GAU after installing and remove Cups and Savapage

NethServer Version: 7.9.2009

Hello friends,
I have probably built the biggest accident to be assumed here.
I installed Cups and Savapage on my Nethserver DC and shortly after removed them from the system. In addition, I have thrown the components perl, poppler, ImageMagick and avahi tools from the system. with the result that now nothing works here. No DNS, no HTTP, no service, nothing works. I can access the server via SSH. But no longer via Cockpit. See picture. Who can help me to get the server running again without reinstallation?

Thanks in advance…

Uwe

Did you use console/ssh for install/remove packages?
If the answer is yes, would you share the commands you gave?

I did this via Putty.

yum remove poppler-utils
yum remove ImageMagick
yum remove avahi-tools

Then I restarted the server. And then the misfortune took its course…

Do you have any backup of your current status?
After this backup, i’d suggest
yum reinstall nethserver-cockpit
for a full reinstallation at least of the cockpit with all bells and whistles.

AFAIK, the information about nethserver configuration is “still there”, but i don’t know which signal-event should be triggered.

After regain access to Cockpit, considider to reinstall all “wanted modules” of your installation.

I am no certain of the result of my suggestions, so before act (except backup) consider other options before do something.

1 Like

Reinstalling Cockpit does not work. I think the server can no longer access the I-Net. Internally I can ping the server via the IP.


Check that route gives you the server gateway.
Check that dig answer you as intended.
Check if pinging outside the subnet works.
Did you already used network-recovery ? I am not suggesting to do that right now, only asking if already done.

Post the output of ifconfig please.
Do you have a recent backup?

(Don’t be that cocky :wink: )

1 Like

Hi pike,

here is the output of the above commands.

Did you already used network-recovery ?

No.

Yes, i have a backup of the machine.

Am I wrong assuming that it’s a no gateway configuration?
IMVHO currently your NethServer is relying to a DNS server that’s “not working” (stopped, unreachable, misconfigured, IDK)

This is the output of a working installation without NSDC.

[root@crippled ~]# dig

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.9 <<>>
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58702
;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;.                              IN      NS

;; ANSWER SECTION:
.                       85866   IN      NS      m.root-servers.net.
.                       85866   IN      NS      b.root-servers.net.
.                       85866   IN      NS      c.root-servers.net.
.                       85866   IN      NS      d.root-servers.net.
.                       85866   IN      NS      e.root-servers.net.
.                       85866   IN      NS      f.root-servers.net.
.                       85866   IN      NS      g.root-servers.net.
.                       85866   IN      NS      h.root-servers.net.
.                       85866   IN      NS      a.root-servers.net.
.                       85866   IN      NS      i.root-servers.net.
.                       85866   IN      NS      j.root-servers.net.
.                       85866   IN      NS      k.root-servers.net.
.                       85866   IN      NS      l.root-servers.net.

;; Query time: 10 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Feb 26 18:26:17 CET 2022
;; MSG SIZE  rcvd: 239

[root@crippled ~]#

and it rely on dnsmasq, which respond in this way for status

 systemctl status dnsmasq
● dnsmasq.service - DNS caching server.
   Loaded: loaded (/usr/lib/systemd/system/dnsmasq.service; enabled; vendor preset: disabled)
   Active: active (running) since Fri 2022-02-25 15:04:45 CET; 1 day 3h ago
 Main PID: 971 (dnsmasq)
   CGroup: /system.slice/dnsmasq.service
           └─971 /usr/sbin/dnsmasq -k

Feb 25 15:04:45 crippled.notur.biz systemd[1]: Started DNS caching server..
Feb 25 15:04:46 crippled.notur.biz dnsmasq[971]: started, version 2.76 cachesize 4000
Feb 25 15:04:46 crippled.notur.biz dnsmasq[971]: compile time options: IPv6 GNU-getopt DBus no-i18n IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth nettlehash no-DNSSEC loop-detect inotify
Feb 25 15:04:46 crippled.notur.biz dnsmasq-tftp[971]: TFTP root is /var/lib/tftpboot
Feb 25 15:04:46 crippled.notur.biz dnsmasq[971]: using nameserver 8.8.8.8#53
Feb 25 15:04:46 crippled.notur.biz dnsmasq[971]: read /etc/hosts - 2 addresses
[root@crippled ~]#

So with systemctl status dnsmasq should tell you if your dnsserver works.
The command signal-event nethserver-dnsmasq-save should save the configuration from the NethServer DB and apply it to dnsmasq but still don’t advise to use that yet.

You could look for the journal for finding… why dnsmasq won’t work.
My installation is structurally different from yours… mind that.

1 Like

Yes, you are right. The server lost the connection to the gateway (my firewall). I think this is one part of the problem.

Here is the output of systemctl status dnsmasq.

Screenshot 2022-02-26 184238

So dnsmasq don’t work.
Configuration should be into /etc/dnsmasq.conf, viewable via cat.
IDK where to find any “quit and dirty” dnsmasq configuration for having at least a resolver working.

/etc/dnsmasq.conf:

# ================= DO NOT MODIFY THIS FILE =================
# 
# Manual changes will be lost when this file is regenerated.
#
# Please read the developer's guide, which is available
# at NethServer official site: https://www.nethserver.org
#
# 
#
# 10base
#

# Set the domain for dnsmasq. this is optional, but if it is set, it
# does the following things.
# 1) Allows DHCP hosts to have fully qualified domain names, as long
#     as the domain part matches this setting.
# 2) Sets the "domain" DHCP option thereby potentially setting the
#    domain of all systems configured by DHCP
# 3) Provides the domain part for "expand-hosts" 
domain=xxx.xxx.de


#
# 20dns
#

# Never forward plain names (without a dot or domain part)
domain-needed

# Using private dns servers, forwarding requests


# Domain is automatically added to simple names in a hosts-file.
expand-hosts

cache-size=4000
#
# 25NameServers
#

# Don't read /etc/resolv.conf. Get upstream servers only from the
# command line or the dnsmasq configuration file.
no-resolv

# Specify IP address of upstream servers directly. Setting this flag
# does not suppress reading of /etc/resolv.conf, use "no-resolv" to do
# that.
server=192.168.154.254


# By  default,  dnsmasq  will  send queries to any of the upstream
# servers it knows about and tries to favour servers that are known
# to  be  up.  Uncommenting this forces dnsmasq to try each query
# with  each  server  strictly  in  the  order  they   appear   in
# /etc/resolv.conf
all-servers


#
# 30dhcp
#

# Enable the DHCP server. Addresses will be given out from the range
# <start-addr> to <end-addr> and from statically defined addresses
# given in dhcp-host options. 
# See db configuration getprop dnsmasq DhcpStatus

dhcp-range=set:br0,192.168.154.50,192.168.154.100,255.255.255.0,3
domain=ad.xxx.de,192.168.154.50,192.168.154.100
dhcp-option=tag:br0,option:router,192.168.154.254
dhcp-option=tag:br0,option:dns-server,192.168.154.1
dhcp-option=tag:br0,option:ntp-server,192.168.154.5
dhcp-option=tag:br0,option:tftp-server,192.168.154.1
dhcp-lease-max=51


# Should be set when dnsmasq is definitely the only DHCP server on a
# network.
dhcp-authoritative

# Read dhcp reservations from dhcp-hostsfile. 
# See dhcp-hosts option for more informations.
dhcp-hostsfile=/etc/dnsmasq-dhcp-hosts



#
# 35NetbiosNameServers
#
# disabled


#
# 40bind
#
except-interface=virbr0

#
# 50sssd -- the Samba Domain controller is
# the authoritative DNS for our realm/domain
# 
server=/ad.xxx.de/192.168.154.5


#
# 55DomainRedirection
#


#
# 80tftp
#
enable-tftp
tftp-root=/var/lib/tftpboot


#
# Create Domain wildcard for remote hosts
#

server=192.168.154.254
Do you recognize this ip address?
server=/ad.xxx.de/192.168.154.5
This seem NSDC to me…

Yes,

192.168.154.5 is NSDC. 192.168.154.254 is my firewall

You may change the nameserver in /etc/resolv.conf to the Google DNS to reach the web again:

nameserver 8.8.4.4

Reinstall missing core packages:

yum install @nethserver-iso

Reapply original resolv.conf settings:

signal-event nethserver-dnsmasq-update

If it still doesn’t work after above steps, could you please post the full output by executing

systemctl status dnsmasq -l

There’s a red line starting with “TFTP directory…”.

Maybe disabling tftp as a workaround?

config setprop dnsmasq tftp-status disabled
signal-event nethserver-dnsmasq-save

1 Like

@mrmarkuz keep showing off (with a reason) like someone who really knows Linux AND NethServer :smiley:

1 Like

Hi mrmarkuz

[root@dc01 ~]# signal-event nethserver-dnsmasq-update
-bash: signal-event: command not found

Did you try the steps? Did it install packages?

Does this work?

/usr/sbin/e-smith/signal-event nethserver-dnsmasq-update

Check PATH variable:

[root@testserver2 ~]# echo $PATH
/sbin/e-smith:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/opt/puppetlabs/bin:/root/bin

[root@dc01 ~]# systemctl status dnsmasq -l
● dnsmasq.service - DNS caching server.
Loaded: loaded (/usr/lib/systemd/system/dnsmasq.service; enabled; vendor pres et: disabled)
Active: active (running) since Sat 2022-02-26 21:39:35 CET; 8min ago
Main PID: 1422 (dnsmasq)
CGroup: /system.slice/dnsmasq.service
└─1422 /usr/sbin/dnsmasq -k

Feb 26 21:39:35 dc01.de systemd[1]: Started DNS caching server…
Feb 26 21:39:35 dc01.de dnsmasq[1422]: started, version 2.76 caches ize 4000
Feb 26 21:39:35 dc01.de dnsmasq[1422]: compile time options: IPv6 G NU-getopt DBus no-i18n IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth nettl ehash no-DNSSEC loop-detect inotify
Feb 26 21:39:35 dc01.de dnsmasq-dhcp[1422]: DHCP, IP range 192.168. 154.50 – 192.168.154.100, lease time 2m
Feb 26 21:39:35 dc01.de dnsmasq-tftp[1422]: TFTP root is /var/lib/t pboot
Feb 26 21:39:35 dc01.de dnsmasq[1422]: using nameserver 192.168.154 .5#53 for domain ad.de
Feb 26 21:39:35 dc01.de dnsmasq[1422]: using nameserver 192.168.154 .254#53
Feb 26 21:39:35 dc01.de dnsmasq[1422]: read /etc/hosts - 5 addresse s
Feb 26 21:39:35 dc01.de dnsmasq-dhcp[1422]: read /etc/dnsmasq-dhcp- hosts
[root@dc01 ~]# ^C
[root@dc01 ~]# /usr/sbin/e-smith/signal-event nethserver-dnsmasq-update
[root@dc01 ~]#

Edit:

dnsmasq looks good now.

Can you start the services?

systemctl start httpd shorewall

What’s the status of the services?

systemctl status httpd shorewall -l

[root@dc01 ~]# systemctl start httpd shorewall
Job for shorewall.service failed because the control process exited with error c ode. See “systemctl status shorewall.service” and “journalctl -xe” for details.
Job for httpd.service failed because the control process exited with error code. See “systemctl status httpd.service” and “journalctl -xe” for details.

[root@dc01 ~]# systemctl status httpd shorewall -l
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/httpd.service.d
└─free_mutex.conf, quick_kill.conf
Active: failed (Result: exit-code) since Sat 2022-02-26 21:59:26 CET; 57s ago
Docs: man:httpd(8)
man:apachectl(8)
Process: 11447 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)
Process: 11441 ExecStartPre=/bin/bash -c ipcs -s | awk ‘$3==“apache” { print $2 }’ | xargs -r – ipcrm sem (code=exited, status=0/SUCCESS)
Main PID: 11447 (code=exited, status=1/FAILURE)

Feb 26 21:59:26 dc01.de systemd[1]: Starting The Apache HTTP Server…
Feb 26 21:59:26 dc01.de httpd[11447]: httpd: Syntax error on line 353 of /etc/httpd/conf/httpd.conf: Syntax error on line 14 of /etc/httpd/conf.d/zz_meshcentral.conf: Could not open configuration file /etc/httpd/conf.d/default-virtualhost.inc: No such file or directory
Feb 26 21:59:26 dc01.de systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE
Feb 26 21:59:26 dc01.de systemd[1]: Failed to start The Apache HTTP Server.
Feb 26 21:59:26 dc01.de systemd[1]: Unit httpd.service entered failed state.
Feb 26 21:59:26 dc01.de systemd[1]: httpd.service failed.

● shorewall.service - Shorewall IPv4 firewall
Loaded: loaded (/usr/lib/systemd/system/shorewall.service; disabled; vendor preset: disabled)
Drop-In: /usr/lib/systemd/system/shorewall.service.d
└─nethserver-firewall-base.conf
Active: failed (Result: exit-code) since Sat 2022-02-26 21:59:26 CET; 57s ago
Process: 11442 ExecStart=/usr/sbin/shorewall $OPTIONS start $STARTOPTIONS (code=exited, status=6)
Main PID: 11442 (code=exited, status=6)

Feb 26 21:59:26 dc01.de systemd[1]: Starting Shorewall IPv4 firewall…
Feb 26 21:59:26 dc01.de shorewall[11442]: ERROR: Shorewall startup is disabled. To enable startup, set STARTUP_ENABLED=Yes in /etc/shorewall/shorewall.conf
Feb 26 21:59:26 dc01.de systemd[1]: shorewall.service: main process exited, code=exited, status=6/NOTCONFIGURED
Feb 26 21:59:26 dc01.de systemd[1]: Failed to start Shorewall IPv4 firewall.
Feb 26 21:59:26 dc01.de systemd[1]: Unit shorewall.service entered failed state.
Feb 26 21:59:26 dc01.de systemd[1]: shorewall.service failed.