Try clean table x509_cert in sqlite database /var/lib/csync2/vz1.ias.rwth-aachen.de.db like:
# sqlite /var/lib/csync2/vz1.ias.rwth-aachen.de.db > .tables > pragma table_info(x509_cert); > delete from x509_cert where peername= 'vz2.ias.rwth-aachen.de' > .quit On Wed, Jun 25, 2014 at 3:05 PM, Daniel Thielking <daniel.thielk...@ias.rwth-aachen.de> wrote: > Hi, > > I have a huge problem with csync2. > I have a CentOS 6.5 with csync2 installed from yum. > > Everytime i tried to execute 'csync2 -xdvvv' I get this error message: > > vz1 csync2 #:( [1] csync2 -xvvv > My hostname is vz1.ias.rwth-aachen.de. > Database-File: /var/lib/csync2/vz1.ias.rwth-aachen.de.db > Config-File: /etc/csync2/csync2.cfg > Running recursive check for / ... > SQL: SELECT filename from file where filename = '/' or 1 ORDER BY filename > SQL Query finished. > Checking /* .. > Don't check at all: /vz.orig > Don't check at all: /vz > Don't check at all: /var > Don't check at all: /usr > Don't check at all: /tmp > Don't check at all: /sys > Don't check at all: /srv > Don't check at all: /selinux > Don't check at all: /sbin > Don't check at all: /root > Don't check at all: /proc > Don't check at all: /opt > Don't check at all: /mnt > Don't check at all: /media > Don't check at all: /lost+found > Don't check at all: /lib64 > Don't check at all: /lib > Don't check at all: /home > Checking /etc/* .. > Don't check at all: /etc/zshrc > Don't check at all: /etc/zshenv > Don't check at all: /etc/zprofile > Don't check at all: /etc/zlogout > Don't check at all: /etc/zlogin > Don't check at all: /etc/yum.repos.d > Don't check at all: /etc/yum.conf > Don't check at all: /etc/yum > Don't check at all: /etc/xinetd.d > Don't check at all: /etc/xinetd.conf > Don't check at all: /etc/xen > Don't check at all: /etc/xdg > Don't check at all: /etc/wgetrc > Don't check at all: /etc/warnquota.conf > Don't check at all: /etc/vz.orig > Don't check at all: /etc/vz > Don't check at all: /etc/virc > Don't check at all: /etc/vimrc > Don't check at all: /etc/updatedb.conf.rpmsave > Don't check at all: /etc/updatedb.conf > Don't check at all: /etc/udev > Don't check at all: /etc/test.txt > Don't check at all: /etc/terminfo > Don't check at all: /etc/system-release-cpe > Don't check at all: /etc/system-release > Don't check at all: /etc/sysctl.conf > Don't check at all: /etc/sysconfig > Don't check at all: /etc/sudoers.d > Don't check at all: /etc/sudoers > Don't check at all: /etc/sudo.conf > Don't check at all: /etc/sudo-ldap.conf > Don't check at all: /etc/statetab.d > Don't check at all: /etc/statetab > Don't check at all: /etc/ssl > Don't check at all: /etc/ssh > Don't check at all: /etc/skel > Don't check at all: /etc/shells > Don't check at all: /etc/shadow- > Don't check at all: /etc/shadow > Don't check at all: /etc/sestatus.conf > Don't check at all: /etc/services > Don't check at all: /etc/selinux > Don't check at all: /etc/security > Don't check at all: /etc/securetty > Don't check at all: /etc/sasl2 > Don't check at all: /etc/samba > Don't check at all: /etc/rwtab.d > Don't check at all: /etc/rwtab > Don't check at all: /etc/rsyslog.d > Don't check at all: /etc/rsyslog.conf > Don't check at all: /etc/rpm > Don't check at all: /etc/rpc > Don't check at all: /etc/resolv.conf > Don't check at all: /etc/request-key.d > Don't check at all: /etc/request-key.conf > Don't check at all: /etc/redhat-release > Don't check at all: /etc/rc6.d > Don't check at all: /etc/rc5.d > Don't check at all: /etc/rc4.d > Don't check at all: /etc/rc3.d > Don't check at all: /etc/rc2.d > Don't check at all: /etc/rc1.d > Don't check at all: /etc/rc0.d > Don't check at all: /etc/rc.sysinit > Don't check at all: /etc/rc.local > Don't check at all: /etc/rc.d > Don't check at all: /etc/rc > Don't check at all: /etc/quotatab > Don't check at all: /etc/quotagrpadmins > Don't check at all: /etc/pulse > Don't check at all: /etc/protocols > Don't check at all: /etc/profile.d > Don't check at all: /etc/profile > Don't check at all: /etc/printcap > Don't check at all: /etc/ppp > Don't check at all: /etc/postfix > Don't check at all: /etc/popt.d > Don't check at all: /etc/pm > Don't check at all: /etc/plymouth > Don't check at all: /etc/pki > Don't check at all: /etc/pkcs11 > Don't check at all: /etc/passwd- > Don't check at all: /etc/passwd > Don't check at all: /etc/pam.d > Don't check at all: /etc/opt > Don't check at all: /etc/openldap > Don't check at all: /etc/ntp.conf > Don't check at all: /etc/ntp > Don't check at all: /etc/nsswitch.conf > Don't check at all: /etc/nfsmount.conf > Don't check at all: /etc/networks > Don't check at all: /etc/netconfig > Don't check at all: /etc/my.cnf > Don't check at all: /etc/multipath > Don't check at all: /etc/mtab > Don't check at all: /etc/motd > Don't check at all: /etc/modprobe.d > Don't check at all: /etc/mke2fs.conf > Don't check at all: /etc/mime.types > Don't check at all: /etc/maven > Don't check at all: /etc/man.config > Don't check at all: /etc/makedev.d > Don't check at all: /etc/mailcap > Don't check at all: /etc/mail.rc > Don't check at all: /etc/magic > Don't check at all: /etc/lvm > Don't check at all: /etc/logrotate.d > Don't check at all: /etc/logrotate.conf > Don't check at all: /etc/login.defs > Don't check at all: /etc/localtime > Don't check at all: /etc/libuser.conf > Don't check at all: /etc/libibverbs.d > Don't check at all: /etc/libaudit.conf > Don't check at all: /etc/ld.so.conf.d > Don't check at all: /etc/ld.so.conf > Don't check at all: /etc/ld.so.cache > Don't check at all: /etc/krb5.conf > Don't check at all: /etc/jvm-commmon > Don't check at all: /etc/jvm > Don't check at all: /etc/java > Don't check at all: /etc/issue.net > Don't check at all: /etc/issue > Don't check at all: /etc/iproute2 > Don't check at all: /etc/inputrc > Don't check at all: /etc/inittab > Don't check at all: /etc/init.d > Don't check at all: /etc/init > Don't check at all: /etc/idmapd.conf > Don't check at all: /etc/httpd > Don't check at all: /etc/hosts.deny > Don't check at all: /etc/hosts.allow > Don't check at all: /etc/hosts > Don't check at all: /etc/hostname > Don't check at all: /etc/host.conf > Don't check at all: /etc/ha.d > Don't check at all: /etc/gssapi_mech.conf > Don't check at all: /etc/gshadow- > Don't check at all: /etc/gshadow > Don't check at all: /etc/grub.conf > Don't check at all: /etc/group- > Don't check at all: /etc/group > Don't check at all: /etc/gnupg > Don't check at all: /etc/gcrypt > Don't check at all: /etc/gai.conf > Don't check at all: /etc/fstab > Don't check at all: /etc/fonts > Don't check at all: /etc/filesystems > Don't check at all: /etc/favicon.png > Don't check at all: /etc/exports > Don't check at all: /etc/ethers > Don't check at all: /etc/environment > Don't check at all: /etc/drbd.d.bak.1396945573 > Don't check at all: /etc/drbd.d.bak.1396945512 > Don't check at all: /etc/drbd.d.bak.1396944719 > Don't check at all: /etc/drbd.d.bak.1396944702 > Don't check at all: /etc/drbd.d.bak.1396944675 > Don't check at all: /etc/drbd.d.bak.1396944626 > Don't check at all: /etc/drbd.d.bak.1396944539 > Don't check at all: /etc/drbd.d.bak.1396944500 > Don't check at all: /etc/drbd.d.bak.1396944399 > Don't check at all: /etc/drbd.d.bak.1396944357 > Don't check at all: /etc/drbd.d.bak.1396944339 > Don't check at all: /etc/drbd.d.bak.1396943760 > Don't check at all: /etc/drbd.d.bak.1396943728 > Don't check at all: /etc/drbd.d.bak.1396943702 > Don't check at all: /etc/drbd.d > Don't check at all: /etc/drbd.conf.1396943702 > Don't check at all: /etc/drbd.conf > Don't check at all: /etc/dracut.conf.d > Don't check at all: /etc/dracut.conf > Don't check at all: /etc/dhcp > Don't check at all: /etc/depmod.d > Don't check at all: /etc/default > Don't check at all: /etc/dbus-1 > Checking /etc/csync2/* .. > Don't check at all: /etc/csync2/csync2_ssl_key.pem > Don't check at all: /etc/csync2/csync2_ssl_cert.pem > Don't check at all: /etc/csync2/csync2_ssl_cert.csr > Don't check at all: /etc/csync2/csync2.key > Match (+): /etc/csync2/csync2.cfg on /etc/csync2/csync2.cfg > Checking /etc/csync2/csync2.cfg. > SQL: SELECT checktxt FROM file WHERE filename = '/etc/csync2/csync2.cfg' > SQL Query finished. > Don't check at all: /etc/csh.login > Don't check at all: /etc/csh.cshrc > Don't check at all: /etc/crypttab > Don't check at all: /etc/crontab > Don't check at all: /etc/cron.weekly > Don't check at all: /etc/cron.monthly > Don't check at all: /etc/cron.hourly > Don't check at all: /etc/cron.deny > Don't check at all: /etc/cron.daily > Don't check at all: /etc/cron.d > Don't check at all: /etc/crm > Don't check at all: /etc/corosync > Don't check at all: /etc/chkconfig.d > Don't check at all: /etc/cgsnapshot_blacklist.conf > Don't check at all: /etc/cgrules.conf > Don't check at all: /etc/cgconfig.conf > Don't check at all: /etc/centos-release > Don't check at all: /etc/blkid > Don't check at all: /etc/bashrc > Don't check at all: /etc/bash_completion.d > Don't check at all: /etc/audit > Don't check at all: /etc/audisp > Don't check at all: /etc/asound.conf > Don't check at all: /etc/anacrontab > Don't check at all: /etc/alternatives > Don't check at all: /etc/aliases.db > Don't check at all: /etc/aliases > Don't check at all: /etc/adsm > Don't check at all: /etc/adjtime > Don't check at all: /etc/X11 > Don't check at all: /etc/TIVGUID > Don't check at all: /etc/NetworkManager > Don't check at all: /etc/DIR_COLORS.lightbgcolor > Don't check at all: /etc/DIR_COLORS.256color > Don't check at all: /etc/DIR_COLORS > Don't check at all: /etc/.pwd.lock > Don't check at all: /etc/.java > Don't check at all: /dev > Don't check at all: /cgroup > Don't check at all: /boot > Don't check at all: /bin > Don't check at all: /.pki > Don't check at all: /.autorelabel > Don't check at all: /.autofsck > SQL: SELECT peername FROM dirty GROUP BY peername ORDER BY random() > SQL Query finished. > SQL: SELECT filename, myname, force FROM dirty WHERE peername = > 'vz2.ias.rwth-aachen.de' ORDER by filename ASC > SQL Query finished. > Connecting to host vz2.ias.rwth-aachen.de (SSL) ... > Local> SSL\n > Peer> OK (activating_ssl).\n > HSK[0x15d3c40]: Keeping ciphersuite: RSA_ARCFOUR_MD5 > HSK[0x15d3c40]: Keeping ciphersuite: RSA_ARCFOUR_SHA1 > HSK[0x15d3c40]: Keeping ciphersuite: RSA_CAMELLIA_128_CBC_SHA1 > HSK[0x15d3c40]: Keeping ciphersuite: RSA_AES_128_CBC_SHA1 > HSK[0x15d3c40]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1 > HSK[0x15d3c40]: Keeping ciphersuite: RSA_AES_256_CBC_SHA1 > HSK[0x15d3c40]: Keeping ciphersuite: RSA_CAMELLIA_256_CBC_SHA1 > HSK[0x15d3c40]: Keeping ciphersuite: DHE_RSA_CAMELLIA_128_CBC_SHA1 > HSK[0x15d3c40]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA1 > HSK[0x15d3c40]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1 > HSK[0x15d3c40]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA1 > HSK[0x15d3c40]: Keeping ciphersuite: DHE_RSA_CAMELLIA_256_CBC_SHA1 > HSK[0x15d3c40]: Keeping ciphersuite: DHE_DSS_ARCFOUR_SHA1 > HSK[0x15d3c40]: Keeping ciphersuite: DHE_DSS_CAMELLIA_128_CBC_SHA1 > HSK[0x15d3c40]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA1 > HSK[0x15d3c40]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1 > HSK[0x15d3c40]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA1 > HSK[0x15d3c40]: Keeping ciphersuite: DHE_DSS_CAMELLIA_256_CBC_SHA1 > HSK[0x15d3c40]: Removing ciphersuite: PSK_SHA_ARCFOUR_SHA1 > HSK[0x15d3c40]: Removing ciphersuite: PSK_SHA_AES_128_CBC_SHA1 > HSK[0x15d3c40]: Removing ciphersuite: PSK_SHA_3DES_EDE_CBC_SHA1 > HSK[0x15d3c40]: Removing ciphersuite: PSK_SHA_AES_256_CBC_SHA1 > HSK[0x15d3c40]: Removing ciphersuite: DHE_PSK_SHA_ARCFOUR_SHA1 > HSK[0x15d3c40]: Removing ciphersuite: DHE_PSK_SHA_AES_128_CBC_SHA1 > HSK[0x15d3c40]: Removing ciphersuite: DHE_PSK_SHA_3DES_EDE_CBC_SHA1 > HSK[0x15d3c40]: Removing ciphersuite: DHE_PSK_SHA_AES_256_CBC_SHA1 > HSK[0x15d3c40]: Removing ciphersuite: SRP_SHA_RSA_AES_128_CBC_SHA1 > HSK[0x15d3c40]: Removing ciphersuite: SRP_SHA_RSA_3DES_EDE_CBC_SHA1 > HSK[0x15d3c40]: Removing ciphersuite: SRP_SHA_RSA_AES_256_CBC_SHA1 > HSK[0x15d3c40]: Removing ciphersuite: SRP_SHA_DSS_AES_128_CBC_SHA1 > HSK[0x15d3c40]: Removing ciphersuite: SRP_SHA_DSS_3DES_EDE_CBC_SHA1 > HSK[0x15d3c40]: Removing ciphersuite: SRP_SHA_DSS_AES_256_CBC_SHA1 > HSK[0x15d3c40]: Removing ciphersuite: SRP_SHA_AES_128_CBC_SHA1 > HSK[0x15d3c40]: Removing ciphersuite: SRP_SHA_3DES_EDE_CBC_SHA1 > HSK[0x15d3c40]: Removing ciphersuite: SRP_SHA_AES_256_CBC_SHA1 > EXT[0x15d3c40]: Sending extension CERT_TYPE > EXT[0x15d3c40]: Sending extension SAFE_RENEGOTIATION > HSK[0x15d3c40]: CLIENT HELLO was sent [93 bytes] > HSK[0x15d3c40]: SERVER HELLO was received [81 bytes] > HSK[0x15d3c40]: Server's version: 3.2 > HSK[0x15d3c40]: SessionID length: 32 > HSK[0x15d3c40]: SessionID: > 79458488fd63b4108d0a9cff78c8fae70554a439a64121b0ccfec30c03f3bf3f > HSK[0x15d3c40]: Selected cipher suite: RSA_ARCFOUR_MD5 > EXT[0x15d3c40]: Found extension 'SAFE_RENEGOTIATION/65281' > Safe renegotiation succeeded. > HSK[0x15d3c40]: CERTIFICATE was received [701 bytes] > HSK[0x15d3c40]: CERTIFICATE REQUEST was received [169 bytes] > HSK[0x15d3c40]: SERVER HELLO DONE was received [4 bytes] > HSK[0x15d3c40]: CERTIFICATE was sent [701 bytes] > HSK[0x15d3c40]: CLIENT KEY EXCHANGE was sent [134 bytes] > HSK[0x15d3c40]: CERTIFICATE VERIFY was sent [134 bytes] > REC[0x15d3c40]: Sent ChangeCipherSpec > HSK[0x15d3c40]: Cipher Suite: RSA_ARCFOUR_MD5 > HSK[0x15d3c40]: Initializing internal [write] cipher sessions > HSK[0x15d3c40]: FINISHED was sent [16 bytes] > HSK[0x15d3c40]: Cipher Suite: RSA_ARCFOUR_MD5 > HSK[0x15d3c40]: Initializing internal [read] cipher sessions > HSK[0x15d3c40]: FINISHED was received [16 bytes] > SQL: SELECT certdata FROM x509_cert WHERE peername = > 'vz2.ias.rwth-aachen.de' > SQL Query finished. > Peer x509 certificate is: > 308202AF30820218020900FC15E08C46F88683300D06092A864886F70D010105050030819B310B3009060355040613024445310C300A06035504080C034E5257310F300D06035504070C0641616368656E31143012060355040A0C0B525754482041616368656E310C300A060355040B0C03494153311F301D06035504030C16767A312E6961732E727774682D61616368656E2E64653128302606092A864886F70D010901161961646D696E73406961732E727774682D61616368656E2E6465301E170D3134303632353131343534385A170D3136303231353131343534385A30819B310B3009060355040613024445310C300A06035504080C034E5257310F300D06035504070C0641616368656E31143012060355040A0C0B525754482041616368656E310C300A060355040B0C03494153311F301D06035504030C16767A312E6961732E727774682D61616368656E2E64653128302606092A864886F70D010901161961646D696E73406961732E727774682D61616368656E2E646530819F300D06092A864886F70D010101050003818D0030818902818100C48298521E59CFB6D1AB04E42E72BD87EF660086E2CECD24208DD1AB2D32AE4CDAEC44F4A6E6C5B0FFF5965606D9F200BB3F65DCCD0808CE7DE6CC9CD78B8C789A9BA049A427C495CC44CD0D77C2F0FB672D50DDBEA10F0B72931A3310AF825AF819E76D8419430FEF0FA71AC228F6515024AAB74297D722C2047C7F4A1FEF350203010001300D06092A864886F70D0101050500038181006DFB2B564E2009F4065B031FF89BFAD289C69AB7ACFEB1555D7CB91EFF2F2092D1A672AA1F23968FA7C655FB2BF852DDDE6D6B17A84BF7F4B0530401F5DBCB061BE0E0F34EADEF1EB0A08385F68B97B6F361DCA618BD4A792B39D34E4D00EF734325CB9461CB13FD54C2E80E9F036F185AFD6C72D1B5987A1375C1EDAECCC497 > Local> CONFIG \n > Peer> OK (cmd_finished).\n > Local> HELLO vz1.ias.rwth-aachen.de\n > Peer> Identification failed!\n > While syncing file /etc/csync2/csync2.cfg: > ERROR from peer vz2.ias.rwth-aachen.de: Identification failed! > Local> BYE\n > Peer> OK (cu_later).\n > ASSERT: gnutls_buffers.c:330 > ASSERT: gnutls_buffers.c:584 > XXX[]: ret: -54 Error in the pull function. > XXX2[]: ret: -54 Error in the pull function. > ASSERT: gnutls_record.c:917 > SQL: SELECT command, logfile FROM action GROUP BY command, logfile > SQL Query finished. > Finished with 1 errors. > > > Here is my config: group mycluster > { > host vz1.ias.rwth-aachen.de vz2.ias.rwth-aachen.de; > key /etc/csync2/csync2.key; > > include /etc/csync2/csync2.cfg; > # include /etc/apache; > # include %homedir%/bob; > # exclude %homedir%/bob/temp; > # exclude *~ .*; > # > # action > # { > # pattern /etc/apache/httpd.conf; > # pattern /etc/apache/sites-available/*; > # exec "/usr/sbin/apache2ctl graceful"; > # logfile "/var/log/csync2_action.log"; > # do-local; > # } > # > backup-directory /var/backups/csync2; > backup-generations 3; > > auto none; > } > > I have also read the topics from the mailing list but i didn't find a > solution for that. > Please help me! > > Thanks > > -- > _____________________________________________________ > > Auszubildender Fachinformatiker für Systemintegration > RWTH Aachen > Lehrstuhl für Integrierte Analogschaltungen > Raum 24C 313 > Walter-Schottky-Haus > Sommerfeldstr. 24 > D-52074 Aachen > > www.ias.rwth-aachen.de > > Email: daniel.thielk...@ias.rwth-aachen.de > Phone: +49-(0)241-80-27771 > FAX: +49-(0)241-80-627771 > _____________________________________________________ > > > _______________________________________________ > Csync2 mailing list > Csync2@lists.linbit.com > http://lists.linbit.com/mailman/listinfo/csync2 _______________________________________________ Csync2 mailing list Csync2@lists.linbit.com http://lists.linbit.com/mailman/listinfo/csync2