[Csync2] Errors when running csync2

Giampaolo Tomassoni Giampaolo at Tomassoni.biz
Wed Oct 6 02:16:03 CEST 2010 

> I think I may have gotten things running with the ssl. I removed the
> parenthesis and ran csync2 -x and got no errors, it added all of my
> content to the database however did not sync that content.

Well, you are more probably running csync2 with the nossl option enabled, then...


> So in testing if I wanted to sync a directory to another server where
> that space is empty, theoretically it should copy all of that content
> over?

Right. You've to add the new server to the nossl option, first. But please note "nossl" means "don't use ssl".

Chris and me are trying to tell you you're probably not using ssl. So please take care if you need to synchronize things between hosts over internet...

Giampaolo



--------------
Thanks,

Chris Bidwell, RHCT
Web Admin
Geologic Hazards Team
303-273-8642
cbidwell at usgs.gov
(Sent via Crackberry)
________________________________________
  From: Dennis Schafroth [dennis at schafroth.dk]
  Sent: 10/05/2010 10:48 PM ZE2
  To: Christopher Bidwell
  Cc: csync2 at lists.linbit.com
  Subject: Re: [Csync2] Errors when running csync2


skip the parentheses in the nossl. 

But please understand what I tried to say: 

If your csync2 programs can log those message, you will NEVER get SSL support with them. The support code is not compiled in. 

Your build seems somewhat fishy. Check the config.h for HAVE_LIBGNUTLS defined, if it isnt there, no SSL support. 

So how have you verified that there are SSL support? 

cheers 
:-Dennis 

On 05/10/2010, at 22.33, Christopher J Bidwell wrote:


Sorry, yes I have verified that they are both compiled with ssl. 

Not sure how to force "nossl" 

I get a: 
[root at glddb-master etc]# csync2 -xvv 
My hostname is glddb-master. 
Database-File: /var/lib/csync2/glddb-master.db 
Config-File:   /etc/csync2.cfg 
Near line 10: syntax error 

Where line 10 states:  nossl glddb-master (glddb-slave1); 
----------------
Thank you,

Chris Bidwell, RHCT
Red Hat Linux Administrator


From: 
Dennis Schafroth <dennis at schafroth.dk> 
To: 
Christopher J Bidwell <cbidwell at usgs.gov> 
Cc: 
csync2 at lists.linbit.com 
Date: 
10/05/2010 01:47 PM 
Subject: 
Re: [Csync2] Errors when running csync2

________________________________________



Hi, 

I am not sure I am that helpfull but looking at the code, it simply not possible to get that message with HAVE_LIBGNUTLS enabled. From update.c:   

#if HAVE_LIBGNUTLS 
                conn_printf("SSL\n"); 
if ( read_conn_status(0, peername) ) { 
                        csync_debug(1, "SSL command failed.\n"); 
                        conn_close(); 
                        return -1; 
                } 
                conn_activate_ssl(0); 
                conn_check_peer_cert(peername, 1); 
#else 
                csync_debug(0, "ERROR: Config request SSL but this csync2 is built without SSL support.\n"); 
                csync_error_count++; 
                return -1; 
#endif 

Similar for the remote in csync2.c which happens on the start: 

#ifdef HAVE_LIBGNUTLS 
                        conn_printf("OK (activating_ssl).\n"); 
                        conn_activate_ssl(1); 

                        if ( !conn_gets(line, 4096) ) return 0; 
                        cmd = strtok(line, "\t \r\n"); 
                        para = cmd ? strtok(0, "\t \r\n") : 0; 
#else 
                        conn_printf("This csync2 server is built without SSL support.\n"); 
                        return 0; 
#endif 

Could you be running a different version than you actually is doing your ldd check on? ldd `which csync2` 

Can you try with 

nossl  glddb-master glddb-slave1   

just to check that your config works without SSL ? 

cheers, 
:-Dennis 

On 05/10/2010, at 21.22, Christopher J Bidwell wrote: 

Just a little bit of insight as to how my setup "should" go. 

I have a primary webserver that should feed content to four public webservers.   

My contents of my /etc:  (this is the same on both my master and my slave servers). 
[@glddb-slave1 etc]# lsl csync2* 
-rw-r--r-- 1 root root 710 Oct  5  2010 csync2.cfg 
-rw------- 1 root root  65 Oct  5  2010 csync2.key_ehp 
-rw-r--r-- 1 root root 774 Oct  5  2010 csync2_ssl_cert.pem 
-rw-r--r-- 1 root root 887 Oct  5  2010 csync2_ssl_key.pem 

Here is my configuration file: 
------------------------------ 
# Csync2 Example Configuration File 
# --------------------------------- 
# 
# Please read the documentation: 
# http://oss.linbit.com/csync2/paper.pdf 

group mygroup 
{ 
        host glddb-master (glddb-slave1); 

        key /etc/csync2.key_ehp; 

        include /home/www/vhosts/ehp.wr; 
} 
-------------------------- 
I figure just for simplicity I'll remove any other complexities until I can at least get communication to work. 

I run csync2 -iivvv and I get this: 
---------------------------- 
[glddb-slave1 csync2]# csync2 -iivvv 
Csync2 daemon running. Waiting for connections. 
<11462> New connection from 192.168.1.132:43675. 
Peer>

More information about the Csync2 mailing list