setup-kolab: augeas.py", line 385, in save raise IOError("Unable to save to file!")
Brad Ralph
brad at ralph.id.au
Tue Jul 29 16:30:57 CEST 2014
On 28/07/14 8:00 PM, Honza Burian wrote:
Any chance SELinux is still running in enforcing mode instead of
permissive mode?
see
http://docs.kolab.org/installation-guide/preparing-the-system.html#selinux
Regards,
Brad
>> On Sunday 27 July 2014 00:04:12 Honza Burian wrote:
>>> After that setup quits.
>>> no setup.*.log files in /var/log/kolab/
>>> I really don't know what would I do.
>> You could run `setup-kolab -d9` to get more verbose debug logs.
>>
>> Kind Regards,
>> Torsten
> Thanks for your answer. Ok, I tried this and there is the extra output:
> --------------------------
> Cyrus Administrator password [fygLX0XBiNjMyV4]:
> Confirm Cyrus Administrator password:
>
> Please supply a Kolab Service account password. This account is used by various
> services such as Postfix, and Roundcube, as anonymous binds to the LDAP server
> will not be allowed.
>
> Kolab Service password [9nwu8iDmsypboGe]:
> Confirm Kolab Service password:
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.set_option
> ((17, 3), {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.set_option
> ((17, 3), {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.simple_bind
> (('cn=Directory Manager', 'wPrZedZBgTv27xdezHRA', None, None), {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.result4
> ((1, 1, -1, 0, 0, 0), {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.add_ext
> (('uid=cyrus-admin,ou=Special Users,dc=elmonto,dc=cz',
> [('surname', 'Administrator'),
> ('uid', 'cyrus-admin'),
> ('objectclass',
> ['top', 'person', 'inetorgperson', 'organizationalperson']),
> ('userPassword', 'xxxxxxxxxxxxxxxx'),
> ('givenname', 'Cyrus'),
> ('cn', 'Cyrus Administrator')],
> None,
> None),
> {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.result4
> ((2, 1, -1, 0, 0, 0), {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.add_ext
> (('uid=kolab-service,ou=Special Users,dc=elmonto,dc=cz',
> [('nslookthroughlimit', '-1'),
> ('surname', 'Service'),
> ('uid', 'kolab-service'),
> ('objectclass',
> ['top', 'person', 'inetorgperson', 'organizationalperson']),
> ('userPassword', 'xxxxxxxxxxxxxxxxxxx'),
> ('nstimelimit', '-1'),
> ('nssizelimit', '-1'),
> ('nsidletimeout', '-1'),
> ('givenname', 'Kolab'),
> ('cn', 'Kolab Service')],
> None,
> None),
> {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.result4
> ((3, 1, -1, 0, 0, 0), {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.add_ext
> (('ou=Resources,dc=elmonto,dc=cz',
> [('objectclass', ['top', 'organizationalunit']), ('ou', 'Resources')],
> None,
> None),
> {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.result4
> ((4, 1, -1, 0, 0, 0), {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.add_ext
> (('ou=Shared Folders,dc=elmonto,dc=cz',
> [('objectclass', ['top', 'organizationalunit']), ('ou', 'Shared Folders')],
> None,
> None),
> {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.result4
> ((5, 1, -1, 0, 0, 0), {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.add_ext
> (('cn=kolab,cn=config',
> [('objectclass', ['top', 'extensibleobject']), ('cn', 'kolab')],
> None,
> None),
> {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.result4
> ((6, 1, -1, 0, 0, 0), {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.search_ext
> (('cn=kolab,cn=config',
> 0,
> '(objectclass=*)',
> ['dn', '*'],
> 0,
> None,
> None,
> -1,
> 0),
> {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.result4
> ((7, 1, -1, 0, 0, 0), {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.search_ext
> (('cn=kolab,cn=config',
> 0,
> '(objectclass=*)',
> ['dn', 'aci'],
> 0,
> None,
> None,
> -1,
> 0),
> {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.result4
> ((8, 1, -1, 0, 0, 0), {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.modify_ext
> (('cn=kolab,cn=config',
> [(0,
> 'aci',
> '(targetattr = "*") (version 3.0;acl "Kolab Services";allow
> (read,compare,search)(userdn = "ldap:///uid=kolab-service,ou=Special
> Users,dc=elmonto,dc=cz");)')],
> None,
> None),
> {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.result4
> ((9, 1, -1, 0, 0, 0), {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.add_ext
> (('associateddomain=elmonto.cz,cn=kolab,cn=config',
> [('objectclass', ['top', 'domainrelatedobject']),
> ('associateddomain',
> ['elmonto.cz',
> 'email.elmonto.cz',
> 'localhost.localdomain',
> 'localhost']),
> ('aci',
> '(targetattr = "*") (version 3.0;acl "Read Access for elmonto.cz
> Users";allow (read,compare,search)(userdn =
> "ldap:///dc=elmonto,dc=cz??sub?(objectclass=*)");)')],
> None,
> None),
> {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.result4
> ((10, 1, -1, 0, 0, 0), {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.modify_ext
> (('cn=config', [(2, 'nsslapd-allow-anonymous-access', 'off')], None, None), {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.result4
> ((11, 1, -1, 0, 0, 0), {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.modify_ext
> (('cn=attribute uniqueness,cn=plugins,cn=config',
> [(2, 'nsslapd-pluginEnabled', 'on')],
> None,
> None),
> {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.result4
> ((12, 1, -1, 0, 0, 0), {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.modify_ext
> (('cn=referential integrity postoperation,cn=plugins,cn=config',
> [(2, 'nsslapd-pluginEnabled', 'on')],
> None,
> None),
> {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.result4
> ((13, 1, -1, 0, 0, 0), {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.modify_ext
> (('cn=Account Policy Plugin,cn=plugins,cn=config',
> [(2, 'nsslapd-pluginEnabled', 'on'),
> (0,
> 'nsslapd-pluginarg0',
> 'cn=config,cn=Account Policy Plugin,cn=plugins,cn=config')],
> None,
> None),
> {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.result4
> ((14, 1, -1, 0, 0, 0), {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.modify_ext
> (('cn=config,cn=Account Policy Plugin,cn=plugins,cn=config',
> [(2, 'alwaysrecordlogin', 'yes'),
> (0, 'stateattrname', 'lastLoginTime'),
> (0, 'altstateattrname', 'createTimestamp')],
> None,
> None),
> {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.result4
> ((15, 1, -1, 0, 0, 0), {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.add_ext
> (('cn=kolab-admin,dc=elmonto,dc=cz',
> [('objectClass',
> ['top',
> 'ldapsubentry',
> 'nsroledefinition',
> 'nssimpleroledefinition',
> 'nsmanagedroledefinition']),
> ('description', 'Kolab Administrator'),
> ('cn', 'kolab-admin')],
> None,
> None),
> {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.result4
> ((16, 1, -1, 0, 0, 0), {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.modify_ext
> (('dc=elmonto,dc=cz',
> [(2,
> 'aci',
> ['(targetattr = "carLicense || description || displayName ||
> facsimileTelephoneNumber || homePhone || homePostalAddress || initials
> || jpegPhoto || l || labeledURI || mobile || o || pager || photo ||
> postOfficeBox || postalAddress || postalCode ||
> preferredDeliveryMethod || preferredLanguage || registeredAddress ||
> roomNumber || secretary || seeAlso || st || street || telephoneNumber
> || telexNumber || title || userCertificate || userPassword ||
> userSMIMECertificate || x500UniqueIdentifier || kolabDelegate ||
> kolabInvitationPolicy || kolabAllowSMTPSender") (version 3.0; acl
> "Enable self write for common attributes"; allow
> (read,compare,search,write)(userdn = "ldap:///self");)',
> '(targetattr = "*") (version 3.0;acl "Directory Administrators
> Group";allow (all)(groupdn = "ldap:///cn=Directory
> Administrators,dc=elmonto,dc=cz" or roledn =
> "ldap:///cn=kolab-admin,dc=elmonto,dc=cz");)',
> '(targetattr="*")(version 3.0; acl "Configuration Administrators
> Group"; allow (all) groupdn="ldap:///cn=Configuration
> Administrators,ou=Groups,ou=TopologyManagement,o=NetscapeRoot";)',
> '(targetattr="*")(version 3.0; acl "Configuration Administrator";
> allow (all) userdn="ldap:///uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot";)',
> '(targetattr = "*")(version 3.0; acl "SIE Group"; allow (all)
> groupdn = "ldap:///cn=slapd-email,cn=389 Directory Server,cn=Server
> Group,cn=email.elmonto.cz,ou=elmonto.cz,o=NetscapeRoot";)',
> '(targetattr != "userPassword") (version 3.0;acl "Search
> Access";allow (read,compare,search)(userdn = "ldap:///all");)'])],
> None,
> None),
> {})
> *** <ldap.ldapobject.ReconnectLDAPObject instance at 0x12a5bd8>
> ldap://localhost:389 - ReconnectLDAPObject.result4
> ((17, 1, -1, 0, 0, 0), {})
> Traceback (most recent call last):
> File "/usr/sbin/setup-kolab", line 42, in <module>
> setup.run()
> File "/usr/lib/python2.6/site-packages/pykolab/setup/__init__.py",
> line 43, in run
> components.execute('_'.join(to_execute))
> File "/usr/lib/python2.6/site-packages/pykolab/setup/components.py",
> line 170, in execute
> execute(component)
> File "/usr/lib/python2.6/site-packages/pykolab/setup/components.py",
> line 202, in execute
> components[component_name]['function'](conf.cli_args, kw)
> File "/usr/lib/python2.6/site-packages/pykolab/setup/setup_mta.py",
> line 320, in execute
> myaugeas.save()
> File "/usr/lib/python2.6/site-packages/augeas.py", line 385, in save
> raise IOError("Unable to save to file!")
> IOError: Unable to save to file!
> ------------------------------------
>
> It looks like there is only adding and modyfing of LDAP entries. No more errors.
> I found on some blog instructions how to install kolab on CentOS, where is:
> http://www.archaicbinary.net/howto/installing-kolab-3-2-on-centos.html
> -------------------------------------
> Next we can install all the packages Kolab needs.
>
> # yum install kolab
>
> After all these are installed we (at this time, its a bug that needs
> fixing) need to fix the template script for amavisd.conf
>
> # nano /usr/lib/python2.6/site-packages/pykolab/setup/setup_mta.py
>
> Look around line `386` the small block should look like the following
>
> if os.path.isdir('/etc/amavisd'):
> fp = open('/etc/amavisd/amavisd.conf', 'w')
> elif os.path.isdir('/etc/amavis'):
> fp = open('/etc/amavis/amavisd.conf', 'w')
> fp.write(t.__str__())
> fp.close()
>
> Take a look under the second line, it opens the file but does not
> write and then close it. We need it to do this or we will get a zero
> byte empty amavisd.conf file.
>
> If yours looks like the above make it look like this
>
> if os.path.isdir('/etc/amavisd'):
> fp = open('/etc/amavisd/amavisd.conf', 'w')
> fp.write(t.__str__())
> fp.close()
> elif os.path.isdir('/etc/amavis'):
> fp = open('/etc/amavis/amavisd.conf', 'w')
> fp.write(t.__str__())
> fp.close()
>
> You see I have added two lines under the second. Save the file and exit.
>
> Now we can continue installing Kolab.
>
> # setup-kolab
> -----------------------------------------
> But my file setup_mta.py is ok (i think so):
> ----
> starts at line 386
> fp = None
> if os.path.isdir('/etc/amavisd'):
> fp = open('/etc/amavisd/amavisd.conf', 'w')
> elif os.path.isdir('/etc/amavis'):
> fp = open('/etc/amavis/amavisd.conf', 'w')
>
> if not fp == None:
> fp.write(t.__str__())
> fp.close()
> -------------------------------------------
> Also my error starts in this file at line 320:
> ---
> myaugeas.save()
> ------------------------------------------
> And then error continue in file augeas.py", line 385, in save:
> ---
> starts at line 382:
> # Call the function
> ret = Augeas._libaugeas.aug_save(self.__handle)
> if ret != 0:
> raise IOError("Unable to save to file!")
> ----------------------------------------
> But I can't figure out what line 383 did:
> ret = Augeas._libaugeas.aug_save(self.__handle)
> ------------------------------------
>
> Best Regards
> John
> _______________________________________________
> users mailing list
> users at lists.kolab.org
> https://lists.kolab.org/mailman/listinfo/users
--
Regards,
Brad Ralph
More information about the users
mailing list