On this slapd issue: if I stop the service (to avoid perpetual auto-restarts), and run by hand as root slapd -d 16383
(debug mode), the process starts well, and answers various requests (but same LUA error).
Yet, YunoHost commands check for the service status, then try to restart it… and we fall again the failure loop…
EDIT: reverted my LDAP configuration (as changed above to put my main domain), and changed /etc/default/slapd
to empty SLAPD_USER
and SLAPD_GROUP
so that the service starts as root. The service starts OK. I could start yunohost app ssowatconf
(doesn’t output anything); /etc/ssowat/conf.json
is still well generated (was initially already there).
Yet I still have the same initial symptoms (500 errors and same nginx log).
- Another issue with regen-conf:
Résumé
# yunohost tools regen-conf -d -n
Attention : Le fichier de configuration '/etc/default/slapd' a été modifié manuellement et ne sera pas mis à jour
Attention : Le fichier de configuration '/etc/nginx/conf.d/yunohost_admin.conf' a été modifié manuellement et ne sera pas mis à jour
Attention : Le fichier de configuration '/etc/postfix/main.cf' a été modifié manuellement et ne sera pas mis à jour
Traceback (most recent call last):
File "/usr/lib/moulinette/yunohost/log.py", line 380, in func_wrapper
result = func(*args, **kwargs)
File "/usr/lib/moulinette/yunohost/regenconf.py", line 259, in regen_conf
_get_files_diff(system_path, pending_path, True) if with_diff else None
File "/usr/lib/moulinette/yunohost/regenconf.py", line 484, in _get_files_diff
orig_file = orig_file.readlines()
File "/usr/lib/python3.7/codecs.py", line 322, in decode
(result, consumed) = self._buffer_decode(data, self.errors, final)
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xfd in position 57: invalid start byte
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/bin/yunohost", line 72, in <module>
parser=parser
File "/usr/lib/moulinette/yunohost/__init__.py", line 25, in cli
ret = moulinette.cli(args, output_as=output_as, timeout=timeout, top_parser=parser)
File "/usr/lib/python3/dist-packages/moulinette/__init__.py", line 120, in cli
args, output_as=output_as, timeout=timeout
File "/usr/lib/python3/dist-packages/moulinette/interfaces/cli.py", line 502, in run
ret = self.actionsmap.process(args, timeout=timeout)
File "/usr/lib/python3/dist-packages/moulinette/actionsmap.py", line 600, in process
return func(**arguments)
File "/usr/lib/moulinette/yunohost/tools.py", line 404, in tools_regen_conf
return regen_conf(names, with_diff, force, dry_run, list_pending)
File "/usr/lib/moulinette/yunohost/log.py", line 382, in func_wrapper
operation_logger.error(e)
File "/usr/lib/moulinette/yunohost/log.py", line 628, in error
return self.close(error)
File "/usr/lib/moulinette/yunohost/log.py", line 640, in close
error.log_ref = self.name
File "/usr/lib/moulinette/yunohost/log.py", line 579, in name
name = [self.started_at.strftime("%Y%m%d-%H%M%S")]
AttributeError: 'NoneType' object has no attribute 'strftime'
- Another issue with ttrss: the systemd service fails, with the log
Could not open input file: /var/www/ttrss/update_daemon2.php
so again a rights problem
EDIT2: found out the source of problems 1 (ldap/portal) and 3 (ttrss): the ACL added in this commit are causing the trouble for slapd, metronome, nginx and ttrss.
I used setfacl -b
on /etc/yunohost /etc/ssowat and /var/www (and could also revert /etc/default/slapd
) and everything is back to normal.
So there is definitely an issue to dig there with that security fix (maybe only on my setup? LXC container on a QNAP NAS)…