[Csync2] Errors when running csync2
Giampaolo Tomassoni
Giampaolo at Tomassoni.biz
Wed Oct 6 02:16:03 CEST 2010
> I think I may have gotten things running with the ssl. I removed the
> parenthesis and ran csync2 -x and got no errors, it added all of my
> content to the database however did not sync that content.
Well, you are more probably running csync2 with the nossl option enabled, then...
> So in testing if I wanted to sync a directory to another server where
> that space is empty, theoretically it should copy all of that content
> over?
Right. You've to add the new server to the nossl option, first. But please note "nossl" means "don't use ssl".
Chris and me are trying to tell you you're probably not using ssl. So please take care if you need to synchronize things between hosts over internet...
Giampaolo
--------------
Thanks,
Chris Bidwell, RHCT
Web Admin
Geologic Hazards Team
303-273-8642
cbidwell at usgs.gov
(Sent via Crackberry)
________________________________________
From: Dennis Schafroth [dennis at schafroth.dk]
Sent: 10/05/2010 10:48 PM ZE2
To: Christopher Bidwell
Cc: csync2 at lists.linbit.com
Subject: Re: [Csync2] Errors when running csync2
skip the parentheses in the nossl.
But please understand what I tried to say:
If your csync2 programs can log those message, you will NEVER get SSL support with them. The support code is not compiled in.
Your build seems somewhat fishy. Check the config.h for HAVE_LIBGNUTLS defined, if it isnt there, no SSL support.
So how have you verified that there are SSL support?
cheers
:-Dennis
On 05/10/2010, at 22.33, Christopher J Bidwell wrote:
Sorry, yes I have verified that they are both compiled with ssl.
Not sure how to force "nossl"
I get a:
[root at glddb-master etc]# csync2 -xvv
My hostname is glddb-master.
Database-File: /var/lib/csync2/glddb-master.db
Config-File: /etc/csync2.cfg
Near line 10: syntax error
Where line 10 states: nossl glddb-master (glddb-slave1);
----------------
Thank you,
Chris Bidwell, RHCT
Red Hat Linux Administrator
From:
Dennis Schafroth <dennis at schafroth.dk>
To:
Christopher J Bidwell <cbidwell at usgs.gov>
Cc:
csync2 at lists.linbit.com
Date:
10/05/2010 01:47 PM
Subject:
Re: [Csync2] Errors when running csync2
________________________________________
Hi,
I am not sure I am that helpfull but looking at the code, it simply not possible to get that message with HAVE_LIBGNUTLS enabled. From update.c:
#if HAVE_LIBGNUTLS
conn_printf("SSL\n");
if ( read_conn_status(0, peername) ) {
csync_debug(1, "SSL command failed.\n");
conn_close();
return -1;
}
conn_activate_ssl(0);
conn_check_peer_cert(peername, 1);
#else
csync_debug(0, "ERROR: Config request SSL but this csync2 is built without SSL support.\n");
csync_error_count++;
return -1;
#endif
Similar for the remote in csync2.c which happens on the start:
#ifdef HAVE_LIBGNUTLS
conn_printf("OK (activating_ssl).\n");
conn_activate_ssl(1);
if ( !conn_gets(line, 4096) ) return 0;
cmd = strtok(line, "\t \r\n");
para = cmd ? strtok(0, "\t \r\n") : 0;
#else
conn_printf("This csync2 server is built without SSL support.\n");
return 0;
#endif
Could you be running a different version than you actually is doing your ldd check on? ldd `which csync2`
Can you try with
nossl glddb-master glddb-slave1
just to check that your config works without SSL ?
cheers,
:-Dennis
On 05/10/2010, at 21.22, Christopher J Bidwell wrote:
Just a little bit of insight as to how my setup "should" go.
I have a primary webserver that should feed content to four public webservers.
My contents of my /etc: (this is the same on both my master and my slave servers).
[@glddb-slave1 etc]# lsl csync2*
-rw-r--r-- 1 root root 710 Oct 5 2010 csync2.cfg
-rw------- 1 root root 65 Oct 5 2010 csync2.key_ehp
-rw-r--r-- 1 root root 774 Oct 5 2010 csync2_ssl_cert.pem
-rw-r--r-- 1 root root 887 Oct 5 2010 csync2_ssl_key.pem
Here is my configuration file:
------------------------------
# Csync2 Example Configuration File
# ---------------------------------
#
# Please read the documentation:
# http://oss.linbit.com/csync2/paper.pdf
group mygroup
{
host glddb-master (glddb-slave1);
key /etc/csync2.key_ehp;
include /home/www/vhosts/ehp.wr;
}
--------------------------
I figure just for simplicity I'll remove any other complexities until I can at least get communication to work.
I run csync2 -iivvv and I get this:
----------------------------
[glddb-slave1 csync2]# csync2 -iivvv
Csync2 daemon running. Waiting for connections.
<11462> New connection from 192.168.1.132:43675.
Peer>
More information about the Csync2
mailing list