I have a rpm package that adds a new firewall service and during install wants to enable this service. However this fails with "Error: INVALID_SERVICE":
$ dnf localinstall -y firewall-spec-test-0.0.1-1.fc35.x86_64.rpm
Last metadata expiration check: 1:29:06 ago on Fri 27 May 2022 01:20:48 CEST.
Dependencies resolved.
==============================================================================
Package Arch Version Repository Size
==============================================================================
Installing:
firewall-spec-test x86_64 0.0.1-1.fc35 #commandline 7.2 k
Transaction Summary
==============================================================================
Install 1 Package
Total size: 7.2 k
Installed size: 164
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : firewall-spec-test-0.0.1-1.fc35.x86_64 1/1
Running scriptlet: firewall-spec-test-0.0.1-1.fc35.x86_64 1/1
Error: INVALID_SERVICE: 'dummy' not among existing services
Verifying : firewall-spec-test-0.0.1-1.fc35.x86_64 1/1
Installed:
firewall-spec-test-0.0.1-1.fc35.x86_64
Complete!
The dummy.xml file is
<?xml version="1.0" encoding="utf-8"?>
<service>
<description>dummy service</description>
<short>dummy</short>
<port port="1234" protocol="udp"/>
</service>
and the spec file I have trimmed down to for testing is:
Name: firewall-spec-test
Version: 0.0.1
Release: 1%{?dist}
Summary: ...
License: GPLv3
URL: https://stackoverflow.com/q/...
Source0: dummy.xml
BuildRequires: systemd-rpm-macros
Requires: firewalld
%description
...
%prep
cp %{SOURCE0} .
%build
%install
mkdir -p ${RPM_BUILD_ROOT}%{_sysconfdir}/firewalld/services
cp -a dummy.xml ${RPM_BUILD_ROOT}%{_sysconfdir}/firewalld/services
# https://docs.fedoraproject.org/en-US/packaging-guidelines/Scriptlets/#_syntax
%post
if [ $1 == 1 ]
then
# First time install
firewall-cmd --permanent --zone=public --add-service=dummy
firewall-cmd --reload --quiet
fi
exit 0
%preun
if [ $1 == 0 ]
then
# Complete uninstall
firewall-cmd --permanent --zone=public --remove-service=dummy
firewall-cmd --reload --quiet
fi
exit 0
%files
%defattr(-,root,root,-)
%config(noreplace) %{_sysconfdir}/firewalld/services/*
%changelog
...
So how do I get firewall to use the new service?
So apparently firewalld needs an initial reload first in order for it to pick up the added service definition.
--- firewall-spec-test.spec.fail 2022-05-27 02:58:34.747351419 +0200
+++ firewall-spec-test.spec 2022-05-27 02:59:13.925280222 +0200
## -25,6 +25,7 ##
if [ $1 == 1 ]
then
# First time install
+ firewall-cmd --reload --quiet # In order for firewall-cmd to pick up the added service file
firewall-cmd --permanent --zone=public --add-service=dummy
firewall-cmd --reload --quiet
fi
Related
i'm currently developping a Django server where i need a database, Sqlite3 don't seem to handle well my need so i'm trying to use PostgreSQL instead. I'm devellopping on Windows but the server will run on a Linux system once development is done, so i'm trying to use WSL to fit the expected result.
wsl -l -v
NAME STATE VERSION
Ubuntu-22.04 Running 1
I also updated to WSL2, same issue.
My issue is that i can't start the database :
# sudo service postgresql start
No PostgreSQL clusters exist; see "man pg_createcluster"
What i've done so far :
sudo apt update
sudo apt upgrade
sudo apt install postgresql postgresql-contrib
// it s installed
> psql --version
psql (PostgreSQL) 14.2 (Ubuntu 14.2-1ubuntu1)
// no service currently running
> ps aux| grep postgres
root 583 0.0 0.0 15044 1280 tty3 S 08:42 0:00 grep --color=auto postgres
// no cluster ?!?
> sudo service postgresql start
No PostgreSQL clusters exist; see "man pg_createcluster"
// indeed no cluster are created by default
> pg_lsclusters
Ver Cluster Port Status Owner Data directory Log file
// but i can t create one
> pg_createcluster 14.2 main
Error: no initdb program for version 14.2 found
> sudo pg_createcluster 14 main
Creating new PostgreSQL cluster 14/main ...
/usr/lib/postgresql/14/bin/initdb -D /var/lib/postgresql/14/main --auth-local peer --auth-host scram-sha-256 --no-instructions
Can't exec "/usr/lib/postgresql/14/bin/initdb": Permission denied at /usr/bin/pg_createcluster line 86.
Error: Could not open /etc/postgresql/14/main/start.conf for writing: Permission denied
Can't exec "/bin/sh": Permission denied at /usr/bin/pg_createcluster line 617.
Error: initdb failed
I also tried : this stackoverflow link
> sudo service --status-all
// ...
[ - ] postgresql
// ...
> sudo ps aux | grep postgres
root 769 0.0 0.0 15044 1284 tty3 S 08:48 0:00 grep --color=auto postgres
I didn't really understand this link : Change some config file that i can't find
And this one that only proposed to reformat my disk.. Link
Following Mark's Link i was able to find a solution.
It seems that WSL2 is required
I tried 2 wsl distro :
Ubuntu-22.04 -> Didn't work even with the guide, maybe it would work on a fresh install.
Ubuntu 20.04.4 LTS -> fresh install worked
# Create the file repository configuration:
sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list'
# Import the repository signing key:
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
# Update the package lists:
sudo apt-get update
# Install the latest version of PostgreSQL.
# If you want a specific version, use 'postgresql-12' or similar instead of 'postgresql':
sudo apt-get -y install postgresql postgresql-contrib
I am installing Minikube on Ubuntu 16.04 LTS (instructions available below). It is working fine when I run each command manually. However, if I put these in a script file install.sh it will fail at the last step giving me an error:
Error
Starting VM...
E0710 20:42:00.618251 20443 start.go:168] Error starting host: Error getting state for host: getting connection: looking up domain: virError(Code=42, Domain=10, Message='Domain not found: no domain with matching name 'minikube'').
Retrying.
E0710 20:42:00.618595 20443 start.go:174] Error starting host: Error getting state for host: getting connection: looking up domain: virError(Code=42, Domain=10, Message='Domain not found: no domain with matching name 'minikube'')
================================================================================
An error has occurred. Would you like to opt in to sending anonymized crash
information to minikube to help prevent future errors?
To opt out of these messages, run the command:
minikube config set WantReportErrorPrompt false
================================================================================
Please enter your response [Y/n]:
Instructions
sudo apt-get -y update
sudo apt-get -y upgrade
#Make sure no prior copy of minikube exists.
sudo rm -rf .minikube/
#Install minikube. Make sure to check for latest version (e.g. current version is 0.28.0)
curl -Lo minikube https://storage.googleapis.com/minikube/releases/$MINIKUBE_VERSION/minikube-linux-amd64 && chmod +x minikube && sudo mv minikube /usr/local/bin/
#Install kvm2
curl -LO https://storage.googleapis.com/minikube/releases/latest/docker-machine-driver-kvm2 && chmod +x docker-machine-driver-kvm2 && sudo mv docker-machine-driver-kvm2 /usr/bin/
sudo apt install -y libvirt-bin qemu-kvm
sudo usermod -a -G libvirtd $(whoami)
#Check to ensure libvirtd service is running.
systemctl status libvirtd
minikube start --vm-driver kvm2
Also, when the script fails if I re-run the following command I get the minikube working fine. Just don't know why it fails originally when running within the script.
sudo rm -rf .minikube/
minikube start --vm-driver kvm2
If you're running this script not for the first time, sudo rm -rf .minikube/ will not be enough.
You should also run the below command:
minikube delete
And, just in case, add a shebang to the top of the script:
#!/bin/bash
I am using ubuntu 16.04 and I am newbie k8s.
I am following this official document. https://kubernetes.io/docs/setup/independent/install-kubeadm/
# apt-get update
# apt-get install -y docker.io
# apt-get update && apt-get install -y apt-transport-https
# curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
# cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb http://apt.kubernetes.io/ kubernetes-xenial main
EOF
# apt-get update
# apt-get install -y kubelet kubeadm kubectl
# docker info | grep -i cgroup
Cgroup Driver: cgroupfs
WARNING: No swap limit support
Here's no problem.
But in "Configure cgroup driver used by kubelet on Master Node" section,
in my 10-kubeadm.conf file,
there's no cgroup message so I can't use sed command.
sed -i "s/cgroup-driver=systemd/cgroup-driver=cgroupfs/g" /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
# cat /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
[Service]
Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf"
Environment="KUBELET_SYSTEM_PODS_ARGS=--pod-manifest-path=/etc/kubernetes/manifests --allow-privileged=true"
Environment="KUBELET_NETWORK_ARGS=--network-plugin=cni --cni-conf-dir=/etc/cni/net.d --cni-bin-dir=/opt/cni/bin"
Environment="KUBELET_DNS_ARGS=--cluster-dns=10.96.0.10 --cluster-domain=cluster.local"
Environment="KUBELET_AUTHZ_ARGS=--authorization-mode=Webhook --client-ca-file=/etc/kubernetes/pki/ca.crt"
Environment="KUBELET_CADVISOR_ARGS=--cadvisor-port=0"
Environment="KUBELET_CERTIFICATE_ARGS=--rotate-certificates=true --cert-dir=/var/lib/kubelet/pki"
ExecStart=
ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_SYSTEM_PODS_ARGS $KUBELET_NETWORK_ARGS $KUBELET_DNS_ARGS $KUBELET_AUTHZ_ARGS $KUBELET_CADVISOR_ARGS $KUBELET_CERTIFICATE_ARGS $KUBELET_EXTRA_ARGS
Should I add Environment="KUBELET_CGROUP_ARGS=--cgroup-driver=cgroupfs" line in the file?
No, you don't have to add that option to your configuration if you don't have it in the configuration file.
That is optional parameter. Just make sure that if it is exists, it is a same with Cgroup Driver of Docker.
I am trying to activate ceph osd by following command:
ceph-deploy osd prepare ceph-02:/dev/sdb
And found following error
[ceph-02][WARNIN] OSError: [Errno 2] No such file or directory: '/dev/sdb'
[ceph-02][ERROR ] RuntimeError: command returned non-zero exit status: 1
[ceph_deploy.osd][ERROR ] Failed to execute command: /usr/sbin/ceph-disk -v
prepare --cluster ceph --fs-type xfs -- /dev/sdb
[ceph_deploy][ERROR ] GenericError: Failed to create 1 OSDs
step 1 :
parted -s /dev/sdb mklabel gpt mkpart primary xfs 0% 100%
step 2:
reboot
step3:
mkfs.xfs /dev/vdb -f
ceph-deploy osd create --data /dev/sdb server-hostname
its worked i tested this command.
I have installed nginx-gridfs and followed https://github.com/mdirolf/nginx-gridfs.
Nginx installed successfully.
In nginx.conf file I have specified as below:
server{
location /gridfs/ {
gridfs my_app;
}
}
It throws an error gridfs is unknown directive.
Restarting nginx: nginx: [emerg] unknown directive "gridfs" in /etc/nginx/nginx.conf:69
nginx: configuration file /etc/nginx/nginx.conf test failed
Any one suggest solution.
Thanks,
Prasad.
While compiling nginx from its source code and then installing it using make install it gets installed in /usr/local/nginx instead of the /etc/nginx so the path and daemon created needs to be changed in the nginx scipt(which you have to create manually and link it since compiling from source code won't create its own).
I assume you've already installed nginx from its source code adding the gridfs module.
Now unfortunately, you can't start or stop the service of nginx using the script in /etc/init.d/nginx because installing from the source code won't create a script(if found in /etc/init.d/, then this script is previously generated while installing nginx using package manager)
Then check your nginx status. If it's running then use:
sudo kill `cat /usr/local/nginx/logs/nginx.pid`
then go ahead and create a script:
sudo nano /etc/init.d/nginx
Inside the bank file use this code snippet:
#! /bin/sh
### BEGIN INIT INFO
# Provides: nginx
# Required-Start: $all
# Required-Stop: $all
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: starts the nginx web server
# Description: starts nginx using start-stop-daemon
### END INIT INFO
#PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/nginx/sbin
#DAEMON=/usr/sbin/nginx
DAEMON=/usr/local/nginx/sbin/nginx
NAME=nginx
DESC=nginx
test -x $DAEMON || exit 0
# Include nginx defaults if available
if [ -f /etc/default/nginx ] ; then
. /etc/default/nginx
fi
set -e
. /lib/lsb/init-functions
case "$1" in
start)
echo -n "Starting $DESC: "
start-stop-daemon --start --quiet --pidfile /usr/local/nginx/logs/$NAME.pid \
--exec $DAEMON -- $DAEMON_OPTS || true
echo "$NAME."
;;
stop)
echo -n "Stopping $DESC: "
start-stop-daemon --stop --quiet --pidfile /usr/local/nginx/logs/$NAME.pid \
--exec $DAEMON || true
echo "$NAME."
;;
restart|force-reload)
echo -n "Restarting $DESC: "
start-stop-daemon --stop --quiet --pidfile \
/usr/local/nginx/logs/$NAME.pid --exec $DAEMON || true
sleep 1
start-stop-daemon --start --quiet --pidfile \
/usr/local/nginx/logs/$NAME.pid --exec $DAEMON -- $DAEMON_OPTS || true
echo "$NAME."
;;
reload)
echo -n "Reloading $DESC configuration: "
start-stop-daemon --stop --signal HUP --quiet --pidfile /usr/local/nginx/logs/$NAME.pid \
--exec $DAEMON || true
echo "$NAME."
;;
status)
status_of_proc -p /usr/local/nginx/logs/$NAME.pid "$DAEMON" nginx && exit 0 || exit $?
;;
*)
N=/etc/init.d/$NAME
echo "Usage: $N {start|stop|restart|reload|force-reload|status}" >&2
exit 1
;;
esac
exit 0
Then make the file executable:
sudo chmod +x /etc/init.d/nginx
Now add the script to the default run levels:
sudo /usr/sbin/update-rc.d -f nginx defaults
That's it. You are done! You can now use the script to start, stop and restart nginx:
sudo /etc/init.d/nginx start
sudo /etc/init.d/nginx stop
sudo /etc/init.d/nginx restart
Follow this link if you need more help: 1
At the bottom of the page you'll find the link to create the nginx script manually.