DNS.1 = FOG2
    

    Not sure what’s going.

    Thank you.

  • Senior Developer

    @Tom-Elliott @Wayne-Workman In this case here the installer error was actually helpful to prevent from later issues with two IPs on an interface that were not intentionally configured.

    I don’t think it’s worth the effort changing the scripts but feel free to go ahead.


  • @tom-elliott in that case, I would agree that putting the extras into the SANs is appropriate. I’ll see if I can figure this out.


  • @wayne-workman the problem is we can’t and shouldn’t know or assume for all cases. I have worked for an organization who had not 1, not 2, but 5 IPs on a single interface. Routing was not fun on that machine. The point here, is it can happen and for that reason we should adapt. I cannot delve into why the machine needed 5 IPs on the interface, just know that it happens.


  • @tom-elliott if that were implemented, then in @xburnerx00’s case his certificate would have an IP that the FOG server isn’t using after one reboot.

    In what legitimate case does a single Linux interface have two IPs?

  • Senior Developer

    @xburnerx00 said in New install failing:

    I changed the settings to manual, as it was already set to DHCP.

    Definitely set manual IP on a FOG server. If the IP changes you’d have a problem.


  • @wayne-workman @Sebastian-Roth what if we allowed the virtual IP but as subject alternate names? Like a bash array that we take the first in the list and make it the CN, and anything additional as the SANs of the certificate chain?


  • @xburnerx00 said in New install failing:

    I changed the settings to manual, as it was already set to DHCP.

    I’ve seen this behavior lots of times with Linux. If you do a DHCP release / renew with these commands:

    dhclient -r && dhclient
    

    it produces the same behavior. the old address is held on the interface along with the new one. I’ve found that rebooting clears it. I’ve not tried other things.

    Reference: https://linux.die.net/man/8/dhclient

    I’ll work on a check for detecting two IPs on the chosen interface. If there are two, the installer should note this and exit rather than falling on it’s face and people not knowing what’s going on. It can also offer advice on how to fix (like rebooting)


  • @sebastian-roth

    Thank you for pointing that out. I changed the settings to manual, as it was already set to DHCP. After that, I reran the install and it completed. I do not know why there was two addresses. When I installed Cent OS, I input an ip address. I guess when it finished the install it was set for dynamic and picked up an IP but still had the manual one set.

  • Senior Developer

    @xburnerx00 Are you aware of the two IPs being bound to interface eno1? The FOG installer does not seem to handle this well and I can imagine multicasting and other things might cause trouble as well.


  • @sebastian-roth
    Thank you for the reply.
    Output of ip a s

    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
        link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
        inet 127.0.0.1/8 scope host lo
           valid_lft forever preferred_lft forever
        inet6 ::1/128 scope host 
           valid_lft forever preferred_lft forever
    2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
        link/ether ec:b1:d7:39:d3:43 brd ff:ff:ff:ff:ff:ff
        inet 10.4.6.44/21 brd 10.4.7.255 scope global noprefixroute dynamic eno1
           valid_lft 608102sec preferred_lft 608102sec
        inet 10.4.1.101/21 brd 10.4.7.255 scope global secondary noprefixroute eno1
           valid_lft forever preferred_lft forever
        inet6 fe80::e4a8:f3be:9a11:7d2b/64 scope link noprefixroute 
           valid_lft forever preferred_lft forever
    3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
        link/ether 52:54:00:cc:59:bc brd ff:ff:ff:ff:ff:ff
        inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
           valid_lft forever preferred_lft forever
    4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000
        link/ether 52:54:00:cc:59:bc brd ff:ff:ff:ff:ff:ff
    
    
  • Senior Developer

    @xburnerx00 said in New install failing:

    CN = 10.4.6.44
    10.4.1.101

    Looks like you have two IP addresses configured (just guessing) and that is causing an issue. Please run ip a s and post the full output here.

390
Online

8.7k
Users

15.4k
Topics

144.0k
Posts