I am trying to install openldap on Amazon Linux and got the following error:
olcRootPW: value #0: <olcRootPW> can only be set when rootdn is under suffix
config error processing olcDatabase={1}monitor,cn=config: <olcRootPW> can only be set when rootdn is under suffix
slaptest: bad configuration file!
I also tried putting the olcRootPW in the olcDatabase={2}bdb.ldif file, but that just gives the same error. Any advise?
The message is quite clear. You can only set a password on the monitor database if the rootDN is under the suffix of the database. In other words the rootDN has to end with 'cn=monitor,cn=config'.
Try the to add it like below, in the file olcDatabase={2}hdb.ldif
olcSuffix: dc=my-domain,dc=com
olcRootDN: cn=manager,dc=my-domain,dc=com
olcRootPW: {SSHA}---password---
Related
I try to follow the Laradock getting started tutorial on windows: http://laradock.io/getting-started/
I have the following tools:
Docker version: 20.10.5, build 55c4c88
git version: 2.30.2.windows.1
Windows 10 20H2(19042.867)
I get stuck on the step when trying to start the: docker-compose up -d nginx mysql
Then I get these error:
ERROR: The Compose file '.\docker-compose.yml' is invalid because:
services.proxy.expose is invalid: should be of the format 'PORT[/PROTOCOL]'
services.proxy2.expose is invalid: should be of the format 'PORT[/PROTOCOL]'
services.proxy.ports contains an invalid type, it should be a number, or an object
services.proxy2.ports contains an invalid type, it should be a number, or an object
...
services.sqs.ports contains an invalid type, it should be a number, or an object
services.sqs.ports contains an invalid type, it should be a number, or an object
services.traefik.ports value [':', ':', ':'] has non-unique elements
Only change I done to the repo is to add the env file and this line:
# Point to the path of your applications code on your host
APP_CODE_PATH_HOST=../project-z/
I also created the folder project-z
I saw this text quote but didn´t understand it:
Depending on the host’s operating system you may need to change the
value given to COMPOSE_FILE. When you are running Laradock on Mac OS
the correct file separator to use is :. When running Laradock from a
Windows environment multiple files must be separated with ;.
But think it might be related to my issue and I need to update something to make it work on Windows.
Any idea what could be wrong? Since it almost out of the box I assume it´s something with my Windows environment
I found the solution directly after posted this question.
It was very easy I forgot to add the "." before env when created the file.
I found the solution here: https://github.com/laradock/laradock/issues/1437
I am trying to setup a network in the container (using Docker's libnetwork and libcontainer), but I keep running into this issue. As far as I can tell it's looking into some_app to get some sandbox information?
INFO[3808] No non-localhost DNS nameservers are left in resolv.conf. Using default external servers : [nameserver 8.8.8.8 nameserver 8.8.4.4]
INFO[3808] IPv6 enabled; Adding default IPv6 external servers : [nameserver 2001:4860:4860::8888 nameserver 2001:4860:4860::8844]
Error: unknown command "/var/run/docker/netns/582bd184e561" for "some_app"
Run 'some_app --help' for usage.
ERRO[3808] Resolver Setup/Start failed for container 6b81802576bd4f16aa117061f81b5c3e, "setup not done yet"
ERRO[3808] failed to add interface vethef0a693 to sandbox: failed in prefunc: failed to set namespace on link "vethef0a693": invalid argument
ERRO[3808] failed to add interface vethef0a693 to sandbox: failed in prefunc: failed to set namespace on link "vethef0a693": invalid argument
I was wondering if anyone could help me make sense of this and perhaps prevent it. Are these two separate errors?
Thank you
Here is the library I am trying to use
It took me a while to figure this out, but here goes:
Just like in Docker, libnetwork creates a veth interface pair. It then moves one end of the veth pair into the container namespace. During this process libnetwork tries to execute commands registered at runtime on the current instance of the binary (some_app in this case).
These commands do not exist on the external interface of some_app however. They are injected later using a library called reexec. For this to work, reexec needs to be initialized like this:
if reexec.Init() {
return
}
Also note that according to this thread libnetwork is currently not supported for applications outside of Docker.
NB: I discovered this by reading the source code, so I might be wrong but my issue went away after this.
I'm bootstrapping a node with a cookbook that worked fine with chef-client as of November, unfortunately the following code:
45: #Configure PostgreSQL cluster -- create pertinent databases, users, and groups based on uploaded, decrypted shell here-document.
47>> here_doc_name = Chef::EncryptedDataBagItem.load("database_configs", "tlcworx_#{node["tlcworx_db"]["environment"]}")["filename"]
48: here_doc_content = Chef::EncryptedDataBagItem.load("database_configs", "tlcworx_#{node["tlcworx_db"]["environment"]}")["content"]
49:
50: open("#{node["tlcworx_db"]["tmp_dir"]}/#{here_doc_name}", 'w') { |f| f.puts here_doc_content }
Has rendered up the following error that halts the bootstrap:
Chef::Exceptions::ValidationFailed: Option data_bag's value {"encrypted_data"=>"PffgOkpIpdoEJO8khrUOUQwqv2/vqrtzOf1U/z/a5xD4KqSH2/CkD1zHndzW\nwJL1\n", "iv"=>"d/kiiPRQWQoKBTU5WF8NPw==\n", "version"=>1, "cipher"=>"aes-256-cbc"} does not match regular expression /^[\-[:alnum:]_]+$/
Obviously, I'm supplying the same --secret-file as I did back then via knife CLI argument. Running knife data bag edit database_configs tlcworx_uat --secret-file /path/to/secret.pem decrypts the cookbook content appropriately, and doesn't error out. I've never seen this error before, and looking at other instances of this error I see they involve direct CLI operations in which the data bag in question is not named such as this instance. Again, this is only upon bootstrap when a server's chef-client is communicating with the remote chef-server.
I was hoping someone could provide some insight as to what could be causing the error. Chef client version is 12.7.2.
Thanks in advance for any help on the matter!
For the future, we're pretty sure this is a side effect of a bug with DataBagItem.to_hash mutating it's data. Will be fixed in the next release of Chef.
I am unable to load secrets from my encrypted data bag on Windows. I have copied the file to c:\chef\encrypted_data_bag_secret, which is the default path.
I first tried this:
credentials = Chef::EncryptedDataBagItem.load("system", "deploy")
This failed with this error:
10.0.1.20 [2014-09-12T19:51:45+00:00] FATAL: ArgumentError: No secret specified
to load_secret and no secret found at C:\chef\encrypted_data_bag_secret
I then attempted to specify it explicitly:
secret = Chef::EncryptedDataBagItem.load_secret("c:/chef/encrypted_data_bag_secret")
credentials = Chef::EncryptedDataBagItem.load("system", "deploy", secret)
This also failed:
10.0.1.20 [2014-09-12T19:53:18+00:00] FATAL: Errno::ENOENT: No such file or directory - file not found 'c:/chef/encrypted_data_bag_secret'
Finally, I tried specifying backslashes in case this didn't work:
secret = Chef::EncryptedDataBagItem.load_secret("c:\\chef\\encrypted_data_bag_secret")
credentials = Chef::EncryptedDataBagItem.load("system", "deploy", secret)
And that also failed:
10.0.1.20 [2014-09-12T19:54:49+00:00] FATAL: Errno::ENOENT: No such file or directory - file not found 'c:\chef\encrypted_data_bag_secret'
I've tried also editing the permissions so everyone can view the encrypted_data_bag_secret file but this had no effect. Surely there is something very obvious I'm missing here.
I am running chef-client as an administrator.
I created a text file to contain the secret over an RDP session, but forgot that the default in Windows Explorer is to not show the file extension. Once I renamed the file to have the correct name and extension, it started working as expected.
I read from SO (HTTP Error 503.2 - Service Unavailable. The serverRuntime#appConcurrentRequestLimit setting is being exceeded) and MSDN (http://technet.microsoft.com/en-us/library/dd425294(v=office.13).aspx) that I need to set AppConCurrentRequestLimit to a bigger number if the site is showing appconcurrentlimit exceeded error (which mine is like that).
However upon executing the command provided by MSDN, I got error
c:\Windows\System32\inetsrv>appcmd.exe set config /section:serverRuntime /appCon
currentRequestLimit:100000
ERROR ( message:Unknown attribute "appConcurrentRequestLimit". Replace with -?
for help. )
I try to search in google but seems no one having the same issue as mine.
I try to manually input in ASPNET.Config in XML but whatever I change the site does not seem to restart, even I put random error text in the config, my site still does not show error, is ASPNET.Config configuration being used, why there is no error even the configuration is intentionally made error?
It fails if you have additional sections such as ftpsection.
In order to edit the serverRuntime of the system.webserver section you should run:
cd %windir%\system32\inetsrv
appcmd.exe set config /section:system.webserver/serverRuntime /appConcurrentRequestLimit:100000