Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - Daniel Joven

Pages: 1 [2] 3
I have two Zentyals, one upgraded fine, the other just hangs here

Code: [Select]
Setting up zentyal (7.0.0ubuntu1) ...
Setting up zentyal-firewall (7.0.0) ...
 * Restarting Zentyal module: firewall
Setting up zentyal-dns (7.0.2) ...
Installing new version of config file /etc/bind/db.root ...

Try to locate the process with the command 'lslocks | grep dns', kill it 'kill -9 id_process' and then, repair the packages using 'dpkg --configure -a'.

Installation and Upgrades / Re: Problems with Upgrading to 7
« on: May 31, 2021, 02:33:52 pm »

Is your Zentyal server up-to-date?

You can try to upgrade your Zentyal server using the CLI, below you have the link to the documentation.


Installation and Upgrades / Re: can't log in Webadmin
« on: May 28, 2021, 12:17:53 pm »
Hi guys,

We are doing tests in different environments and we couldn't reproduce this issue yet. Could you please send me a private message and provide me the following information?

* Was the Zentyal server 7.0 upgraded from 6.2?
* Which 'domains' do you have enabled in the log module?
* Which version of the Zentyal modules are you using (dpkg -l | grep 'zentyal' )?
* Can you attach me the following log files? We would like to analyze those log files in order to see any trace that help us to identify the issue.
   * /var/log/zentyal/zentyal.log
   * /var/log/zentyal/error.log
   * /var/log/zentyal/uwsgi.log
   * /var/log/syslog
   * /var/log/mysql/error.log

     NOTE1: Ensure that the log files are from the day that you got the issue.
     NOTE2: Tell us the day where you got the issue.

Thank you for your feedback.

Best regards, Daniel Joven.

Installation and Upgrades / Re: can't log in Webadmin
« on: May 21, 2021, 05:48:51 pm »
Hi Denis,

Can you please provide us more details?

* Which Zentyal version are you using?

* Is the service 'mysql' running correctly?
Code: [Select]
sudo systemctl status mysql

* Do you see any error in the following log files?
  • /var/log/mysql/error.log
  • /var/log/syslog

Best regards, Daniel Joven.


The error that you are getting is:

Code: [Select]
./ line 54: checkBrokenPackages: command not found

Basically, the function 'postUpgradeProcedure' doesn't recognize the other function 'checkBrokenPackages'. So, make sure that this last function is present in your script.

Best regards, Daniel Joven.

Hi guys,

There is an open issue in Github related to this DNS resolution issue, you can check it out here:


Solved but not quite solved.
After I made some updates that appeared after I modified the file as you said, after restarted the system, the file was re-written without the modification and I was forced to insert the parameter again.

If you set that configuration parameter in the stub located at '/usr/share/zentyal/stubs/dns' and you lost it after restarting the DNS module, it is because you have another stub located at '/etc/zentyal/stubs/dns', and this directory has more priority than the other.

Moreover, in Dashboard, at Core version, is written 7.0.3 (available).
If I check from Software Management, the messages said that no updates are available.
If I check from CLI, same messages.

Code: [Select]
:~$ sudo apt-get update
Hit:1 focal InRelease
Hit:2 focal-updates InRelease
Hit:3 focal-backports InRelease
Hit:4 7.0 InRelease
Hit:5 focal InRelease
Hit:6 focal-security InRelease
Reading package lists... Done
:~$ sudo apt-get install zentyal-core
Reading package lists... Done
Building dependency tree
Reading state information... Done
zentyal-core is already the newest version (7.0.3).
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
:~$ sudo apt-get install zentyal-software
Reading package lists... Done
Building dependency tree
Reading state information... Done
zentyal-software is already the newest version (7.0.0).
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

I will check it as soon as I can and I let you know.

Best regards, Daniel Joven.

Hi grolon (Buenas tardes :D),

Probably, you will need to load the profile before fixing the packages. Please, try the following:

1. Unlink the disabled profile:

Code: [Select]
sudo unlink /etc/apparmor.d/disable/usr.sbin.dhcpd

2. Load the DHCP profile

Code: [Select]
apparmor_parser -r /etc/apparmor.d/usr.sbin.dhcpd

3. Check that it was correctly loaded:

Code: [Select]

The output that should be displayed:

Code: [Select]
apparmor module is loaded.
4 profiles are loaded.
4 profiles are in enforce mode.

4. Try one more time to repair the broken packages.

Best regards, Daniel Joven.


The cause of the error is that the DHCP profile doesn't exist. Confirm that the profile '/etc/apparmor.d/usr.sbin.dhcpd' doesn't exists. If this is the case, do the following:

1. Create the profile '/etc/apparmor.d/usr.sbin.dhcpd' with the following content:

Code: [Select]
# vim:syntax=apparmor
# Last Modified: Mon Jan 25 11:06:45 2016
# Author: Jamie Strandboge <>

#include <tunables/global>

/usr/sbin/dhcpd {
  #include <abstractions/base>
  #include <abstractions/nameservice>
  #include <abstractions/ssl_keys>

  capability chown,
  capability net_bind_service,
  capability net_raw,
  capability setgid,
  capability setuid,

  network inet raw,
  network packet packet,
  network packet raw,

  @{PROC}/[0-9]*/net/dev r,
  @{PROC}/[0-9]*/net/{dev,if_inet6} r,
  owner @{PROC}/@{pid}/comm rw,
  owner @{PROC}/@{pid}/task/[0-9]*/comm rw,

  /etc/hosts.allow r,
  /etc/hosts.deny r,

  /etc/dhcp/ r,
  /etc/dhcp/** r,
  /etc/dhcpd{,6}.conf r,
  /etc/dhcpd{,6}_ldap.conf r,

  /usr/sbin/dhcpd mr,

  /var/lib/dhcp/dhcpd{,6}.leases* lrw,
  /var/log/ r,
  /var/log/** rw,
  /{,var/}run/{,dhcp-server/}dhcpd{,6}.pid rw,

  # isc-dhcp-server-ldap
  /etc/ldap/ldap.conf r,

  # LTSP. See:
  /etc/ltsp/ r,
  /etc/ltsp/** r,
  /etc/dhcpd{,6}-k12ltsp.conf r,
  /etc/dhcpd{,6}.leases* lrw,
  /ltsp/ r,
  /ltsp/** r,

  # Eucalyptus
  /{,var/}run/eucalyptus/net/ r,
  /{,var/}run/eucalyptus/net/** r,
  /{,var/}run/eucalyptus/net/*.pid lrw,
  /{,var/}run/eucalyptus/net/*.leases* lrw,
  /{,var/}run/eucalyptus/net/*.trace lrw,

  # wicd
  /var/lib/wicd/* r,

  # access to bind9 keys for dynamic update
  # It's expected that users will generate one key per zone and have it
  # stored in both /etc/bind9 (for bind to access) and /etc/dhcp/ddns-keys
  # (for dhcpd to access).
  /etc/dhcp/ddns-keys/** r,

  # allow packages to re-use dhcpd and provide their own specific directories
  #include <dhcpd.d>

  # Site-specific additions and overrides. See local/README for details.
  #include <local/usr.sbin.dhcpd>

2. Set the right permission to the file:

Code: [Select]
sudo chmod 0644 /etc/apparmor.d/usr.sbin.dhcpd
sudo root:root /etc/apparmor.d/usr.sbin.dhcpd

3. Unlink the disabled profile:

Code: [Select]
sudo unlink /etc/apparmor.d/disable/usr.sbin.dhcpd

3. Try to fix the broken packages again:

Code: [Select]
sudo dpkg --configure -a

Best regards, Daniel Joven.

Installation and Upgrades / Re: error mail upgrade 6 to 7 version
« on: March 29, 2021, 06:49:39 pm »
Hi havacuban,

It seems that you have issue with the special mail user of your Domain Controller. Did you do anything to this user?

Aparently, you have at least two errors:

One error is: 'The request is a bind request to a user account that has been locked'. You can do the following to try to solve this error:

1. Check the name of the user.

Code: [Select]
samba-tool user list | grep 'zentyal-mail-'

2. Check if the user is locked:

ldbedit -Lv -u name_of_the_user | grep 'Account Flags'

NOTE: If it has the flag 'D' it means that it disabled

2.1 To unlock the user:

Code: [Select]
samba-tool user enable name_of_the_user

3. Restart the mail module and check if the error have disappeared.

And the other error is: 'he password fails to meet the criteria the server is configured to check'. Do you remember if you change his password? Please, take a look at the file '/var/lib/zentyal/conf/zentyal-mail-your_user_name.passwd' and check if the file was changed recently. In case it doesn't, you could try to set the same password to the user and restart again the Mail module.

Code: [Select]
smbpasswd name_of_the_user

Hope it helps.

Best regards, Daniel Joven.

Hi Deslack,

It seems that you upgraded the Zentyal 6.2 server using an old version of zentyal-core package (6.2.9 is the latest version).

The error that you are getting is caused because the default certificate key size was 1024 in Ubuntu 18.04 and it is too small in the current version. Below you have the link of the script that upgrades the Zentyal 6.2 to 7.0, in the line '243' you have the commands that you need to run to fix your issue.


Also, I recommend you to check if you need to run the rest of the command within the function 'postUpgradeProcedure'.

Best regards, Daniel Joven.

Hi grolon,

The error is:

Code: [Select]
ln: failed to create symbolic link '/etc/apparmor.d/disable/usr.sbin.dhcpd': File exists

Try to unlink/move/remove that file.

Then, fix the broken packages with the following command:

Code: [Select]
sudo dpkg --configure -a

NOTE: Sometimes, the above command must be executed a few times.

Best regards, Daniel Joven.

Hi Gabriel and thank you for your feedback,

I could reproduce the error and it seems to be related to DNSSEC. Please, add the following parameter below the option 'auth-nxdomain' in the stub '/usr/share/zentyal/stubs/dns/named.conf.options.mas':

Code: [Select]
dnssec-validation yes;

Then, restart the DNS module:

sudo zs dns restart

Finally, check the DNS resolution.

Best regards, Daniel Joven.

Installation and Upgrades / Re: error proxy upgrade 6.2 to 7
« on: March 29, 2021, 12:42:33 pm »

The command which thrown the error (is more a warning that an error) is almost at the end of the script. So, the critical functions of the upgrade were executed. Did you check the stability of the Zentyal server after the upgrade?

Also, could you please run the following commands and send me the output? I would like to see why you got the error.

Code: [Select]
sudo echo ${HOSTNAME}
sudo samba-tool group listmembers DnsAdmins 2> /dev/null | grep -i "dns-${HOSTNAME}"

Best regards, Daniel Joven.


Thanks for the information.  Just to be clear, I run the specified commands from the upgrade script on my main system, do a backup, then also run the scripts on the disaster recovery machine, then do the restore?  I'll give this a try over the weekend.

Yes, you have to run those commands in the Zentyal server 7.0 which was upgraded from 6.2 in order to be able to restore a configuration backup.


This issue is answered in the following post (reply 1 and 4):


Best regards, Daniel Joven.

Pages: 1 [2] 3