Univention Bugzilla – Bug 45531
OperationalError: FATAL: Passwort-Authentifizierung für Benutzer »selfservice« fehlgeschlagen
Last modified: 2018-10-26 17:44:29 CEST
Version: 4.2-2 errata189 (Lesum) Remark: Kontozugang schützen funktioniert nicht Die Ausführung des Kommandos passwordreset/get_contact ist fehlgeschlagen: Traceback (most recent call last): File "%PY2.7%/univention/management/console/protocol/modserver.py", line 178, in _recv self.handle(msg) File "%PY2.7%/univention/management/console/protocol/modserver.py", line 287, in handle self.__handler.init() File "%PY2.7%/univention/management/console/modules/passwordreset/__init__.py", line 212, in init self.db = TokenDB(MODULE) File "%PY2.7%/univention/management/console/modules/passwordreset/tokendb.py", line 53, in __init__ self.conn = self.open_db() File "%PY2.7%/univention/management/console/modules/passwordreset/tokendb.py", line 120, in open_db db_name=DB_NAME, db_user=DB_USER, db_pw=password)) File "/usr/lib/python2.7/dist-packages/psycopg2/__init__.py", line 164, in connect conn = _connect(dsn, connection_factory=connection_factory, async=async) OperationalError: FATAL: Passwort-Authentifizierung für Benutzer »selfservice« fehlgeschlagen FATAL: Passwort-Authentifizierung für Benutzer »selfservice« fehlgeschlagen
Reported again, 4.2-2 errata219 (Lesum)
Reported again: Version: 4.2-3 errata231 (Lesum) OperationalError: could not connect to server: Connection refused Is the server running on host "localhost" (::1) and accepting TCP/IP connections on port 5432? could not connect to server: Connection refused Is the server running on host "localhost" (127.0.0.1) and accepting TCP/IP connections on port 5432? could not connect to server: Connection refused Is the server running on host "localhost" (127.0.0.1) and accepting TCP/IP connections on port 5432?
As with https://forge.univention.org/bugzilla/show_bug.cgi?id=45719#c2 : Should a message be created that tells the user to tell his admin to (re)start the service?
Reported again: Version: 4.3-0 errata11 (Neustadt) Remark: Problem besteht leider auch nach Re-Install der App noch univention-app remove self-service apt-get purge univention-self-service univention-self-service-passwordreset-umc univention-app install self-service
Reported again: Version: 4.3-0 errata12 (Neustadt)
Was now reported within a support ticket (2018080821000354). I will inform the customer and set the ticket in waiting for this fix or do we have a workaround, yet?
> OperationalError: FATAL: Passwort-Authentifizierung für Benutzer > »selfservice« fehlgeschlagen > FATAL: Passwort-Authentifizierung für Benutzer »selfservice« fehlgeschlagen Dies ist ein Verbindungsfehler vom Webserver zum PostgreSQL-Server. D.h. das Passwort aus /etc/self-service-db.secret stimmt nicht mit dem Passwort überein, dass PostgreSQL für den Datenbank-User "selfservice" gespeichert hat. Das Problem lässt sich lösen, indem man das Passwort für den Datenbank-User erneut setzt: Ungetestet, aber sollte in etwas so funktionieren: $ selfservice_pwd="$(</etc/self-service-db.secret)" $ su - postgres -c "echo \"ALTER ROLE selfservice WITH ENCRYPTED PASSWORD '$selfservice_pwd';\" | psql" || die "Could not set selfservice database password." Alternativ einfach /etc/self-service-db.secret löschen und das join script 35univention-self-service-passwordreset-umc.inst laufen lassen: $ mv /etc/self-service-db.secret /etc/self-service-db.secret.old $ univention-run-join-scripts --run-scripts --force 35univention-self-service-passwordreset-umc.inst
Both workarounds are not working in the customer environment.
(In reply to Christina Scheinig from comment #8) > Both workarounds are not working in the customer environment. Why, there is no information about the actual problem here, just an error message. For example one could test the psql connection as selfservice user psql -U selfservice -h localhost selfservice with the password from /etc/self-service-db.secret.
By the way, this has nothing to do with password policies as this "selfservice" account is an account in postgres, not in the IDM oder the local system.
e1116dbf7848b8f029e877ef99509bc7881f8c07 - univention-self-service ee0b0abe99a3a30f12cf48e215d52f79422c31ac - yaml Just changed the join script to always update the selfservice database user password.
OK: always set postgresql userpassword for selfservice when executing the joinscript OK:~ Only re-executing the joinscript will fix the issue. Why the issue appeared at all is not clear OK: yaml
<http://errata.software-univention.de/ucs/4.3/291.html>
Reported again: Version: 4.3-2 errata287 (Neustadt) Interner Server-Fehler in "passwordreset/get_contact". Request: passwordreset/get_contact Traceback (most recent call last): File "%PY2.7%/univention/management/console/protocol/modserver.py", line 186, in _recv self.handle(msg) File "%PY2.7%/univention/management/console/protocol/modserver.py", line 296, in handle self.__handler.init() File "%PY2.7%/univention/management/console/modules/passwordreset/__init__.py", line 214, in init self.db = TokenDB(MODULE) File "%PY2.7%/univention/management/console/modules/passwordreset/tokendb.py", line 53, in __init__ self.conn = self.open_db() File "%PY2.7%/univention/management/console/modules/passwordreset/tokendb.py", line 120, in open_db db_name=DB_NAME, db_user=DB_USER, db_pw=password)) File "/usr/lib/python2.7/dist-packages/psycopg2/__init__.py", line 164, in connect conn = _connect(dsn, connection_factory=connection_factory, async=async) OperationalError: FATAL: Passwort-Authentifizierung für Benutzer »selfservice« fehlgeschlagen FATAL: Passwort-Authentifizierung für Benutzer »selfservice« fehlgeschlagen Role: domaincontroller_master