Post-install error (LDAP) on Raspberry Pi

terzag · June 1, 2015, 1:59pm

I’ve installed Yunohost 2.2 on a Raspberry Pi B. After a few hiccups, I managed to login as root but I have a problem with the post-installation. I choose the main domain, enter the new admin password and then, I have this:

Installing YunoHost...
Generating a 2048 bit RSA private key
......................+++
...+++
writing new private key to '/usr/share/yunohost/yunohost-config/ssl/yunoCA/ca/cakey.pem'
-----
Updating certificates in /etc/ssl/certs... 0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d....done.
Error: An error occured. Please see the log for details.

I’m not sure where I can find the log to check what is failing.

kload · June 2, 2015, 6:11pm

Did you try it with the official image ?

https://yunohost.org/install_on_raspberry

terzag · June 2, 2015, 6:15pm

Yes. Any idea of which log is mentioned in the error message?

kload · June 2, 2015, 6:18pm

No, and I really don’t see where could it come from.

terzag · June 2, 2015, 7:59pm

Is there a list of the actions the “yunohost tools postinstall” performs? I guess it’s a script?

kload · June 2, 2015, 8:07pm

You can find it around here:

https://github.com/YunoHost/moulinette-yunohost/blob/unstable/lib/yunohost/tools.py#L208

tiemay · June 3, 2015, 4:17am

To find the log file, you could try running a search:

grep -RH "SEARCH TERM" /var/ /home/ /tmp/ 2>/dev/null

For a search term, you could try using parts of the error message, like maybe: "Running hooks in /etc/ca-certificates/update.d....done."

terzag · June 3, 2015, 7:16am

Thanks. Where can I find the tools.py script on a Yunohost install, so that I can add debug messages and see where it fails exactly?

kload · June 3, 2015, 8:05am

@terzag In /usr/lib/.moulinette/yunohost/tools.py

terzag · June 3, 2015, 8:50am

I guess it’s just a mistype but I found it in /usr/lib/moulinette/yunohost (not .moulinette).

So, the problem is not on the certificate generation but the LDAP settings. More specifically this command:

auth = init_authenticator(('ldap', 'default'),
                              { 'uri': "ldap://localhost:389",
                                'base_dn': "dc=yunohost,dc=org",
                                'user_rdn': "cn=admin" })

EDIT: also, not sure if it can help but if I try to access the Pi on a web browser through its local IP, I get an “ERR_CONNECTION_REFUSED” error. From the doc, I should be able to connect to do the post-installation from the browser… Maybe there’s a network issue that prevents accessing some ports and thus the LDAP setup can’t connect to port 389 and fails?

EDIT 2: I tried to reinstall again and I noticed the following error during boot:

Starting LDAP connection daemon: nslcd/usr/sbin/nslcd: error while loading shared libraries: /usr/lib/arm-linux-gnueabihf/libldap_r-2.4.so.2: invalid ELF header

@kload: Would it be an error like with Nginx that was compiled for ARMv7 where the Raspberry Pi B uses ARMv6 and thus LDAP doesn’t work and the post-installation script fails?

tiemay · June 9, 2015, 2:53am

Not sure if I should have made this a new topic, or post it here… I’m trying to install the latest yunohost rpi image on my RPi B+, but the rainbow splash screen hangs.

I tried the “boot_delay=1” thing with the existing config.txt file, which didn’t help.

I also tried reinstalling the old yunohost4rpi2.img, which installs fine, suggesting the issue isn’t broken hardware.

However if the coloured screen remains, it suggests the kernel.img file
is failing to boot. Try replacing it with a known good one.

I tried replacing the kernel.img with the one from the latest raspbian (2015-05-05), and it booted ok more or less. Soon after booting, it says something about a file system error on the root partition, it does something to fix it, then reboots. and the error doesn’t come up again. I also get these errors during boot:

[FAIL] Starting Metronome XMPP server: metronome failed!

[FAIL] Starting OpenLDAP: slapd faild!
postfix/trivial-rewrite[2941]: fatal: load_library_symbols: dlopen failure loading /usr/lib/postfix/dict_ldap.so: /usr/lib/arm-linux-gnueabihf/libldap_r-2.4.so.2: invalid ELF header

And during shutdown:

Stopping LDAP connection daemon: nslcd No nslcd found running; none killed.

At this point, another issue I came across is port 80 and 443 are closed, preventing the web based post installation. Though port 22 (ssh) is open, as well as:

25 (smtp)
53 (domain)
143 (imap)
465 (smtps)
587 (submission)
993 (imaps)
68 (dhcpc)
123 (ntp)
1812 (radius)
5353 (mdns)

and a bunch more in the thousands range.

So I just ssh in and do cli post installation:

# yunohost tools postinstall
Main domain: foo.nohost.me
New administration password: 
Confirm new administration password: 
Installing YunoHost...
Generating a 2048 bit RSA private key
...............................+++
.....................................................................................................................................................................................................+++
writing new private key to '/usr/share/yunohost/yunohost-config/ssl/yunoCA/ca/cakey.pem'
-----
Updating certificates in /etc/ssl/certs... 0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d....done.
Error: An error occured. Please see the log for details.

and now I run into the same error as @terzag

In regards to my kernel.img failing, maybe my image became corrupted during download, is there a checksum available for yunohost4rpi2.img? The hash I have is:

$ sha512sum ./yunohost4rpi2.img
eb321f55870e1bacf3be20de7e508d48e987a229199697d11946a4f316c8b1ca18c33e51130f022de92277afbf43f985c4e7b9e48c4bb5568c70adff5cecd629  yunohost4rpi2.img

Is anyone else getting the rainbow screen to?

terzag · June 9, 2015, 8:54am

I don’t have the problem of the rainbow splash screen. This might be an issue with the kernel and the Pi B+ specifically.

As for the rest, I have pretty much the same issues:

Filesystem mounted as read only on first boot because of errors. After reboot, it works. I assume it’s because the partition is resized and there are inconsistencies between the expected and real size, so the system wants to perform a fsck
Though I didn’t mention it, same problem with Metronome. i didn’t really pay attention to it because of the other, more important LDAP issue

terzag · June 9, 2015, 10:34am

@kload any idea why the libldap has an invalid ELF header?

ZeHiro · June 9, 2015, 10:58am

I wqsn’t able to boot on the yunohost4rpi2 image downloaded fom the site either.

guillermau · June 11, 2015, 11:38pm

Hello,

I have the same problem. I am looked for similar issue on the web, but nothing work so far.

Any progress from the community ?

papinova · June 12, 2015, 11:05pm

Hi all ! Exactly the same here on a RPi 2 B ;

Starting LDAP connection daemon fails
Ldap fails at post install
unable to connect with browser to local IP

Maybe a ISP’s modem/router issue ? I Don’t know…

tiemay >>> No rainbow screen problem for me, I found some “Stuck on the Rainbow Screen” threads on Google…

zohan · June 13, 2015, 11:23am

The problems I describe here in another thread with my VPS seem to be similar, LDAP connection daemon seems to fail. I tried to finish the postnatal via cli, but yunohost says that postnatal was already okay, so this did not help.