Remove dns entries only works from old servermanager

Support
1

On one of my nethservers I can’t remove dns entries from cockpit server manager, nothing happens, after the are you sure dialog, when I click on delete button. It works fine from the old manager though. What information can I provide to help debug this?

2

Sorry, but I couldn’t reproduce.

Please, write down all step-by-step actions to reproduce the issue.

I’m changing the category of the post to support until we can’t reproduce it.

3

I have setup multiple nethservers. This one, where dns records cannot be deleted, is only acting as AD DC so the bare minimum is installed, In Applications there is only UPS, Webserver and Restore Data. This server only has one network interface. I can create new dns entries, but not delete them.

Tried this on my other nethserver but cannot reproduce it on them. All systems are up to date.

4

If I can provide any logs please tell me and I will gladly share them. I would like to have this solved on my soon going production ad dc. On the other hand, as long as the old interface is around, I can live with it, but it would be nicer to have a clean solution. Thanks :slight_smile:

5

When deleting from cockpit (System -> DNS) is there any error on browser console or a jq command that can be copied to the terminal?
Ouptut of:

db hosts show

For instance to check if there’s any special character.

6

Unfortunatelly not, else I would have provided it. If you hit the red remove button, the windows stays just open and does not move or anything.

dh hosts show just lists all the dns entries. I would rather not like to post all of them here, but there is no special character.

7

Hey guys, any informations, I could share or any procedure I could follow to find out whats wrong here?

8

This problem is persisting. Any way I could solve this? I can workaround by deleting entries through old servermanager but would be glad to be able to fix it as I generally use cockpit for administration of my nethserver.

9

You said that you have the problem only on one NethServer, and nobody can reproduce the issue.
We asked for logs, you need to hide information, I understand.
On chrome, press F12 to open the console, then delete the dns entry and see what’s logged in the console. You will also find the command that has been run, you can type it in a terminal.
You will find two commands like below:

echo '{"name":"a.b.cd","action":"delete-host"}' | /usr/bin/sudo /usr/libexec/nethserver/api/nethserver-firewall-base/objects/validate | jq
echo '{"name":"a.b.cd"}' | /usr/bin/setsid /usr/bin/sudo /usr/libexec/nethserver/api/system-hosts/delete | jq

The second one is the real delete, but the first may fail too.

3 Likes
10

Hi Filippo, and thanks for your post. I have no problem trusting you, so if its worth, I can send you the output of db hosts show in a pm, but I’d rather not like to post it in an open forum.

I installed chrome, and opened a console. This is what I see when hitting the delete button:

API exec: nethserver-firewall-base/objects/validate$ echo ‘{“name”:“hostname.ourdomain.com”,“action”:“delete-host”}’ | /usr/bin/sudo /usr/libexec/nethserver/api/nethserver-firewall-base/objects/validate | jq
DNS.vue:531 B {problem: null, exit_status: 1, exit_signal: null, message: “/usr/bin/sudo exited with code 1”, toString: ƒ} “”
(anonymous) @ DNS.vue:531
(anonymous) @ nethserver.js:119
s @ cockpit.min.js:962
(anonymous) @ cockpit.min.js:974
n @ cockpit.min.js:880
setTimeout (async)
L @ cockpit.min.js:885
f @ cockpit.min.js:973
u @ cockpit.min.js:1003
e @ cockpit.min.js:1029
(anonymous) @ cockpit.min.js:2067
se @ cockpit.min.js:76
e @ cockpit.min.js:205
p @ cockpit.min.js:590
m @ cockpit.min.js:599
v @ cockpit.min.js:493
a.onmessage.o.dispatch_data @ cockpit.min.js:423
e @ cockpit.min.js:279
postMessage (async)
(anonymous) @ index.js:13
a.onmessage.o.dispatch_data @ cockpit.js:421
DNS.vue:537 SyntaxError: Unexpected end of JSON input
at JSON.parse ()
at DNS.vue:533
at Function. (nethserver.js:119)
at s (cockpit.min.js:962)
at cockpit.min.js:974
at n (cockpit.min.js:880)

When I try the following command in console:

echo ‘{“name”:“hostname.ourdomain.com”,“action”:“delete-host”}’ | /usr/bin/sudo /usr/libexec/nethserver/api/nethserver-firewall-base/objects/validate | jq

I get:

sudo: /usr/libexec/nethserver/api/nethserver-firewall-base/objects/validate: command not found

11

Your system is probably corrupted. You can restore the missing command with:

yum reinstall nethserver-firewall-base

but you may have other files lost or corrupted. It needs some previous experience to fix a system, you may do a disaster recovery restoring a backup on a newly installed system.

1 Like
12

Hi Filippo, and thanks for your reply.

This nethserver is serving as our domain controller and it has not much installed, just the following three applications: restore data, ups (just installed, not configured/used yet - maybe I will even remove ups to further reduce complexity) and webserver.

As the dc is a productive machine, I will take care before modyfing anything, meaning as it is a proxmox vm, I will do a snapshot/backup and will then try the reinstall you mentioned.

The system is backuped daily with duplicity. So you think it would be best, to create a new vm, reinstall nethserver and then restore from the duplicity backup? Would this restore everything, including the domain and all settings?

Is there a way to just re-install all installed packages - like yum reinstall nethserver-* or something?

As I do not see any other problems maybe its engough to just reinstall firewall-base as you proposed? I tried after having backuped the vm, but it says:

yum reinstall nethserver-firewall-base
Loaded plugins: changelog, fastestmirror, nethserver_events
No Match for argument: nethserver-firewall-base
Loading mirror speeds from cached hostfile

13

NethServer can’t work without the nethserver-firewall-base package installed, it’s mandatory.
This status reinforces my idea that the system is in bad shape. While it is possible to fix the system (experts* only) the safest option is to reinstall from scratch.

  • Experts on CentOS/RHEL is enough, experts on NethServer a plus, but it may be harder to hire one of them. :slight_smile:
1 Like
14

Well I never uninstalled this package. I only do updates and periodically a yum autoremove. Basically the only thing I have done is installing nethserver and creating ad-domain. All other services like fileserver, firewall… are on separate nethservers joined to this domain as member servers.

However - I have to fix this, and my boss surely is not willing hiring someone in this stage of the project. (But we convinced him, to buy subscriptions for all our 4 nethservers).

So what are my options? I need to conserve the domain as it is in production use.

As you say nethserver-firewall-base is needed - shouldn’t it be a dependency of something then? Is there a yum instruction to re-install all packages for a base-nethserver installation and/or to check the dependency tree to see why a yum update does not see the missing dependency of nethserver-firewall-base? Should I just install it by yum install instead of yum reinstall?

I can fire up a new vm and install nethserver from scratch, but how can I make sure that our active directory domain and all settings of this nethserver will be preserved on a new install? Will restoring the config from a backup do this? This domain has users configured with their shares on a separate nethserver, with email accounts on a third server and so on…

15

You could try to reinstall al required packages with:

yum install @nethserver-iso

Then paste here the summary output of yum.

1 Like
16

Hi giacomo, here is the output of it:

yum install @nethserver-iso
Loaded plugins: changelog, fastestmirror, nethserver_events
Loading mirror speeds from cached hostfile
epel/x86_64/metalink | 20 kB 00:00:00

  • ce-base: centos-distro.cavecreek.net
  • ce-extras: centos-distro.cavecreek.net
  • ce-sclo-rh: centos-distro.cavecreek.net
  • ce-sclo-sclo: centos-distro.cavecreek.net
  • ce-updates: centos-distro.cavecreek.net
  • epel: epel.mirrors.arminco.com
  • nethforge: nethserver.de-labrusse.fr
  • nethserver-base: nethserver.de-labrusse.fr
  • nethserver-updates: nethserver.de-labrusse.fr
    ce-base/7/x86_64/signature | 811 B 00:00:00
    ce-base/7/x86_64/signature | 3.6 kB 00:00:00 !!!
    ce-extras/7/x86_64/signature | 811 B 00:00:00
    ce-extras/7/x86_64/signature | 2.9 kB 00:00:00 !!!
    ce-sclo-rh | 3.0 kB 00:00:00
    ce-sclo-sclo | 3.0 kB 00:00:00
    ce-updates/7/x86_64/signature | 811 B 00:00:00
    ce-updates/7/x86_64/signature | 2.9 kB 00:00:00 !!!
    nethforge/7/x86_64/signature | 836 B 00:00:00
    nethforge/7/x86_64/signature | 3.6 kB 00:00:00 !!!
    nethserver-base/7/x86_64/signature | 836 B 00:00:00
    nethserver-base/7/x86_64/signature | 2.9 kB 00:00:00 !!!
    nethserver-updates/7/x86_64/signature | 836 B 00:00:00
    nethserver-updates/7/x86_64/signature | 3.6 kB 00:00:00 !!!
    Resolving Dependencies
    –> Running transaction check
    —> Package nethserver-firewall-base.noarch 0:3.10.1-1.ns7 will be installed
    –> Processing Dependency: shorewall >= 4.6 for package: nethserver-firewall-base-3.10.1-1.ns7.noarch
    –> Processing Dependency: rp-pppoe for package: nethserver-firewall-base-3.10.1-1.ns7.noarch
    –> Processing Dependency: nethserver-lsm for package: nethserver-firewall-base-3.10.1-1.ns7.noarch
    –> Processing Dependency: firehol for package: nethserver-firewall-base-3.10.1-1.ns7.noarch
    –> Processing Dependency: dialog for package: nethserver-firewall-base-3.10.1-1.ns7.noarch
    –> Running transaction check
    —> Package dialog.x86_64 0:1.2-5.20130523.el7 will be installed
    —> Package firehol.noarch 0:3.1.5-1.el7.centos will be installed
    —> Package nethserver-lsm.noarch 0:1.2.3-1.ns7 will be installed
    –> Processing Dependency: lsm for package: nethserver-lsm-1.2.3-1.ns7.noarch
    —> Package rp-pppoe.x86_64 0:3.11-7.el7 will be installed
    –> Processing Dependency: ppp >= 2.4.2 for package: rp-pppoe-3.11-7.el7.x86_64
    —> Package shorewall.noarch 0:5.1.10.2-1.el7 will be installed
    –> Processing Dependency: shorewall-core = 5.1.10.2-1.el7 for package: shorewall-5.1.10.2-1.el7.noarch
    –> Running transaction check
    —> Package lsm.x86_64 0:1.0.5-1.el7.lux will be installed
    —> Package ppp.x86_64 0:2.4.5-34.el7_7 will be installed
    —> Package shorewall-core.noarch 0:5.1.10.2-1.el7 will be installed
    –> Finished Dependency Resolution

Dependencies Resolved

=============================================================================================================================================================================================
Package Arch Version Repository Size

Installing:
nethserver-firewall-base noarch 3.10.1-1.ns7 nethserver-updates 135 k
Installing for dependencies:
dialog x86_64 1.2-5.20130523.el7 ce-base 208 k
firehol noarch 3.1.5-1.el7.centos nethserver-base 1.3 M
lsm x86_64 1.0.5-1.el7.lux nethserver-base 61 k
nethserver-lsm noarch 1.2.3-1.ns7 nethserver-base 21 k
ppp x86_64 2.4.5-34.el7_7 ce-updates 358 k
rp-pppoe x86_64 3.11-7.el7 ce-base 113 k
shorewall noarch 5.1.10.2-1.el7 epel 636 k
shorewall-core noarch 5.1.10.2-1.el7 epel 82 k

Transaction Summary

Install 1 Package (+8 Dependent packages)

Total download size: 2.8 M
Installed size: 9.0 M
Is this ok [y/d/N]:

Confirmed, installed - all good :smile:

Credits go to @filippo_carletti and @giacomo

Thanks guys, you rock! :+1:

1 Like