Problème LDAP sur nouvelle installation

PP44 · July 20, 2019, 12:22pm

Merci ! Mais malgré cela lors de la post-installation j’obtiens une erreur :

error: Domain already exist

Le problème viens de moi ?

Merci encore pour votre aide !

Aleks · July 20, 2019, 12:24pm

Tu as procédé comment pour ta postinstallation … tu as réinstallé le serveur avant ?

PP44 · July 20, 2019, 12:29pm

Non, j’installe un nouveau serveur chez un ami, première installation ici. Tout se passe bien jusque là, et arrivé à la postinstallation j’obtient :

Error when trying to inject ‘cn=admin,ou=sudo’ -> ‘{‘cn’: ‘admin’, ‘sudoCommand’: ‘ALL’, ‘sudoUser’: ‘admin’, ‘objectClass’: [‘sudoRole’, ‘top’], ‘sudoOption’: ‘!authenticate’, ‘sudoHost’: ‘ALL’}’ into ldap: Une erreur est survenue lors de l’opération LDAP

Error when trying to inject ‘cn=sftpusers,ou=groups’ -> ‘{‘objectClass’: [‘posixGroup’, ‘top’], ‘memberUid’: ‘admin’, ‘gidNumber’: ‘4002’, ‘cn’: ‘sftpusers’}’ into ldap: Une erreur est survenue lors de l’opération LDAP

Error when trying to inject ‘cn=admins,ou=groups’ -> ‘{‘objectClass’: [‘posixGroup’, ‘top’], ‘memberUid’: ‘admin’, ‘gidNumber’: ‘4001’, ‘cn’: ‘admins’}’ into ldap: Une erreur est survenue lors de l’opération LDAP

Error when trying to inject ‘ou=users’ -> ‘{‘objectClass’: [‘organizationalUnit’, ‘top’], ‘ou’: ‘users’}’ into ldap: Une erreur est survenue lors de l’opération LDAP

Error when trying to inject ‘ou=apps’ -> ‘{‘objectClass’: [‘organizationalUnit’, ‘top’], ‘ou’: ‘apps’}’ into ldap: Une erreur est survenue lors de l’opération LDAP

Error when trying to inject ‘ou=sudo’ -> ‘{‘objectClass’: [‘organizationalUnit’, ‘top’], ‘ou’: ‘sudo’}’ into ldap: Une erreur est survenue lors de l’opération LDAP

Error when trying to inject ‘ou=groups’ -> ‘{‘objectClass’: [‘organizationalUnit’, ‘top’], ‘ou’: ‘groups’}’ into ldap: Une erreur est survenue lors de l’opération LDAP

Error when trying to inject ‘ou=domains’ -> ‘{‘objectClass’: [‘organizationalUnit’, ‘top’], ‘ou’: ‘domains’}’ into ldap: Une erreur est survenue lors de l’opération LDAP

Success: LDAP hes been initialized
Success: The local certification authority has been created.

Error: domain already exists

Aleks · July 20, 2019, 12:31pm

Hmben il y a un soucis avec ton LDAP … qu’est-ce que raconte systemctl status slapd ?

PP44 · July 20, 2019, 12:37pm

Alors je fait une install par-dessus armbian, et si je fait yunohost systemctl status slapd, il me dit Error: Yunohost is not correctly install. Please execute 'yunohost tools postinstall'

Aleks · July 20, 2019, 12:38pm

Juste systemctl status slapd

PP44 · July 20, 2019, 12:48pm

root@tem0:~# systemctl status slapd

slapd.service - LSB: OpenLDAP standalone server (Lightweight Directory Access Protocol)
Loaded: loaded (/etc/init.d/slapd; generated; vendor preset: enabled)
Active: active (running) since Fri 2019-07-19 14:07:02 UTC; 22h ago
Docs: man:systemd-sysv-generator(8)
Process: 3882 ExecStop=/etc/init.d/slapd stop (code=exited, status=0/SUCCESS)
Process: 3889 ExecStart=/etc/init.d/slapd start (code=exited, status=0/SUCCESS)
Tasks: 4 (limit: 4915)
CGroup: /system.slice/slapd.service
`-3895 /usr/sbin/slapd -h ldap://127.0.0.1:389/ ldaps:/// ldapi:/// -g openldap -u openldap -F /etc/ldap/slapd.d

Jul 19 14:07:02 bananapim3 systemd[1]: Starting LSB: OpenLDAP standalone server (Lightweight Directory Access Protocol)…
Jul 19 14:07:02 bananapim3 slapd[3894]: @(#) $OpenLDAP: slapd (May 23 2018 04:25:19) $
Debian OpenLDAP Maintainers pkg-openldap-devel@lists.alioth.debian.org
Jul 19 14:07:02 bananapim3 slapd[3895]: slapd starting
Jul 19 14:07:02 bananapim3 slapd[3889]: Starting OpenLDAP: slapd.
Jul 19 14:07:02 bananapim3 systemd[1]: Started LSB: OpenLDAP standalone server (Lightweight Directory Access Protocol).

Aleks · July 20, 2019, 12:53pm

Et si tu le redémarre avec systemctl restart slapd puis relance la posinstall, est-ce que ça améliore la situation ?

Sinon éventuellement tu peux tenter ce script https://raw.githubusercontent.com/alexAubin/yunoScripts/master/resetPostinstall.sh

PP44 · July 20, 2019, 12:56pm

root@tem0:~# systemctl restart slapd
root@tem0:~# yunohost tools postinstall
Main domain: tem0.nohost.me
You are now about to define a new administration password. The password should be at least 8 characters - though it is good practice to use longer password (i.e. a passphrase) and/or to use various kind of characters (uppercase, lowercase, digits and special characters).
New administration password:
Confirm new administration password:
Info: Installing YunoHost…
Warning: Error when trying to inject ‘ou=domains’ -> ‘{‘objectClass’: [‘organizationalUnit’, ‘top’], ‘ou’: ‘domains’}’ into ldap: An error occurred during LDAP operation
Warning: Error when trying to inject ‘ou=groups’ -> ‘{‘objectClass’: [‘organizationalUnit’, ‘top’], ‘ou’: ‘groups’}’ into ldap: An error occurred during LDAP operation
Warning: Error when trying to inject ‘ou=sudo’ -> ‘{‘objectClass’: [‘organizationalUnit’, ‘top’], ‘ou’: ‘sudo’}’ into ldap: An error occurred during LDAP operation
Warning: Error when trying to inject ‘ou=apps’ -> ‘{‘objectClass’: [‘organizationalUnit’, ‘top’], ‘ou’: ‘apps’}’ into ldap: An error occurred during LDAP operation
Warning: Error when trying to inject ‘ou=users’ -> ‘{‘objectClass’: [‘organizationalUnit’, ‘top’], ‘ou’: ‘users’}’ into ldap: An error occurred during LDAP operation
Warning: Error when trying to inject ‘cn=admins,ou=groups’ -> ‘{‘objectClass’: [‘posixGroup’, ‘top’], ‘memberUid’: ‘admin’, ‘gidNumber’: ‘4001’, ‘cn’: ‘admins’}’ into ldap: An error occurred during LDAP operation
Warning: Error when trying to inject ‘cn=sftpusers,ou=groups’ -> ‘{‘objectClass’: [‘posixGroup’, ‘top’], ‘memberUid’: ‘admin’, ‘gidNumber’: ‘4002’, ‘cn’: ‘sftpusers’}’ into ldap: An error occurred during LDAP operation
Warning: Error when trying to inject ‘cn=admin,ou=sudo’ -> ‘{‘cn’: ‘admin’, ‘sudoCommand’: ‘ALL’, ‘sudoUser’: ‘admin’, ‘objectClass’: [‘sudoRole’, ‘top’], ‘sudoOption’: ‘!authenticate’, ‘sudoHost’: ‘ALL’}’ into ldap: An error occurred during LDAP operation
Success! LDAP has been initialized
Success! The local certification authority has been created.
Info: The operation ‘Postinstall your YunoHost server’ has failed! To get help, please share the full log of this operation using the command ‘yunohost log display 20190720-125536-tools_postinstall-tem0.nohost.me --share’
Error: Domain already exists

PP44 · July 20, 2019, 12:57pm

Du coup idem, mais je t’ai tout remis propre parce que du coup je suis passé en ssh et je peux faire des copier-coller c’est plus pratique !

Je vais jeter un oeil au script merci !

PP44 · July 20, 2019, 12:59pm

Et j’y connais rien désolé mais tu sais si je dois rentrer le script ligne par ligne ou est-ce que il y a un moyen de l’exécuter d’un coup ?

Aleks · July 20, 2019, 1:01pm

Tu peux faire :

curl https://raw.githubusercontent.com/alexAubin/yunoScripts/master/resetPostinstall.sh | bash

PP44 · July 20, 2019, 1:02pm

Parfait merci c’est exactement ce que je me demander si je pouvais faire !

PP44 · July 20, 2019, 1:05pm

Je te mets pas tout mais à la fin j’ai un test qui échoue. Je retente la postinstall malgré tout.

Initializing a local SSL certification authority …
(logs available in /tmp/yunohost-ssl-init)
Updating certificates in /etc/ssl/certs…
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d…
done.
config file testing succeeded
nginx: [emerg] SSL_CTX_use_PrivateKey_file(“/etc/yunohost/certs/yunohost.org/key.pem”) failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch)
nginx: configuration file /etc/nginx/nginx.conf test failed

PP44 · July 20, 2019, 1:10pm

Oui !!! Ca semble marcher !

Merci merci merci ! J’ai donc fait :

curl https://raw.githubusercontent.com/alexAubin/yunoScripts/master/resetPostinstall.sh | bash

Puis j’ai refais dans le doute :

systemctl restart slapd

Et enfin :

yunohost tools postinstall

PP44 · July 20, 2019, 1:11pm

Mais j’ai juste un dernier soucis du coup :

root@tem0:~# yunohost tools postinstall
Main domain: tem0.nohost.me
You are now about to define a new administration password. The password should be at least 8 characters - though it is good practice to use longer password (i.e. a passphrase) and/or to use various kind of characters (uppercase, lowercase, digits and special characters).
New administration password:
Confirm new administration password:
Info: Installing YunoHost…
Success! The configuration has been updated for category ‘nsswitch’
Success! The configuration has been updated for category ‘nslcd’
Success! LDAP has been initialized
Success! The configuration has been updated for category ‘ssl’
Success! The local certification authority has been created.
Info: The operation ‘Add ‘tem0.nohost.me’ domain into system configuration’ has failed! To get help, please share the full log of this operation using the command ‘yunohost log display 20190720-130754-domain_add-tem0.nohost.me --share’
Info: The operation ‘Postinstall your YunoHost server’ has failed! To get help, please share the full log of this operation using the command ‘yunohost log display 20190720-130742-tools_postinstall-tem0.nohost.me --share’
Error: You’ve already subscribed to a DynDNS domain
root@tem0:~#

Aleks · July 20, 2019, 1:12pm

Erf … a mon avis t’es parti pour refaire un tour de resetPostinstall.sh … mais avant/après ça, fait un :

rm -rf /etc/yunohost/dyndns/
rm /etc/cron.d/yunohost-dyndns

PP44 · July 20, 2019, 1:14pm

root@tem0:~# resetPostinstall.sh
Could not find the database of available applications, run update-command-not-found as root to fix this
resetPostinstall.sh: command not found

Aleks · July 20, 2019, 1:16pm

Je parlais de curl https://raw.githubusercontent.com/alexAubin/yunoScripts/master/resetPostinstall.sh | bash

anonyme18 · July 20, 2019, 1:17pm

Euh, celle-ci, si j’ai bien compris !