Univention Bugzilla – Bug 42986
FAILED: 92univention-management-console-web-server.inst
Last modified: 2018-05-23 14:27:07 CEST
It still occurs with Version: 4.1-4 errata324 (Vahr) Domäneneinrichtung (Dies kann einige Zeit dauern): FAILED: 92univention-management-console-web-server.inst The ticket #2016111421000401 contains a email address if you want to ask for logfiles. +++ This bug was initially created as a clone of Bug #42500 +++
(In reply to Florian Best from comment #0) > It still occurs with Version: 4.1-4 errata324 (Vahr) It could also be an old installation medium that was updated to UCS 4.1-4 during setup.
(In reply to Erik Damrose from comment #1) > (In reply to Florian Best from comment #0) > > It still occurs with Version: 4.1-4 errata324 (Vahr) > > It could also be an old installation medium that was updated to UCS 4.1-4 > during setup. Really? It must have been started with 4.1-3, I don't know if system-setup automatically installs minor versions. I don't think so.
(In reply to Florian Best from comment #2) > Really? It must have been started with 4.1-3, I don't know if system-setup > automatically installs minor versions. I don't think so. It does :) usr/lib/univention-system-setup/scripts/90_postjoin/20upgrade line 50+ if [ "$server_role" = "domaincontroller_master" ]; then # Update to latest patchlevel echo "Running upgrade on DC Master: univention-upgrade --noninteractive --updateto $version_version-99" /usr/sbin/univention-upgrade --noninteractive --updateto "$version_version-99"
I see this every time with UCS-4.1-4+324 doing a PXE installation: ==> /var/log/univention/setup-join.log <== Configure /usr/lib/univention-install/92univention-management-console-web-server.inst 2016-11-28 15:23:54.459265453+01:00 (in joinscript_init) ==> univention/config-registry.replog <== 2016-11-28 15:23:54: set ucs/web/overview/entries/admin/umc/link/de='/univention-management-console?lang=de-DE' old:[Previously undefined] 2016-11-28 15:23:54: set ucs/web/overview/entries/admin/umc/link='/univention-management-console?lang=en-US' old:/univention-management-console?username=root 2016-11-28 15:23:54: set ucs/web/overview/entries/admin/umc/icon=/univention-management-console/js/dijit/themes/umc/icons/scalable/univention-management-console.svg old:/univention-management-console/js/dijit/themes/umc/icons/scalable/un ivention-management-console.svg 2016-11-28 15:23:54: set ucs/web/overview/entries/admin/umc/priority=10 old:10 ==> /var/log/univention/setup-join.log <== Setting ucs/web/overview/entries/admin/umc/icon Setting ucs/web/overview/entries/admin/umc/link Create ucs/web/overview/entries/admin/umc/link/de Setting ucs/web/overview/entries/admin/umc/priority File: /var/www/ucs-overview/entries.json ==> univention/config-registry.replog <== 2016-11-28 15:23:55: set ucs/web/overview/entries/admin/umc/label/de='System- und Domänen­einstellungen' old:System- und Domäneneinstellungen 2016-11-28 15:23:55: set ucs/web/overview/entries/admin/umc/label='System and domain settings' old:System and domain settings 2016-11-28 15:23:55: set ucs/web/overview/entries/admin/umc/description='Univention Management Console for administrating the UCS domain and the local system' old:Please login as <i>root</i> to join the domain 2016-11-28 15:23:55: set ucs/web/overview/entries/admin/umc/description/de='Univention Management Console zur Verwaltung der UCS-Domäne und des lokalen Systems' old:Bitte loggen Sie sich als Benutzer <i>root</i> ein, um der Domaine beizutreten ==> /var/log/univention/setup-join.log <== Setting ucs/web/overview/entries/admin/umc/label Setting ucs/web/overview/entries/admin/umc/label/de Setting ucs/web/overview/entries/admin/umc/description Setting ucs/web/overview/entries/admin/umc/description/de File: /var/www/ucs-overview/entries.json Object created: SAMLServiceProviderIdentifier=https://dc0.schulung7.ucs/univention-management-console/saml/metadata,cn=saml-serviceprovider,cn=univention,dc=schulung7,dc=ucs Object modified: SAMLServiceProviderIdentifier=https://dc0.schulung7.ucs/univention-management-console/saml/metadata,cn=saml-serviceprovider,cn=univention,dc=schulung7,dc=ucs Not updating ucs/server/sso/fqdn Reloading web server config: apache2 failed! ==> univention/config-registry.replog <== 2016-11-28 15:23:57: set umc/saml/idp-server=https://ucs-sso.schulung7.ucs/simplesamlphp/saml2/idp/metadata.php old:[Previously undefined] ==> /var/log/univention/setup-join.log <== curl: (6) Couldn't resolve host 'ucs-sso.schulung7.ucs' ... ==> log2/syslog <== Nov 28 15:24:08 dhcpd: Wrote 0 leases to leases file. Nov 28 15:24:09 dhcpd: Nov 28 15:24:09 dhcpd: No subnet declaration for eth0 (10.200.17.247). Nov 28 15:24:09 dhcpd: ** Ignoring requests on eth0. If this is not what Nov 28 15:24:09 dhcpd: you want, please write a subnet declaration Nov 28 15:24:09 dhcpd: in your dhcpd.conf file for the network segment Nov 28 15:24:09 dhcpd: to which interface eth0 is attached. ** Nov 28 15:24:09 dhcpd: Nov 28 15:24:09 dhcpd: Nov 28 15:24:09 dhcpd: Not configured to listen on any interfaces! ==> /var/log/univention/setup-join.log <== curl: (6) Couldn't resolve host 'ucs-sso.schulung7.ucs' ... ==> log2/syslog <== Nov 28 15:24:13 named[24327]: received control channel command 'reload schulung7.ucs' Nov 28 15:24:13 named[24378]: received control channel command 'reload schulung7.ucs' Nov 28 15:24:13 named[24378]: received control channel command 'reload 1.16.172.in-addr.arpa' Nov 28 15:24:13 named[24378]: zone schulung7.ucs/IN: Transfer started. Nov 28 15:24:13 named[24378]: transfer of 'schulung7.ucs/IN' from 127.0.0.1#7777: connected using 127.0.0.1#50797 Nov 28 15:24:13 named[24327]: client 127.0.0.1#50797: transfer of 'schulung7.ucs/IN': AXFR-style IXFR started Nov 28 15:24:13 named[24327]: client 127.0.0.1#50797: transfer of 'schulung7.ucs/IN': AXFR-style IXFR ended Nov 28 15:24:13 named[24378]: zone schulung7.ucs/IN: transferred serial 9 Nov 28 15:24:13 named[24378]: transfer of 'schulung7.ucs/IN' from 127.0.0.1#7777: Transfer completed: 1 messages, 11 records, 462 bytes, 0.005 secs (92400 bytes/sec) Nov 28 15:24:13 named[24327]: zone schulung7.ucs/IN: zone serial (9) unchanged. zone may fail to transfer to slaves. Nov 28 15:24:13 named[24327]: zone schulung7.ucs/IN: sending notifies (serial 9) Nov 28 15:24:13 named[24327]: received control channel command 'reload 1.16.172.in-addr.arpa' Nov 28 15:24:13 named[24378]: client 127.0.0.1#22653: received notify for zone 'schulung7.ucs' Nov 28 15:24:13 named[24378]: zone schulung7.ucs/IN: notify from 127.0.0.1#22653: zone is up to date Nov 28 15:24:13 named[24327]: zone 1.16.172.in-addr.arpa/IN: zone serial (2) unchanged. zone may fail to transfer to slaves. Nov 28 15:24:13 named[24327]: zone 1.16.172.in-addr.arpa/IN: sending notifies (serial 2) ==> /var/log/univention/setup-join.log <== curl: (6) Couldn't resolve host 'ucs-sso.schulung7.ucs' ==> log2/syslog <== Nov 28 15:24:14 named[24378]: client 127.0.0.1#24993: received notify for zone '1.16.172.in-addr.arpa' Nov 28 15:24:14 named[24378]: zone 1.16.172.in-addr.arpa/IN: notify from 127.0.0.1#24993: zone is up to date ==> /var/log/univention/setup-join.log <== curl: (6) Couldn't resolve host 'ucs-sso.schulung7.ucs' ... % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed ^M 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0curl: (7) couldn't connect to host ... Multifile: /etc/pam.d/univention-management-console File: /etc/ldap/sasl2/slapd.conf Could not download IDP metadata for https://ucs-sso.schulung7.ucs/simplesamlphp/saml2/idp/metadata.php Create umc/saml/idp-server Module: setup_saml_sp Try to download idp metadata (1/60) ... Try to download idp metadata (60/60) ==> univention/config-registry.replog <== 2016-11-28 15:24:58: unset 'umc/saml/idp-server' old:https://ucs-sso.schulung7.ucs/simplesamlphp/saml2/idp/metadata.php ==> /var/log/univention/setup-join.log <== Multifile: /etc/pam.d/univention-management-console File: /etc/ldap/sasl2/slapd.conf Unsetting umc/saml/idp-server Module: setup_saml_sp This is caused by /etc/univention/templates/modules/setup_saml_sp.py: # curl -v https://ucs-sso.schulung7.ucs/simplesamlphp/saml2/idp/metadata.php * About to connect() to ucs-sso.schulung7.ucs port 443 (#0) * Trying 172.16.1.70... * Connection refused * couldn't connect to host * Closing connection #0 curl: (7) couldn't connect to host # apachectl configtest Syntax error on line 20 of /etc/apache2/sites-enabled/default-ssl: SSLCertificateFile: file '/tmp/tmp.QZeypswrbR' does not exist or is empty Action 'configtest' failed # ls -l /tmp/tmp.QZeypswrbR -rw------- 1 root root 0 Nov 29 12:05 /tmp/tmp.QZeypswrbR # ucr search --brief --value /tmp/tmp.QZeypswrbR apache2/ssl/certificate: /tmp/tmp.QZeypswrbR # grep apache2/ssl/certificate /var/log/univention/config-registry.replog 2016-11-29 12:05:18: set apache2/ssl/certificate=/tmp/tmp.QZeypswrbR old:[Previously undefined] # find /usr/lib/univention-system-setup -type f -exec grep -n apache2/ssl/certificate {} + /usr/lib/univention-system-setup/scripts/setup-join.sh:97: apache2/ssl/certificate="$certificate" \ ==> univention/setup-join.log <== Create umc/web/language cp: Aufruf von stat f<C3><BC>r <E2><80><9E>/etc/univention/ssl/lynx7.schulung7.ucs/cert.pem<E2><80><9C> nicht m<C3> <B6>glich: Datei oder Verzeichnis nicht gefunden cp: Aufruf von stat f<C3><BC>r <E2><80><9E>/etc/univention/ssl/lynx7.schulung7.ucs/private.key<E2><80><9C> nicht m <C3><B6>glich: Datei oder Verzeichnis nicht gefunden 1. setup-join.sh:97 should stop copying not-existing files 2. UCRV ucr/system/setup/boot/installer should be documented 3. USS should implement error checking and abort early DEV: For debugging such failures I used the following in-target cat >/usr/lib/univention-install/92aaa.inst <<__SH__ #!/bin/bash VERSION=5 . /usr/share/univention-join/joinscripthelper.lib joinscript_init while [ ! -e /tmp/inst ] do sleep 1 done joinscript_save_current_version exit 0 __SH__
Version: 4.1-4 errata332 (Vahr) Remark: Trying to install a backup UCS and got this. ANy pointers? Traceback(d41d8cd98f00b204e9800998ecf8427e): Domain setup (this might take a while): FAILED: 92univention-management-console-web-server.inst
Reported again, 4.1-4 errata350 (Vahr)
Reported again, 4.1-4 errata350 (Vahr) Remark: Versuch, einen Member-Server zum bestehenden UCS-Master zu installieren.
Version: 4.1-4 errata386 (Vahr)
Version: 4.1-4 errata406 (Vahr) Remark: I have found this error when i trying to setup a SLAVE domain(dac.naztech.local) where my master domain is (naztech.local). Can anyone please give me a solution ?
Version: 4.2-0 errata2 (Lesum) Remark: Initial Join&Update
Version: 4.2-0 errata1 (Lesum) Remark: The current DCM has problems to show the Management console after Upgrade from 4.1.x to 4.2 Role: domaincontroller_backup
Version: 4.2-0 errata15 (Lesum) Role: domaincontroller_slave
Reported again, 4.2-0 errata15 (Lesum) Role: memberserver
Reported again, 4.2-0 errata0 (Lesum)
Reported again, 4.2-0 errata29 (Lesum) Remark: Clean and fresh installation with the automatic domainjoin and automatic updates after installation set
It happened to me on a DC Backup where I skipped the inital join and used the UMC domain join module. The join.log contains the following: curl performs SSL certificate verification by default, using a "bundle" of Certificate Authority (CA) public keys (CA certs). If the default bundle file isn't adequate, you can specify an alternate file using the --cacert option. If this HTTPS server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL). If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option. % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0curl: (60) SSL certificate problem: self signed certificate in certificate chain More details here: http://curl.haxx.se/docs/sslcerts.html
Reported again, 4.2-0 errata52 (Lesum) Role: memberserver
Reported again, 4.2-1 errata52 (Lesum)
Reported again, 4.2-1 errata96 (Lesum) Ticket#2017072021000067
Reported again, 4.2-1 errata122 (Lesum) #2017080421000363
Version: 4.1-4 errata474 (Vahr) Reported again, #2017082521000663
#2017100321000646 Version: 4.2-2 errata189 (Lesum) Remark: I was installing UCS as a basis for just a Samba-server, but it crashed during installation...
#2017092121000356 Version: 4.2-2 errata184 (Lesum)
We could write more information into the error message in a first step.
#2017091121000562
Reported again, 4.2-2 errata203 (Lesum), #2017102021000686
Reported again: Version: 4.2-0 errata0 (Lesum), #2017112921000293 Configuration du domaine (cela peut prendre un certain temps): FAILED: 92univention-management-console-web-server.inst
Also in Ticket #2018011121000306: ich kann diesen Fehler auch noch bestätigen. Habe ihn bei einem Kunden, der einen zweiten UCS für Nextcloud verwendet und hier scheitert auch jedes Mal das Join-Skript. RUNNING 92univention-management-console-web-server.inst 2018-01-11 11:20:40.547401052+01:00 (in joinscript_init) W: The config registry variable 'ucs/web/overview/entries/admin/umc/icon' does not exist W: The config registry variable 'ucs/web/overview/entries/admin/umc/link' does not exist W: The config registry variable 'ucs/web/overview/entries/admin/umc/link/de' does not exist W: The config registry variable 'ucs/web/overview/entries/admin/umc/priority' does not exist W: The config registry variable 'ucs/web/overview/entries/admin/umc/label' does not exist W: The config registry variable 'ucs/web/overview/entries/admin/umc/label/de' does not exist W: The config registry variable 'ucs/web/overview/entries/admin/umc/description' does not exist W: The config registry variable 'ucs/web/overview/entries/admin/umc/description/de' does not exist E: object not found LDAP Error: No such object __ERR__: -en EXITCODE=3
Reported again: Version: 4.2-3 errata254 (Lesum)
Move to 4.3-0-errata. If a UCS 4.2 backport is needed, please clone this issue.
Reported again: Version: 4.3-0 errata22 (Neustadt) Ticket#2018042921000376
The one error I could reproduce is that joining a DC Backup via the UMC fails, because the saml idp metadata cannot be downloaded. The joinscript reloads apache2 before the metadata is downloaded. But in the UMC join module the reload of apache2 is diabled, which is why it fails. The direct join in the system setup wizard works because apache2 is excluded from the disable in setup-join.sh (/usr/share/univention-updater/disable-apache2-umc --exclude-apache) I added the --exclude-apache option to join/__init__.py 7175697 Bug #42986: enable restart of apache in umc join process 8bf1c87 Bug #42986: Debian changelog a959a6a Bug #42986: YAML - add entry ce74efe Bug #42986: YAML - update version Version: 10.0.0-10A~4.3.0.201805092035 Branch: ucs_4.3-0 There may be some tickets where the joinscript failed because of a different reason. For more information in the feedback in case of joinscript failures see Bug #42366.
Please also adjust the comment/log message as well Otherwise it looks good
(In reply to Jürn Brodersen from comment #34) > Please also adjust the comment/log message as well 2c2618b Bug #42986: Adjust commend and log message 7d690cd Bug #42986: Debian changelog 291e48b Bug #42986: YAML update version Package: univention-join Version: 10.0.0-12A~4.3.0.201805161625
What I tested: joined a backup through the umc -> no error -> OK YAML -> OK -> Verified The umc didn't like that I was still logged as root after the join. After a minute or so I got logged out automatically. I'm not sure what happened but I think that is a different problem.
<http://errata.software-univention.de/ucs/4.3/85.html>