[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

20031021: LDM - Redhat Linux 8.0 - ldmadmin start gives permission denied



Anthony,

> To: address@hidden
> From: "Anthony Koebele" <address@hidden>
> Subject: LDM - Redhat Linux 8.0 - ldmadmin start gives permission denied
> Organization: USGS
> Keywords: LDM ldmadmin firewall

The above message contained the following:

> Institution: USGS / 
> Package Version: 6.0.14
> Operating System: Redhat Linux 8.0
> Hardware Information: PC 500 MHZ 384 MG RAM
> Inquiry: I have receintly upgraded to 6.0.14 because of a permissions
> denied problem. Our issue has remained the same after the upgrade: We
> can receive data but we can't send data.
> If I run ldmadmin start as ldm my /var/log/messages log contains
> several permission denied messages.

What are the "permission denied" messages?

Would you please send me a long listing of the rpc.ldmd program, e.g.,

    (cd ~ldm/bin && ls -l rpc.ldmd)

> If I run ldmadmin start as root I no longer receive the permission
> denied messages, but can't send data.  /var/log/messages contains
> a new error: 
> 
> Oct 21 13:35:31 nt14dndbmk rpc.ldmd[3460]: local_portmapper_running():
> clnttcp_create() failure: : RPC: Remote system error - No route to host

The above indicates that the LDM main program (rpc.ldmd) couldn't
connect to the host on which it's running.  This is an odd (to say the
least!) but non-fatal condition.  You should probably bring this to the
attention of your system administrator.  I'd be happy to work with
them.

ASIDE: Why are LDM log-messages going into /var/log/messages instead of
the LDM-specific logfile (logs/ldmd.log)?

> The server I am sending data to can't ldmping me, however I can
> ldmping them.

If a downstream LDM can't ldmping(1) its upstream LDM, then it can't
request any data and will never receive any.

> The /usr/bin/rpcinfo -p doesn't show port 388 being utilized.
> 
> We are using a firewall with port 388 open.

This is the problem.  If an upstream LDM is protected by a firewall,
then it MUST listen on the well-known LDM port (388) for connections by
downstream LDM-s.

If the LDM main program (rpc.ldmd) is owned by root and has the
set-uid-owner bit enabled, then it should be able to obtain port 388
from the operating system.  If the OS is disallowing this, then you have
a severe problem and should bring it to the attention of your system
administrator or computer vendor.

Rita Edwards <address@hidden> is having a very similar
problem.  Her LDM isn't listening on port 388 either.  Consequently,
Carl Sinclair's <address@hidden> LDM can't get any data from her's.
I've taken the liberty of adding them to this exchange.

Please send me the requested information.

Regards,
Steve Emmerson
LDM Developer