When you are logged on to the service node and run tabdump site, do you get the permission denied. Then try this on the SN and see if it works. export XCATBYPASS=y tabdump site
If you really want to start over look at this https://sourceforge.net/apps/mediawiki/xcat/index.php?title=Uninstalling_xCAT Lissa K. Valletta 2-3/T12 Poughkeepsie, NY 12601 (tie 293) 433-3102 From: [email protected] To: xCAT Users Mailing list <[email protected]> Date: 04/05/2012 10:28 AM Subject: Re: [xcat-user] error while installing xcat on aix SN: arz0006c:~ $ sudo stopsrc -s xcatd 0513-044 The xcatd Subsystem was requested to stop. $ ps -eaf |grep xcat ruxi003 5767190 3866734 1 16:16:47 pts/0 0:00 /opt/freeware/bin/grep --color=auto xcat $ sudo startsrc -s xcatd 0513-059 The xcatd Subsystem has been started. Subsystem PID is 5767204. $ ps -eaf |grep xcat ruxi003 5439604 3866734 0 16:17:23 pts/0 0:00 /opt/freeware/bin/grep --color=auto xcat root 5767204 3407990 76 16:17:21 - 0:00 xcatd: SSL listener root 5898294 5767204 120 16:17:21 - 0:00 perl /opt/xcat/sbin/xcatd -f root 6160636 5767204 2 16:17:22 - 0:00 xcatd: UDP listener root 7143466 5767204 2 16:17:22 - 0:00 xcatd: install monitor root 7602380 5767204 25 16:17:22 - 0:00 xcatd: DB Access $ ps -eaf |grep xcat ruxi003 4325580 3866734 1 16:17:28 pts/0 0:00 /opt/freeware/bin/grep --color=auto xcat root 5767204 3407990 2 16:17:21 - 0:00 xcatd: SSL listener root 6160636 5767204 0 16:17:22 - 0:00 xcatd: UDP listener root 7143466 5767204 0 16:17:22 - 0:00 xcatd: install monitor root 7602380 5767204 0 16:17:22 - 0:00 xcatd: DB Access $ ll /etc/xcat/ca/ca-cert.pem -rw------- 1 root system 1135 2012-04-03 18:22 /etc/xcat/ca/ca-cert.pem MN: $ ps -eaf |grep xcat root 10505 1 0 16:15 ? 00:00:00 xcatd: SSL listener root 10506 10505 0 16:15 ? 00:00:00 xcatd: DB Access root 10507 10505 0 16:15 ? 00:00:00 xcatd: UDP listener root 10508 10505 0 16:15 ? 00:00:00 xcatd: install monitor root 10524 8664 0 16:16 pts/5 00:00:00 grep --color=auto xcat $ sudo service xcatd stop Stopping xCATd done $ ps -eaf |grep xcat root 10556 8664 0 16:17 pts/5 00:00:00 grep --color=auto xcat $ sudo service xcatd start Starting xCATd in.tftpd: no process found done $ lsxcatd -a Version 2.7 (svn r11882, built Fri Mar 16 06:32:39 EDT 2012) This is a Management Node cfgloc=mysql:dbname=xcatdb;host=192.168.34.13|xcatadmin dbengine=mysql dbname=xcatdb dbhost=192.168.34.13 dbadmin=xcatadmin $ xdsh aixservice "/opt/xcat/sbin/tabdump site" arz0006c: Error: Permission denied for request Use of uninitialized value in concatenation (.) or string at /opt/xcat/sbin/xcatd line 2067. Request matched no policy rule: peername=, peerhost=loopback tabdump Use of uninitialized value in concatenation (.) or string at /opt/xcat/sbin/xcatd line 1740. Permission denied for request: peername=, peerhost=loopback,peerfqdn=loopback,peerport=32860 command= tabdump if nothing helps and i where to remove xCAT completely from MN and SN and start over, would i have to delete anything additional (directories etc.) after removing the RPMs? -- Mit freundlichen Grüßen / Best Regards Matthias Merk Lissa Valletta <[email protected]> schrieb am 05.04.2012 16:12:55: > Von: Lissa Valletta <[email protected]> > An: xCAT Users Mailing list <[email protected]> > Kopie: xCAT Users Mailing list <[email protected]> > Datum: 05.04.2012 16:13 > Betreff: Re: [xcat-user] error while installing xcat on aix > > xCAT is denying your request and the policy table wrong would have caused > that. You say it is still not working though. > Having the SN name in the policy table is really confusing me how the MN > got installed. Did you change them MN hostname after installing xCAT? > > Lets check a couple of things. > First service xcatd stop on both the MN and SN. > ps -ef | grep xCAT and make sure all processes are gone > service xcatd start on the MN and SN > > Give me an lsxcatd -a on the MN > lsxcatd -a on the SN > > On the SN > change 0600 ca-cert.pem > > /etc/xcat/ca/: > total 4 > -rw-r----- 1 root system 1135 2012-04-03 18:22 ca-cert.pem > > > See if this helps > > Lissa K. Valletta > 2-3/T12 > Poughkeepsie, NY 12601 > (tie 293) 433-3102 > > > > > > From: [email protected] > To: xCAT Users Mailing list <[email protected]> > Date: 04/05/2012 09:28 AM > Subject: Re: [xcat-user] error while installing xcat on aix > > > > sorry for the late reply. > > > these are the only files in /etc/xcat/{ca,cert} on the SN: > /etc/xcat/ca/: > total 4 > -rw-r----- 1 root system 1135 2012-04-03 18:22 ca-cert.pem > > /etc/xcat/cert: > total 12 > -rw------- 1 root system 1135 2012-04-03 18:24 ca.pem > -rw------- 1 root system 5831 2012-04-03 18:24 server-cred.pem > > times are ntp synchronized and are the same. > > the MN strangly had the SN hostname in the policy table at "1.2" > i'v corrected that to the MN's hostname (lrz0001c) > > tabdump policy > MN: > "1.2","lrz0001c",,,,,,"trusted",, > > MN: > $ grep "CN=" server-cred.pem > Issuer: CN=xCAT CA > Subject: CN=lrz0001c > > SN: > $ grep CN= server-cred.pem > Issuer: CN=xCAT CA > Subject: CN=lrz0001c > > and the mysql users: > mysql> select host, user from mysql.user; > +---------------+-----------+ > | host | user | > +---------------+-----------+ > | % | xcatadmin | > | 192.168.34.13 | xcatadmin | <- MN > | 192.168.34.17 | xcatadmin | <- SN > | arz0006c | xcatadmin | <- SN > | localhost | root | > +---------------+-----------+ > 5 rows in set (0.00 sec) > > > i tried a quick perl dbd script with a select query from the SN to the MN > and mysql seems to work fine. > can't find anything wrong - yet the permission is denied. > > lrz0001c $ xdsh aixservice "/opt/xcat/sbin/tabdump site" > arz0006c: Error: Permission denied for request > > -- > Mit freundlichen Grüßen / Best Regards > > Matthias Merk > > Lissa Valletta <[email protected]> schrieb am 03.04.2012 19:31:54: > > > Von: Lissa Valletta <[email protected]> > > An: xCAT Users Mailing list <[email protected]> > > Kopie: xCAT Users Mailing list <[email protected]> > > Datum: 03.04.2012 19:33 > > Betreff: Re: [xcat-user] error while installing xcat on aix > > > > A couple of things on the Service Node, the files you copied should be > the > > only ones in those directories. Because you installed it as a MN, make > > sure there are no others that were generated during the MN install. Make > > sure date on MN and SN are close. This looks like an xCAT SSL > credential > > problem. The peername is missing in the message below and that is > taken > > from the SSL server-cred.pem file. > > > > On the MN > > tabdump policy, you should have an entry like > > "1.2","hpcrhmn",,,,,,"trusted",, where hpcrhmn is you MN. > > > > On the MN, look in /etc/xcat/ca/server-cred.pem file at the line with > > CN=<management node name> should match what is in the trusted line of > the > > policy table. > > > > If you are using long hostnames, make sure your domain is in the domain > of > > the site table and make sure you have a long hostname in the policy > table. > > You can add another one like. > > "1.3","hpcrhmn.domain",,,,,,"trusted",, > > > > > > Then on the SN > > > > [root@rhsn cert]# ls > > ca.pem server-cred.pem > > > > [root@rhsn ca]# ls > > ca-cert.pem > > > > vi server-cred.pem > > > > Look for the following line, is that the name of your MN and the ip > address > > should be 192.168.34.13 > > Subject: CN=hpcrhmn (hpcrhmn is my MN) > > > > > > Also run this mysql command and make sure any name or ip address that > the > > SN might contact the Management Node is in the list (longnames, > > shortname,etc) > > > > mysql> SELECT host, user FROM mysql.user; > > +-----------+-----------+ > > | host | user | > > +-----------+-----------+ > > | % | xcatadmin | > > | 10.6.0.% | xcatadmin | > > | 10.6.0.1 | xcatadmin | > > | 127.0.0.1 | root | > > | hpcrhmn | | > > | hpcrhmn | root | > > | localhost | | > > | localhost | root | > > > > > > > > > > Lissa K. Valletta > > 2-3/T12 > > Poughkeepsie, NY 12601 > > (tie 293) 433-3102 > > > > > > > > > > > > From: [email protected] > > To: xCAT Users Mailing list <[email protected]> > > Date: 04/03/2012 12:55 PM > > Subject: Re: [xcat-user] error while installing xcat on aix > > > > > > > > ok. i removed the xCAT-2.7*rpm and put on the xCATsn-2.7* rpm. > > copied /etc/xcat/cfgloc from the mgmt node to service node (arz0006c) > > copied /etc/xcat/ca/ca-cert.pem /etc/xcat/cert/{ca,server-cred}.pem from > > the mgmt node to service node > > restarted xcatd > > lsxcatd -a output looks correct but tabdump site gets a permission > > denied. > > xdsh aixservice "/opt/xcat/bin/lsxcatd -a" > > arz0006c: Version 2.7 (svn r11843, built Tue Mar 13 21:50:46 EDT 2012) > > arz0006c: This is a Service Node > > arz0006c: cfgloc=mysql:dbname=xcatdb;host=192.168.34.13|xcatadmin > > arz0006c: dbengine=mysql > > arz0006c: dbname=xcatdb > > arz0006c: dbhost=192.168.34.13 > > arz0006c: dbadmin=xcatadmin > > > > $ xdsh aixservice "/opt/xcat/sbin/tabdump site" > > arz0006c: Error: Permission denied for request > > > > from the console of arz0006c: (service node) > > Request matched no policy rule: peername=, peerhost=loopback tabdump > > Use of uninitialized value in concatenation (.) or string at > > /opt/xcat/sbin/xcatd line 1740. > > Permission denied for request: peername=, > > peerhost=loopback,peerfqdn=loopback,peerport=32811 command= tabdump > > > > i thought it might be a mysql permission issue, but GRANTS look ok > > > > mysql> show grants for xcatadmin; > > > +---------------------------------------------------------------------------------------------------------- > > > + > > > > | Grants for xcatadmin@% | > > > +---------------------------------------------------------------------------------------------------------- > > > + > > > > | GRANT USAGE ON *.* TO 'xcatadmin'@'%' IDENTIFIED BY PASSWORD [...] | > > > +---------------------------------------------------------------------------------------------------------- > > > + > > > > 1 row in set (0.00 sec) > > > > mysql> show grants for [email protected]; > > > +---------------------------------------------------------------------------------------------------------------------- > > > + > > > > | Grants for [email protected] | > > > +---------------------------------------------------------------------------------------------------------------------- > > > + > > > > | GRANT USAGE ON *.* TO 'xcatadmin'@'192.168.34.17' IDENTIFIED BY > PASSWORD > > [...] | > > | GRANT ALL PRIVILEGES ON `xcatdb`.* TO 'xcatadmin'@'192.168.34.17' > > | > > > +---------------------------------------------------------------------------------------------------------------------- > > > + > > > > 2 rows in set (0.00 sec) > > > > any other place to set a permission? > > > > thanks > > > > -- > > Mit freundlichen Grüßen / Best Regards > > > > Matthias Merk > > > > Lissa Valletta <[email protected]> schrieb am 02.04.2012 17:41:54: > > > > > Von: Lissa Valletta <[email protected]> > > > An: xCAT Users Mailing list <[email protected]> > > > Kopie: xCAT Users Mailing list <[email protected]> > > > Datum: 02.04.2012 17:44 > > > Betreff: Re: [xcat-user] error while installing xcat on aix > > > > > > If you were installing AIX xcat on the service node you should not > have > > > used the instxcat script , that is only for the Management Node. > > > The Service Node uses the xCATsn* metapackage and the Management Node > > uses > > > the xCAT* metapackage. > > > YOu will need to remove the xCAT-2.7*rpm and put on the xCATsn-2.7* > rpm > > > > > > Lissa K. Valletta > > > 2-3/T12 > > > Poughkeepsie, NY 12601 > > > (tie 293) 433-3102 > > > > > > > > > > > > > > > > > > From: [email protected] > > > To: xCAT Users Mailing list <[email protected]> > > > Date: 04/02/2012 10:21 AM > > > Subject: [xcat-user] error while installing xcat on aix > > > > > > > > > > > > Hi > > > > > > the following error occured during xcat-core 2.7 installation on AIX > > > (6100-07-03-1207). > > > > > > 0513-059 The xcatd Subsystem has been started. Subsystem PID is > 3342558. > > > Command failed: /opt/xcat/sbin/makenetworks 2>&1. Error message: > > > Connection failure: IO::Socket::SSL: SSL connect attempt failed > because > > of > > > handshake problemserror:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 > > alert > > > unknown ca at /opt/xcat/lib/perl/xCAT/Client.pm line 159. > > > Unable to open socket connection to xcatd daemon on localhost:3001. > > > Verify that the xcatd daemon is running and that your SSL setup is > > > correct.. > > > > > > all rpms of dep-aix-201203220548 where installed previously. > > > any idea on how to fix this error? > > > > > > thanks > > > > > > here's the full log: > > > $ ./instxcat > > > perl-xCAT ################################################## > > > xCAT-client ################################################## > > > xCAT-server ################################################## > > > xCAT ################################################## > > > Generating new node hostkeys... > > > Generating SSH1 RSA Key... > > > Generating SSH2 RSA Key... > > > Generating SSH2 DSA Key... > > > Copied /root/.ssh/id_rsa.pub to > > /install/postscripts/_ssh/authorized_keys. > > > 0513-059 The conserver Subsystem has been started. Subsystem PID is > > > 4391066. > > > 0513-075 The new subsystem name is already on file. > > > restartxcatd invoked by root. > > > > > > 0513-059 The xcatd Subsystem has been started. Subsystem PID is > 3342558. > > > Command failed: /opt/xcat/sbin/makenetworks 2>&1. Error message: > > > Connection failure: IO::Socket::SSL: SSL connect attempt failed > because > > of > > > handshake problemserror:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 > > alert > > > unknown ca at /opt/xcat/lib/perl/xCAT/Client.pm line 159. > > > Unable to open socket connection to xcatd daemon on localhost:3001. > > > Verify that the xcatd daemon is running and that your SSL setup is > > > correct.. > > > > > > xCAT is now running. > > > xCAT-rmc ################################################## > > > Copying files to /install/postscripts directory... > > > restartxcatd invoked by root. > > > > > > 0513-044 The xcatd Subsystem was requested to stop. > > > 0513-059 The xcatd Subsystem has been started. Subsystem PID is > 5112010. > > > -- > > > Mit freundlichen Grüßen / Best Regards > > > > > > Matthias Merk > > > > > > > > > > > > > > > Von: Lissa Valletta <[email protected]> > > > An: xCAT Users Mailing list <[email protected]> > > > Kopie: XCAT Help <[email protected]> > > > Datum: 02.04.2012 13:39 > > > Betreff: Re: [xcat-user] error while loading OS > > > > > > > > > > > > Could you give us some background on what you are doing? > > > What level of xCAT are your running? > > > What OS and level are you using. > > > What type of hardware/ > > > What documentation did you follow to setup the MN and the nodes. > > > > > > I think a lsdef <nodename> might help. > > > > > > Lissa K. Valletta > > > 2-3/T12 > > > Poughkeepsie, NY 12601 > > > (tie 293) 433-3102 > > > > > > > > > > > > > > > > > > From: SYED ASIF ZAHEER <[email protected]> > > > To: XCAT Help <[email protected]> > > > Date: 04/02/2012 07:02 AM > > > Subject: [xcat-user] error while loading OS > > > > > > > > > > > > Hi, > > > > > > I'm trying to load an O/S on another machine on the network. > > > > > > After getting its IP address and loading xcat/nbk.x86 and > > xcat/nbfs.x86.gz > > > > > > I get pages full of > > > > > > cat: can't open '/tmp/dhcpserver': no such file or directory > > > grep: can't open '/tmp/destiny': no such file or directory > > > grep: can't open '/tmp/destiny': no such file or directory > > > > > > > > > > > > Regards > > > Syed Asif Zaheer > > > [email protected] > > > > > > > > > > > > ------------------------------------------------------------------------------ > > > > > > > > > > > > This SF email is sponsosred by: > > > Try Windows Azure free for 90 days Click Here > > > http://p.sf.net/sfu/sfd2d-msazure > > > _______________________________________________ > > > xCAT-user mailing list > > > [email protected] > > > https://lists.sourceforge.net/lists/listinfo/xcat-user > > > > > > > > > > > > > > > ------------------------------------------------------------------------------ > > > > > > > > > This SF email is sponsosred by: > > > Try Windows Azure free for 90 days Click Here > > > http://p.sf.net/sfu/sfd2d-msazure > > > _______________________________________________ > > > xCAT-user mailing list > > > [email protected] > > > https://lists.sourceforge.net/lists/listinfo/xcat-user > > > > > > > > > ---------------- > > > Disclaimer: > > > Diese Nachricht dient ausschließlich zu Informationszwecken und ist > nur > > > für den Gebrauch des angesprochenen Adressaten bestimmt. > > > > > > This message is only for informational purposes and is intended solely > > for > > > the use of the addressee. > > > ---------------- > > > > > > > > > ------------------------------------------------------------------------------ > > > > > > > > > This SF email is sponsosred by: > > > Try Windows Azure free for 90 days Click Here > > > http://p.sf.net/sfu/sfd2d-msazure > > > _______________________________________________ > > > xCAT-user mailing list > > > [email protected] > > > https://lists.sourceforge.net/lists/listinfo/xcat-user > > > > > > > > > > > > > > > > > > ------------------------------------------------------------------------------ > > > > > > This SF email is sponsosred by: > > > Try Windows Azure free for 90 days Click Here > > > http://p.sf.net/sfu/sfd2d-msazure > > > _______________________________________________ > > > xCAT-user mailing list > > > [email protected] > > > https://lists.sourceforge.net/lists/listinfo/xcat-user > > > > ---------------- > > Disclaimer: > > Diese Nachricht dient ausschließlich zu Informationszwecken und ist nur > > für den Gebrauch des angesprochenen Adressaten bestimmt. > > > > This message is only for informational purposes and is intended solely > for > > the use of the addressee. > > ---------------- > > > > > ------------------------------------------------------------------------------ > > > > > Better than sec? Nothing is better than sec when it comes to > > monitoring Big Data applications. Try Boundary one-second > > resolution app monitoring today. Free. > > http://p.sf.net/sfu/Boundary-dev2dev > > _______________________________________________ > > xCAT-user mailing list > > [email protected] > > https://lists.sourceforge.net/lists/listinfo/xcat-user > > > > > > > > > > > ------------------------------------------------------------------------------ > > > Better than sec? Nothing is better than sec when it comes to > > monitoring Big Data applications. Try Boundary one-second > > resolution app monitoring today. Free. > > http://p.sf.net/sfu/Boundary-dev2dev > > _______________________________________________ > > xCAT-user mailing list > > [email protected] > > https://lists.sourceforge.net/lists/listinfo/xcat-user > > ---------------- > Disclaimer: > Diese Nachricht dient ausschließlich zu Informationszwecken und ist nur > für den Gebrauch des angesprochenen Adressaten bestimmt. > > This message is only for informational purposes and is intended solely for > the use of the addressee. > ---------------- > > ------------------------------------------------------------------------------ > > Better than sec? Nothing is better than sec when it comes to > monitoring Big Data applications. Try Boundary one-second > resolution app monitoring today. Free. > http://p.sf.net/sfu/Boundary-dev2dev > _______________________________________________ > xCAT-user mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/xcat-user > > > > > ------------------------------------------------------------------------------ > Better than sec? Nothing is better than sec when it comes to > monitoring Big Data applications. Try Boundary one-second > resolution app monitoring today. Free. > http://p.sf.net/sfu/Boundary-dev2dev > _______________________________________________ > xCAT-user mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/xcat-user ---------------- Disclaimer: Diese Nachricht dient ausschließlich zu Informationszwecken und ist nur für den Gebrauch des angesprochenen Adressaten bestimmt. This message is only for informational purposes and is intended solely for the use of the addressee. ---------------- ------------------------------------------------------------------------------ Better than sec? Nothing is better than sec when it comes to monitoring Big Data applications. Try Boundary one-second resolution app monitoring today. Free. http://p.sf.net/sfu/Boundary-dev2dev _______________________________________________ xCAT-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/xcat-user ------------------------------------------------------------------------------ Better than sec? Nothing is better than sec when it comes to monitoring Big Data applications. Try Boundary one-second resolution app monitoring today. Free. http://p.sf.net/sfu/Boundary-dev2dev _______________________________________________ xCAT-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/xcat-user
