[Bug 1163812] New: Cannot control ejabberd with ejabberdctl
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1163812
Bug ID: 1163812
Summary: Cannot control ejabberd with ejabberdctl
Product: Fedora
Version: 21
Component: ejabberd
Assignee: lemenkov(a)gmail.com
Reporter: juan.orti(a)miceliux.com
QA Contact: extras-qa(a)fedoraproject.org
CC: erlang(a)lists.fedoraproject.org, jkaluza(a)redhat.com,
lemenkov(a)gmail.com, martin(a)laptop.org
Description of problem:
After a clean install of ejabberd in Fedora 21, I cannot use the ejabberdctl
utility to register users, etc.
I run:
# ejabberdctl register admin localhost password
Failed RPC connection to the node ejabberd@localhost: nodedown
Commands to start an ejabberd node:
start Start an ejabberd node in server mode
debug Attach an interactive Erlang shell to a running ejabberd node
live Start an ejabberd node in live (interactive) mode
Optional parameters when starting an ejabberd node:
--config-dir dir Config ejabberd: /etc/ejabberd
--config file Config ejabberd: /etc/ejabberd/ejabberd.yml
--ctl-config file Config ejabberdctl: /etc/ejabberd/ejabberdctl.cfg
--logs dir Directory for logs: /var/log/ejabberd
--spool dir Database spool dir: /var/lib/ejabberd
--node nodename ejabberd node name: ejabberd@localhost
And I see this in the log /var/log/ejabberd/ejabberd.log:
2014-11-13 14:57:30.188 [info] <0.7.0> Application lager started on node
ejabberd@localhost
2014-11-13 14:57:30.257 [info] <0.7.0> Application sasl started on node
ejabberd@localhost
2014-11-13 14:57:30.286 [info] <0.7.0> Application crypto started on node
ejabberd@localhost
2014-11-13 14:57:30.354 [info] <0.7.0> Application asn1 started on node
ejabberd@localhost
2014-11-13 14:57:30.354 [info] <0.7.0> Application public_key started on node
ejabberd@localhost
2014-11-13 14:57:30.421 [info] <0.7.0> Application ssl started on node
ejabberd@localhost
2014-11-13 14:57:30.450 [info] <0.7.0> Application p1_yaml started on node
ejabberd@localhost
2014-11-13 14:57:30.482 [info] <0.7.0> Application p1_tls started on node
ejabberd@localhost
2014-11-13 14:57:30.492 [info] <0.7.0> Application p1_xml started on node
ejabberd@localhost
2014-11-13 14:57:30.498 [info] <0.7.0> Application p1_stringprep started on
node ejabberd@localhost
2014-11-13 14:57:30.508 [info] <0.7.0> Application p1_zlib started on node
ejabberd@localhost
2014-11-13 14:57:30.515 [info] <0.7.0> Application p1_cache_tab started on node
ejabberd@localhost
2014-11-13 14:57:31.015 [info] <0.7.0> Application mnesia started on node
ejabberd@localhost
2014-11-13 14:57:33.259 [info] <0.37.0>@cyrsasl_digest:start:57 FQDN used to
check DIGEST-MD5 SASL authentication: charm.miceliux.com
2014-11-13 14:57:33.423 [info] <0.7.0> Application p1_iconv started on node
ejabberd@localhost
2014-11-13 14:57:42.556 [info] <0.564.0>@ejabberd_listener:listen_tcp:194
Reusing listening port for 5222
2014-11-13 14:57:42.556 [info] <0.565.0>@ejabberd_listener:listen_tcp:194
Reusing listening port for 5269
2014-11-13 14:57:42.557 [info] <0.566.0>@ejabberd_listener:listen_tcp:194
Reusing listening port for 5280
2014-11-13 14:57:42.557 [info] <0.37.0>@ejabberd_app:start:69 ejabberd
community is started in the node ejabberd@localhost
2014-11-13 14:57:42.557 [info] <0.7.0> Application ejabberd started on node
ejabberd@localhost
2014-11-13 14:59:18.926 [error] <0.567.0> ** Connection attempt from disallowed
node 'ejabberdctl-1@charm' **
Version-Release number of selected component (if applicable):
ejabberd-14.07-3.fc21.x86_64
How reproducible:
Always
Steps to Reproduce:
1. yum install ejabberd
2. systemctl start ejabberd
3. ejabberdctl register admin localhost password
Actual results:
Cannot register a user.
Expected results:
Register a user.
Additional info:
--
You are receiving this mail because:
You are on the CC list for the bug.
5 years, 10 months
[Bug 1373887] New: Add systemd template services
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1373887
Bug ID: 1373887
Summary: Add systemd template services
Product: Fedora
Version: rawhide
Component: rabbitmq-server
Assignee: lemenkov(a)gmail.com
Reporter: karlthered(a)gmail.com
QA Contact: extras-qa(a)fedoraproject.org
CC: erlang(a)lists.fedoraproject.org,
hubert.plociniczak(a)gmail.com, jeckersb(a)redhat.com,
lemenkov(a)gmail.com, rjones(a)redhat.com, s(a)shk.io
Created attachment 1198657
--> https://bugzilla.redhat.com/attachment.cgi?id=1198657&action=edit
Patch to spec file (needs more testing)
Description of problem:
Some OpenStack services require separate instances of RabbitMQ and shipping a
systemd template services would simplify that
Version-Release number of selected component (if applicable):
current
How reproducible:
N/A
Actual results:
Needs to write custom service file to run separate instances
Expected results:
Packages needing separate instance should just drop in their config files and
systemctl start rabbitmq@FOO to run separate instance of rabbitmq-server
Additional info:
About systemd template unit files:
https://fedoramagazine.org/systemd-template-unit-files/
--
You are receiving this mail because:
You are on the CC list for the bug.
5 years, 11 months
[Bug 1363724] New: Fix rpmgrill issues
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1363724
Bug ID: 1363724
Summary: Fix rpmgrill issues
Product: Fedora
Version: rawhide
Component: ejabberd
Severity: medium
Assignee: lemenkov(a)gmail.com
Reporter: randy(a)electronsweatshop.com
QA Contact: extras-qa(a)fedoraproject.org
CC: erlang(a)lists.fedoraproject.org, jeremy(a)jcline.org,
lemenkov(a)gmail.com, martin(a)laptop.org,
randy(a)electronsweatshop.com
rpmgrill has reported some issues with ejabberd:
https://taskotron.fedoraproject.org/artifacts/all/256cc5f6-5975-11e6-bc33...
{
"package" : {
"name" : "ejabberd",
"release" : "1.fc25",
"version" : "16.06.1"
},
"results" : {
"timestamp" : 1470227116,
"tool" : "rpmgrill",
"version" : "0.01"
},
"tests" : [
{
"module" : "VirusCheck",
"order" : 2,
"results" : [],
"run_time" : 14,
"status" : "completed"
},
{
"module" : "SpecFileSanity",
"order" : 5,
"results" : [],
"run_time" : 0,
"status" : "completed"
},
{
"module" : "SpecFileEncoding",
"order" : 10,
"results" : [],
"run_time" : 0,
"status" : "completed"
},
{
"module" : "LibGather",
"order" : 12,
"results" : [],
"run_time" : 1,
"status" : "completed"
},
{
"module" : "ElfChecks",
"order" : 14,
"results" : [],
"run_time" : 0,
"status" : "completed"
},
{
"module" : "Patches",
"order" : 15,
"results" : [],
"run_time" : 0,
"status" : "completed"
},
{
"failure_code" : "rpmgrill: Error running strings: No such file or
directory at /usr/share/perl5/vendor_perl/RPM/Grill/Plugin/SecurityPolicy.pm
line 108.\n",
"module" : "SecurityPolicy",
"order" : 16,
"results" : [],
"run_time" : 0,
"status" : "failed"
},
{
"module" : "Multilib",
"order" : 20,
"results" : [],
"run_time" : 0,
"status" : "completed"
},
{
"module" : "Manifest",
"order" : 30,
"results" : [],
"run_time" : 0,
"status" : "completed"
},
{
"module" : "ManPages",
"order" : 45,
"results" : [
{
"arch" : "armv7hl,i686,x86_64",
"code" : "ManPageMissing",
"diag" : "No man page for <tt>/etc/ejabberd/ejabberd.yml</tt>",
"subpackage" : "ejabberd"
},
{
"arch" : "armv7hl,i686,x86_64",
"code" : "ManPageMissing",
"diag" : "No man page for
<tt>/etc/ejabberd/ejabberdctl.cfg</tt>",
"subpackage" : "ejabberd"
},
{
"arch" : "armv7hl,i686,x86_64",
"code" : "ManPageMissing",
"diag" : "No man page for <tt>/etc/ejabberd/inetrc</tt>",
"subpackage" : "ejabberd"
},
{
"arch" : "armv7hl,i686,x86_64",
"code" : "ManPageMissing",
"diag" : "No man page for <tt>/etc/logrotate.d/ejabberd</tt>",
"subpackage" : "ejabberd"
},
{
"arch" : "armv7hl,i686,x86_64",
"code" : "ManPageMissing",
"diag" : "No man page for <tt>/etc/pam.d/ejabberd</tt>",
"subpackage" : "ejabberd"
},
{
"arch" : "armv7hl,i686,x86_64",
"code" : "ManPageMissing",
"diag" : "No man page for <tt>/etc/pam.d/ejabberdctl</tt>",
"subpackage" : "ejabberd"
}
],
"run_time" : 0,
"status" : "completed"
},
{
"module" : "RpmScripts",
"order" : 90,
"results" : [
{
"arch" : "src",
"code" : "UseraddNoHomedir",
"context" : {
"excerpt" : [
"useradd -r -g %{name} -d %{_localstatedir}/lib/%{name} -s
/sbin/nologin -M -c "ejabberd" %{name}"
],
"lineno" : 168,
"path" : "ejabberd.spec",
"sub" : "%pre"
},
"diag" : "Invocation of <tt>useradd</tt> without a home dir"
},
{
"arch" : "src",
"code" : "UseraddNoShell",
"context" : {
"excerpt" : [
"useradd -r -g %{name} -d %{_localstatedir}/lib/%{name} -s
/sbin/nologin -M -c "ejabberd" %{name}"
],
"lineno" : 168,
"path" : "ejabberd.spec",
"sub" : "%pre"
},
"diag" : "Invocation of <tt>useradd</tt> without a login shell"
},
{
"arch" : "src",
"code" : "UseraddNoUid",
"context" : {
"excerpt" : [
"useradd -r -g %{name} -d %{_localstatedir}/lib/%{name} -s
/sbin/nologin -M -c "ejabberd" %{name}"
],
"lineno" : 168,
"path" : "ejabberd.spec",
"sub" : "%pre"
},
"diag" : "Invocation of <tt>useradd</tt> without specifying a
UID; this may be OK, because /usr/share/doc/setup/uidgid defines no UID for
<var>%{name}</var>"
}
],
"run_time" : 0,
"status" : "completed"
},
{
"module" : "Setxid",
"order" : 91,
"results" : [],
"run_time" : 1,
"status" : "completed"
},
{
"module" : "BuildLog",
"order" : 92,
"results" : [],
"run_time" : 0,
"status" : "completed"
},
{
"module" : "DesktopLint",
"order" : 93,
"results" : [],
"run_time" : 0,
"status" : "completed"
}
]
}
In particular, we should look at the useradd complaints, but also any of the
other reported issues.
--
You are receiving this mail because:
You are on the CC list for the bug.
5 years, 11 months
[Bug 1393649] New: ejabberd'
s unit file should not launch ejabberdctl with /usr/bin/bash
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1393649
Bug ID: 1393649
Summary: ejabberd's unit file should not launch ejabberdctl
with /usr/bin/bash
Product: Fedora
Version: rawhide
Component: ejabberd
Severity: medium
Assignee: lemenkov(a)gmail.com
Reporter: randy(a)electronsweatshop.com
QA Contact: extras-qa(a)fedoraproject.org
CC: erlang(a)lists.fedoraproject.org, jeremy(a)jcline.org,
lemenkov(a)gmail.com, martin(a)laptop.org,
randy(a)electronsweatshop.com
Depends On: 1393643
External Bug ID: Github processone/ejabberd/issues/1375
Description of problem:
Currently, ejabberdctl is launched by systemd with /usr/bin/bash instead of
being launched directly. This causes the process to run in the initrc_t context
which is very permissive. Instead, systemd should launch ejabberdctl directly.
However, there are two blockers to getting this change done and working, as we
get these AVC denials with this change in place:
type=AVC msg=audit(1478751171.862:648): avc: denied { write } for pid=2989
comm="async_2" name="ejabberd.pem" dev="dm-1" ino=44546
scontext=system_u:system_r:rabbitmq_t:s0
tcontext=unconfined_u:object_r:etc_t:s0 tclass=file permissive=0
type=AVC msg=audit(1478751171.863:649): avc: denied { write } for pid=2989
comm="async_2" name="ejabberd.pem" dev="dm-1" ino=44546
scontext=system_u:system_r:rabbitmq_t:s0
tcontext=unconfined_u:object_r:etc_t:s0 tclass=file permissive=0
type=AVC msg=audit(1478751171.865:650): avc: denied { name_bind } for
pid=2986 comm="beam" src=5349 scontext=system_u:system_r:rabbitmq_t:s0
tcontext=system_u:object_r:unreserved_port_t:s0 tclass=tcp_socket permissive=0
I've filed a bug upstream to request that they stop trying to open the certfile
in write mode[0], and I've filed a bug against selinux-policy to request that
ejabberd be allowed to use tcp port 5349[1]. Once both of those bugs are fixed,
we can proceed with dropping /usr/bin/bash presuming that we don't then hit
further AVC denials (which could happen).
Version-Release number of selected component (if applicable):
ejabberd-16.08-2.fc25.x86_64
Additional info:
[0] https://github.com/processone/ejabberd/issues/1375
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1393643
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1393643
[Bug 1393643] ejabberd is not allowed to open tcp port 5349
--
You are receiving this mail because:
You are on the CC list for the bug.
6 years, 2 months
[Bug 1341252] New: ejabberd does not log to journald
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1341252
Bug ID: 1341252
Summary: ejabberd does not log to journald
Product: Fedora
Version: rawhide
Component: ejabberd
Assignee: lemenkov(a)gmail.com
Reporter: jeremy(a)jcline.org
QA Contact: extras-qa(a)fedoraproject.org
CC: erlang(a)lists.fedoraproject.org, jeremy(a)jcline.org,
lemenkov(a)gmail.com, martin(a)laptop.org,
rbarlow(a)redhat.com
Created attachment 1163265
--> https://bugzilla.redhat.com/attachment.cgi?id=1163265&action=edit
Patch to ejabberd.service
Description of problem:
It'd be great if ejabberd logged to journald rather than /var/log/ejabberd/.
This can be achieved with a few small changes to the systemd unit file. I've
attached my proposed systemd unit file.
Version-Release number of selected component (if applicable):
All currently released versions.
Steps to Reproduce:
1. systemctl start ejabberd.service
2. journalctl -u ejabberd
3. :(
Actual results:
Logs are placed in /var/log/ejabberd
Expected results:
Logging is handled by journald
--
You are receiving this mail because:
You are on the CC list for the bug.
6 years, 4 months