Author Topic: zentyal webadmin  (Read 291 times)

hshafi

  • Zen Apprentice
  • *
  • Posts: 8
  • Karma: +0/-0
    • View Profile
zentyal webadmin
« on: June 02, 2020, 01:25:51 pm »
I am using zentyal 6.0

have been working fine for a very long time.
However webadmin has stopped working last week. couldnt figure out how to:
can start from terminal by:

sudo zs webadmin start

but when checked again with

sudo zs webadmin status

it says stopped.

Need help!

scottdr

  • Zen Apprentice
  • *
  • Posts: 15
  • Karma: +4/-0
  • Zentyal community editions 6.2.0, 5.1.3 and 4.2.12
    • View Profile
Re: zentyal webadmin
« Reply #1 on: June 03, 2020, 11:35:09 am »
Can you check /var/log/zentyal/zentyal.log for any clues/errors?
Do you get any errors when doing the zs webadmin start?
For example :  * Restarting Zentyal module: webadmin                                                                                                                                                                                                      [fail]
Error loading class: EBox::SysInfo error: Global symbol "$lastVersion" requires explicit package name (did you forget to declare "my $lastVersion"?) at /usr/share/perl5/EBox/SysInfo.pm line 330.
BEGIN not safe after errors--compilation aborted at /usr/share/perl5/EBox/SysInfo.pm line 444.
Compilation failed in require at (eval 692) line 1.
BEGIN failed--compilation aborted at (eval 692) line 1.

hshafi

  • Zen Apprentice
  • *
  • Posts: 8
  • Karma: +0/-0
    • View Profile
Re: zentyal webadmin
« Reply #2 on: June 04, 2020, 07:33:11 am »
No there are no errors when i run

zs webadmin start

when I check with

zs webadmin status

it says [stopped]

scottdr

  • Zen Apprentice
  • *
  • Posts: 15
  • Karma: +4/-0
  • Zentyal community editions 6.2.0, 5.1.3 and 4.2.12
    • View Profile
Re: zentyal webadmin
« Reply #3 on: June 04, 2020, 12:00:02 pm »
You did not mention if there were any clues in the Zentyal log file /var/log/zentyal/zentyal.log. Please look at this log as soon as you do the zs webadmin restart command

The webadmin interface is served by nginx. if you run 'ps -ef |grep nginx' (without the ' quotes) you should see output like this below : -

root      13993      1  0 May27 ?        00:00:00 nginx: master process /usr/sbin/nginx -c /var/lib/zentyal/conf/nginx.conf
www-data  14001  13993  0 May27 ?        00:01:19 nginx: worker process
www-data  14002  13993  0 May27 ?        00:00:00 nginx: worker process
www-data  14003  13993  0 May27 ?        00:00:07 nginx: worker process
www-data  14004  13993  0 May27 ?        00:00:26 nginx: worker process

If you do see the above, can you send the contents of /var/lib/zentyal/conf/nginx.conf to check the settings?



hshafi

  • Zen Apprentice
  • *
  • Posts: 8
  • Karma: +0/-0
    • View Profile
Re: zentyal webadmin
« Reply #4 on: June 07, 2020, 06:46:44 pm »
Below is /var/lib/zentyal/conf/nginx.conf

user www-data;
worker_processes 4;
daemon off;
pid /var/lib/zentyal/tmp/nginx.pid;

events {
    worker_connections 768;
    # multi_accept on;
}

http {

    ##
    # Basic Settings
    ##

    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 65;
    types_hash_max_size 2048;
    server_tokens off;
    client_max_body_size 50m;

    server_names_hash_bucket_size 64;
    server_name_in_redirect off;

    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    error_log /var/log/zentyal/error.log;

    # log_format combined '$remote_addr - $remote_user  [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent"'
    # FIXME: This log format is missing %{forensic-id}n from Apache, is needed?

    ##
    # Gzip Settings
    ##

    gzip on;
    gzip_disable "msie6";

    gzip_vary on;
    gzip_proxied any;
    gzip_comp_level 6;
    gzip_buffers 16 8k;
    gzip_http_version 1.1;
    gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;

    map $ssl_client_s_dn $ssl_client_s_dn_o {
        default           "";
        ~/O=(?<O>[^/]+) $O;
    }

    map $ssl_client_s_dn $ssl_client_s_dn_cn {
        default           "";
        ~/CN=(?<CN>[^/]+) $CN;
    }

    map $ssl_client_i_dn $ssl_client_i_dn_o {
        default           "";
        ~/O=(?<O>[^/]+) $O;
    }

    server {
        listen 8443;

        ssl on;
        ssl_certificate /var/lib/zentyal/conf/ssl/ssl.pem;
        ssl_certificate_key /var/lib/zentyal/conf/ssl/ssl.pem;

        ssl_session_timeout 5m;

        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers "SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK";
        ssl_prefer_server_ciphers on;

        access_log /var/log/zentyal/access.log;

        root /usr/share/zentyal/www;

        # First attempt to serve request as file, then
        # as directory, then fall back to proxy.
        try_files $uri @proxy;

        error_page 502 /errors/502.html;
        location = /errors/502.html {
           root /usr/share/zentyal/www;
        }

        # To allow POST on static pages (needed for vncviewer in zentyal-virt)
        error_page 405 =200 $uri;

        location /data/ {


            root /usr/share/zentyal/www;
            rewrite  ^/data/(.*)$  /$1  break;
            return   403;
        }

        location /dynamic-data/ {


            root /var/lib/zentyal/dynamicwww/;
            rewrite  ^/dynamic-data/(.*)$  /$1  break;
            return   403;
        }



        include /var/lib/zentyal/conf/nginx-*.conf;

        location @proxy {
            uwsgi_pass unix:///run/zentyal-webadmin/webadmin.sock;

            uwsgi_read_timeout 180;

            uwsgi_param QUERY_STRING $query_string;
            uwsgi_param REQUEST_METHOD $request_method;
            uwsgi_param CONTENT_TYPE $content_type;
            uwsgi_param CONTENT_LENGTH $content_length;
            uwsgi_param REQUEST_URI $request_uri;
            uwsgi_param PATH_INFO $document_uri;
            uwsgi_param DOCUMENT_ROOT $document_root;
            uwsgi_param SERVER_PROTOCOL $server_protocol;
            uwsgi_param REMOTE_ADDR $remote_addr;
            uwsgi_param REMOTE_PORT $remote_port;
            uwsgi_param SERVER_ADDR $server_addr;
            uwsgi_param SERVER_PORT $server_port;
            uwsgi_param SERVER_NAME $server_name;
            uwsgi_param HTTP_X_FORWARDED_PROTO https;
        }
    }

}
« Last Edit: June 07, 2020, 06:49:33 pm by hshafi »

scottdr

  • Zen Apprentice
  • *
  • Posts: 15
  • Karma: +4/-0
  • Zentyal community editions 6.2.0, 5.1.3 and 4.2.12
    • View Profile
Re: zentyal webadmin
« Reply #5 on: June 07, 2020, 08:24:19 pm »
Dear hshafi,

That file looks OK. However, you have not answered any of the questions regarding if the process is running "nginx: master process /usr/sbin/nginx -c /var/lib/zentyal/conf/nginx.conf", or if there are any errors reported in /var/log/zentyal/zentyal.log (you could also check /var/log/zentyal/error.log.

Perhaps you could check to see if nginx is listening on the correct ports by running 'sudo lsof |grep 8443' (without the '), you should get an output similar to: -
nginx      13303              root    9u     IPv4              91944       0t0        TCP *:8443 (LISTEN)
nginx      13311          www-data    9u     IPv4              91944       0t0        TCP *:8443 (LISTEN)
nginx      13312          www-data    9u     IPv4              91944       0t0        TCP *:8443 (LISTEN)
nginx      13313          www-data    9u     IPv4              91944       0t0        TCP *:8443 (LISTEN)
nginx      13314          www-data    9u     IPv4              91944       0t0        TCP *:8443 (LISTEN)

If you do get these outputs then you should be able to get to the webadmin pages.

If you get no output, then nginx is not running. Check with  'sudo lsof' just to make sure that there are processes listening on your system

I hope this is of use to you. Please give some extra detail with your next response as it is hard to diagnose your issue without more information.

hshafi

  • Zen Apprentice
  • *
  • Posts: 8
  • Karma: +0/-0
    • View Profile
Re: zentyal webadmin
« Reply #6 on: June 07, 2020, 11:30:52 pm »
when I run:
sudo lsof |grep 8443
I get
sudo: lsof: command not found

Therefore I ran
ps -ef |grep nginx
This is the response
delta     1611  1519  0 02:23 pts/1    00:00:00 grep --color=auto nginx
root      2320     1  0 Jun06 ?        00:00:00 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
www-data  2321  2320  0 Jun06 ?        00:00:00 nginx: worker process
www-data  2322  2320  0 Jun06 ?        00:00:00 nginx: worker process
www-data  2323  2320  0 Jun06 ?        00:00:00 nginx: worker process
www-data  2324  2320  0 Jun06 ?        00:00:00 nginx: worker process

when I ran
sudo /usr/sbin/nginx -c /var/lib/zentyal/conf/nginx.conf
This is the response
nginx: [emerg] SSL_CTX_use_PrivateKey_file("/var/lib/zentyal/conf/ssl/ssl.pem") failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch)

So I assume something wrong with SSL or certificates!
what do you suggest?



doncamilo

  • Zen Samurai
  • ****
  • Posts: 392
  • Karma: +112/-1
    • View Profile
Re: zentyal webadmin
« Reply #7 on: June 08, 2020, 12:23:12 pm »
 :)

Did you change the default pem file? Please run these commands to check the modulus of the certificate and the private key:

Code: [Select]
openssl rsa -in /var/lib/zentyal/conf/ssl/ssl.pem -noout -modulus
openssl x509 -in /var/lib/zentyal/conf/ssl/ssl.pem -noout -modulus

The modulus should be equals.

Cheers!
"Tanta salud goces como bondad abrigues en tu corazón"

Don Camilo.

"That place... is strong with the
dark side of the Force.  A domain
of evil it is.  In you must go."

Yoda.

hshafi

  • Zen Apprentice
  • *
  • Posts: 8
  • Karma: +0/-0
    • View Profile
Re: zentyal webadmin
« Reply #8 on: June 08, 2020, 02:41:05 pm »
Ran these commands and check the moduls

openssl rsa -in /var/lib/zentyal/conf/ssl/ssl.pem -noout -modulus
openssl x509 -in /var/lib/zentyal/conf/ssl/ssl.pem -noout -modulus

The results were not the same

how to create new certificates and keys ? would that solve?

doncamilo

  • Zen Samurai
  • ****
  • Posts: 392
  • Karma: +112/-1
    • View Profile
Re: zentyal webadmin
« Reply #9 on: June 09, 2020, 02:57:31 pm »
"Tanta salud goces como bondad abrigues en tu corazón"

Don Camilo.

"That place... is strong with the
dark side of the Force.  A domain
of evil it is.  In you must go."

Yoda.

hshafi

  • Zen Apprentice
  • *
  • Posts: 8
  • Karma: +0/-0
    • View Profile
Re: zentyal webadmin
« Reply #10 on: June 09, 2020, 06:43:01 pm »
Thanks.

It worked. after creating new ssl certificates

scottdr

  • Zen Apprentice
  • *
  • Posts: 15
  • Karma: +4/-0
  • Zentyal community editions 6.2.0, 5.1.3 and 4.2.12
    • View Profile
Re: zentyal webadmin
« Reply #11 on: June 10, 2020, 10:33:40 am »
I'm glad you got it sorted. Sorry that I did not get back to you.