[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[IDD #WNG-587616]: AMPS ldm feed
- Subject: [IDD #WNG-587616]: AMPS ldm feed
- Date: Wed, 23 Sep 2015 14:12:43 -0600
Hi Carol,
re:
> I added your machine in the ldmd.conf ALLOW section on
> aws.ssec.wisc.edu. That might help.
I am still getting denied messages when trying to access aws.ssec.wisc.edu:
/opt/antldm% notifyme -vl- -h aws.ssec.wisc.edu
Sep 23 19:55:46 notifyme[25471] NOTE: Starting Up: aws.ssec.wisc.edu:
20150923195546.327 TS_ENDT {{ANY, ".*"}}
Sep 23 19:55:46 notifyme[25471] NOTE: LDM-5 desired product-class:
20150923195546.327 TS_ENDT {{ANY, ".*"}}
Sep 23 19:55:46 notifyme[25471] INFO: Resolving aws.ssec.wisc.edu to
128.104.109.234 took 0.024142 seconds
Sep 23 19:55:46 notifyme[25471] ERROR: NOTIFYME(aws.ssec.wisc.edu): 7: Access
denied by remote server
^CSep 23 19:55:53 notifyme[25471] NOTE: exiting
Question:
- did you remember to restart the LDM after making changes to the LDM
configuration
file, ~ldm/etc/ldmd.conf?
re:
> Yes I have root access to both of machines of interest. If you could
> show me how to do the logging that would be great!
Here is what to check for:
1) make sure that SELINUX is set to either Permissive, or, preferably,
to disabled:
<as 'root'>
getenforce
If the output of 'getenforce' is Enforcing, this is likely your problem
as non-root processes are not being allowed to have the system logging
daemon write log files.
You can change the SELINUX setting by:
<as 'root'>
edit /etc/selinux/config
change:
SELINUX=enforcing
to:
SELINUX=disabled
You will then need to reboot the machine for the change to take effect.
If you decided that you do not want to disable SELINUX, you can set
it to Permissive. In this case, change 'disabled' to permissive'
in the SELINUX= line in /etc/selinux/config. You do not have to
reboot to make this change active; you can make the change using
'setenforce':
<as 'root'>
setenforce Permissive
After doing this, you should probably restart the system logging daemon:
service rsyslog restart
2) if logging is still not working, make sure that the 'ldmd' and 'hupsyslog'
executables have setuid root permissions set
This should look like:
% ls -alt bin/ldmd bin/hupsyslog
-rwsr-xr-x 1 root ustaff 115493 Jun 16 13:24 bin/ldmd*
-rwsr-xr-x 1 root ustaff 11207 Jun 16 13:24 bin/hupsyslog*
3) check /etc/rsyslog.conf (or, if your machine is running syslogd,
/etc/syslog.conf)
to see if the LDM installation process wrote LDM specific entries
The operative entries will be 'local0.none' writing to /var/log/messages and
'local0.*' writing to the LDM log file (e.g., /usr/local/ldm/logs/ldmd.log,
etc.).
4) if both 1), 2) and 3) are OK, then try to see if you can write to the LDM
log file:
<as 'ldm'>
logger -p local0.debug 'test of ldm logging'
5) if 4) works, then check to make sure that 'ldm' owns its log file
If 'root' owns the log file, you will need to stop the LDM, delete the
log file, create the log file as 'ldm', and then start the LDM
6) if logging still doesn't work (you can use the 'logger' invocation above
to check to see if 'ldm' can write its log file), then you likely have
to restart your system logging daemon
<as 'root'
service rsyslog restart
re:
> Thanks,
No worries.
Cheers,
Tom
--
****************************************************************************
Unidata User Support UCAR Unidata Program
(303) 497-8642 P.O. Box 3000
address@hidden Boulder, CO 80307
----------------------------------------------------------------------------
Unidata HomePage http://www.unidata.ucar.edu
****************************************************************************
Ticket Details
===================
Ticket ID: WNG-587616
Department: Support IDD
Priority: Normal
Status: Closed
