Migration trouble from SME 9.2

v7
migration

(Dan) #1

NethServer Version: 7.4

As I’ve mentioned earlier, I’m looking to possibly migrate my SME Server 9.2 installation to Neth. Yesterday, I tried the migration of a test server (following the rsync method at http://docs.nethserver.org/en/v7/migration.html), and I’m running into two problems: (1) passwords for the users don’t seem to work, and (2) I get a database error when I try to launch roundcube.

The origin was a clean installation of SME Server 9.2 with all updates installed. I updated the directory information, set password strength to none, created about a half dozen users with deliberately weak passwords (it’s testing–they’re just easier to type), and put some data into their home directories over SMB.

The destination system was installed from the Neth 7.3 ISO, then the updates installed to bring it to 7.4. Unchecked the strong password requirement. Installed (using the software center) backup, bandwidth monitor, email, file server, ftp server, instant messaging, MySQL, nextcloud, roundcube web mail, UPS support, and web server. Set local LDAP as the accounts provider.

I then ran the rsync-migrate script, which pulled over the data. Added more data, ran it again, repeat, it worked fine as far as I could tell. Then ran rsync-migrate -m to finalize the migration.

Checked the log for errors:
[root@neth2 ~]# grep -E '(FAIL|ERROR)' /var/log/messages Nov 10 12:56:13 localhost esmith::event[1238]: ERROR in /etc/e-smith/db/fwrules/migrate//issue5234.ns7: Program fragment delivered error <<Can't call method "get_all" on an undefined value at /etc/e-smith/db/fwrules/migrate//issue5234.ns7 line 33.>> at template line 1 Nov 10 12:56:13 localhost esmith::event[1238]: ERROR: Template processing failed for /: 1 fragment generated errors Nov 10 19:16:48 neth2 mysql.init: ERROR 1044 (42000) at line 22: Access denied for user 'root'@'localhost' to database 'information_schema' Nov 10 19:16:48 neth2 esmith::event[18692]: Loading information_schema.sql into mysql [FAILED] Nov 10 19:22:43 neth2 ntopng: 10/Nov/2017 19:22:43 [main.cpp:258] ERROR: Unable to store PID in file /var/run/ntopng/ntopng.pid Nov 10 19:22:43 neth2 ntopng: [main.cpp:258] ERROR: Unable to store PID in file /var/run/ntopng/ntopng.pid

I see that the users have come over–the usernames and full names are listed in the control panel. The LDAP directory information has updated (organization name, etc.). But when I try to connect to the users’ home directories over SMB, I can’t log in with the passwords I assigned on the origin system.

The second problem is that when I try to launch roundcube, I get this error:


(Stéphane de Labrusse) #2

for roundcube, the mysql database probably not present or in a failed attempt. It is not the first time I saw this.

You should look in /var/log/message to see the errors which occurred during the installation.

some clues:
mysqlshow (check the db exists)
verify that the mysql db is not empty
check the roundcube user password exists (in /var/lib/nethserver/secrets)

try to determine what is occurred before to blanck the installation, it could be nice to solve that


(Dan) #3

[root@neth2 ~]# mysqlshow +--------------------+ | Databases | +--------------------+ | information_schema | | horde | | mysql | | nextcloud | | performance_schema | | roundcubemail | | test | +--------------------+
MariaDB [roundcubemail]> show tables; +-------------------------+ | Tables_in_roundcubemail | +-------------------------+ | cache | | cache_index | | cache_messages | | cache_shared | | cache_thread | | contactgroupmembers | | contactgroups | | contacts | | dictionary | | identities | | searches | | session | | system | | users | +-------------------------+
/var/lib/nethserver/secrets/roundcubemail exists and consists of a 16-character random text string.

grep roundcube /var/log/messages doesn’t return anything of great interest:
Nov 10 08:45:26 neth2 pkgaction[9589]: install: @nethserver-backup, @nethserver-bandwidth, @nethserver-mail, @nethserver-file-server, @nethserver-ftp, @nethserver-messaging, @nethserver-mysql, @nethserver-nextcloud, @nethserver-roundcubemail, @nethserver-nut, @nethserver-web Nov 10 08:49:31 neth2 yum[9589]: Installed: roundcubemail-1.1.9-1.el7.noarch Nov 10 08:53:54 neth2 yum[9589]: Installed: nethserver-roundcubemail-1.2.8-1.ns7.noarch Nov 10 08:55:17 neth2 /etc/e-smith/events/nethserver-ntopng-update/S00initialize-default-databases[11139]: /var/lib/nethserver/db/configuration: OLD roundcubemail=(undefined) Nov 10 08:55:17 neth2 /etc/e-smith/events/nethserver-ntopng-update/S00initialize-default-databases[11139]: /var/lib/nethserver/db/configuration: NEW roundcubemail=configuration|PluginsList|managesieve,markasjunk|Server|localhost|access|public Nov 10 08:56:40 neth2 esmith::event[13084]: Event: nethserver-roundcubemail-update Nov 10 08:56:41 neth2 esmith::event[13084]: Action: /etc/e-smith/events/nethserver-roundcubemail-update/S00initialize-default-databases SUCCESS [0.41257] Nov 10 08:56:41 neth2 esmith::event[13084]: expanding /etc/httpd/conf.d/roundcubemail.conf Nov 10 08:56:41 neth2 esmith::event[13084]: expanding /etc/roundcubemail/config.inc.php Nov 10 08:56:41 neth2 esmith::event[13084]: GRANT ALL PRIVILEGES ONroundcubemail.* TO 'roundcubemail'@'localhost' IDENTIFIED BY '(password redacted)'; Nov 10 08:56:41 neth2 esmith::event[13084]: CREATE DATABASE IF NOT EXISTS roundcubemail DEFAULT CHARACTER SET = 'utf8'; Nov 10 08:56:42 neth2 esmith::event[13084]: Action: /etc/e-smith/events/nethserver-roundcubemail-update/S20nethserver-roundcubemail-conf SUCCESS [0.896869] Nov 10 08:56:42 neth2 esmith::event[13084]: Event: nethserver-roundcubemail-update SUCCESS Nov 10 09:16:42 neth2 esmith::event[15132]: Event: nethserver-roundcubemail-update Nov 10 09:16:42 neth2 esmith::event[15132]: Action: /etc/e-smith/events/nethserver-roundcubemail-update/S00initialize-default-databases SUCCESS [0.418463] Nov 10 09:16:42 neth2 esmith::event[15132]: expanding /etc/httpd/conf.d/roundcubemail.conf Nov 10 09:16:42 neth2 esmith::event[15132]: expanding /etc/roundcubemail/config.inc.php Nov 10 09:16:42 neth2 esmith::event[15132]: Action: /etc/e-smith/events/nethserver-roundcubemail-update/S20nethserver-roundcubemail-conf SUCCESS [0.161514] Nov 10 09:16:43 neth2 esmith::event[15132]: Event: nethserver-roundcubemail-update SUCCESS


(Stéphane de Labrusse) #4

nothing in /var/log/roundcubemail/ or /var/log/httpd/error


(Dan) #5

Ah, there it was:
[root@neth2 roundcubemail]# cat errors.log [11-Nov-2017 00:20:58 +0000]: <64kku65p> DB Error: SQLSTATE[28000] [1045] Access denied for user 'roundcubemail'@'localhost' (using password: YES) in /usr/share/roundcubemail/program/lib/Roundcube/rcube_db.php on line 177 (GET /webmail/) [11-Nov-2017 00:20:58 +0000]: <64kku65p> DB Error: SQLSTATE[28000] [1045] Access denied for user 'roundcubemail'@'localhost' (using password: YES) (GET /webmail/) [11-Nov-2017 00:21:08 +0000]: <64kku65p> DB Error: SQLSTATE[28000] [1045] Access denied for user 'roundcubemail'@'localhost' (using password: YES) in /usr/share/roundcubemail/program/lib/Roundcube/rcube_db.php on line 177 (GET /webmail/?_task=logout) [11-Nov-2017 00:21:08 +0000]: <64kku65p> DB Error: SQLSTATE[28000] [1045] Access denied for user 'roundcubemail'@'localhost' (using password: YES) (GET /webmail/?_task=logout) [11-Nov-2017 13:20:11 +0000]: <bsu856fl> DB Error: SQLSTATE[28000] [1045] Access denied for user 'roundcubemail'@'localhost' (using password: YES) in /usr/share/roundcubemail/program/lib/Roundcube/rcube_db.php on line 177 (GET /webmail/) [11-Nov-2017 13:20:11 +0000]: <bsu856fl> DB Error: SQLSTATE[28000] [1045] Access denied for user 'roundcubemail'@'localhost' (using password: YES) (GET /webmail/) [11-Nov-2017 13:39:08 +0000]: <bsu856fl> DB Error: SQLSTATE[28000] [1045] Access denied for user 'roundcubemail'@'localhost' (using password: YES) in /usr/share/roundcubemail/program/lib/Roundcube/rcube_db.php on line 177 (GET /webmail/) [11-Nov-2017 13:39:08 +0000]: <bsu856fl> DB Error: SQLSTATE[28000] [1045] Access denied for user 'roundcubemail'@'localhost' (using password: YES) (GET /webmail/)
The password that is in /var/lib/nethserver/secrets/roundcubemail does match the password that I redacted from the extract of /var/log/messages. It also appears to match the password in /etc/roundcubemail/config.inc.php. But manually reset this password in mysql, and now I’m able to reach roundcube. I’m also able to log in with a couple of my test users and the passwords I set up on the SME box, so whatever issues I was seeing with Samba were not system-wide.

Should I be able to log into the Neth server via SMB as any local user, and (at a minimum) have access to that user’s home folder? SME works this way.


(Stéphane de Labrusse) #6

could you find/remember the first password for roundcubemail, can we imagine that there was specific characters not valid for a password, I don’t know, something with ‘$’ for example

if you don’t install nethserver-dc (samba4) there is no authentication to samba. Once installed, then you need to authenticate the users (group based authentication, or others by specific acl).

you have home share

http://docs.nethserver.org/en/latest/shared_folder.html#home-share


(Dan) #7

The first one I see was in the excerpt from /var/log/messages I posted earler; IIRC, that’s when I initially installed roundcube. It’s 16 characters, alphanumeric–no special characters.

I think I’ve figured out what’s happening, though. When you do the migration, among the data that gets migrated are the MySQL databases from the source machine. That includes the database mysql, which includes (among other things) all the user permissions. So, when I installed roundcube using the software center, it created the database user. When I migrated the database from the SME server, that user got wiped out. I’ll bet that’s what’s going on with Nextcloud as well. ::goes and tests:: Yep, that was it.

So, an easy way to correct this is (or appears to be) to wait to install apps that use mysql databases until after the data is migrated. A little clunky, perhaps, but it should work. A nicer way might be if the rsync-migrate script could trigger appropriate events to reset the mysql passwords.

Ah, yes, now I see that in the docs. I’d read this before, I think, but thought of “shared folders” as something different from a user’s home folder. So I have to set up an Active Directory environment with a domain controller to be able to authenticate a handful of users? That seems unnecessarily complex (and, since the DC needs to run in a VM, unnecessarily resource-intensive).


(Stéphane de Labrusse) #8

ok, this could be easily documented

curiously, not. It is another (modern) approach, but now, all is container ! (nethserver-dc creates a container, not a vm)

Just go back some years ago, and take a look what charlie thought about virtualisation , it was something just complicated and complicating the solution :smiley:

nethserver-dc is just a (new) ldap solution, more than openldap, after that you might (or not) add nethserver-ibays which is the samba shared software.

Think ns, think modularity

Sorry I host a talk next saturday, I’m starting it


(Dan) #9

So, sounds like time for some more testing–gotta love VMs. Test plan now is to install and update Neth, then take a snapshot of that VM. Then set auth provider as local DC, install the UPS/email/web/etc (everything except roundcube and Nextcloud), do the migration, then install those last two.


(Dan) #10

All right, followed that test plan.

  • When installed after the migration, both Nextcloud and Roundcube worked just fine. Login pages loaded without error, and users are able to log in with their old passwords.
  • The weak password policy I’d set on the SME VM also migrated to the Neth VM.
  • When using AD, I was able to authenticate to SMB
  • User shares appear as user@domain.tld, rather than simply as user as they do with SME.
  • Within that share, there’s a home directory, which is also different compared to SME.

Neither of the latter two points is a problem as such, just noting the difference.


(Alessio Fattorini) #11

Mission accomplished?


(Dan) #12

This part of it, anyway.