Try clean table x509_cert in sqlite database
/var/lib/csync2/vz1.ias.rwth-aachen.de.db like:
# sqlite /var/lib/csync2/vz1.ias.rwth-aachen.de.db
> .tables
> pragma table_info(x509_cert);
> delete from x509_cert where peername= 'vz2.ias.rwth-aachen.de'
> .quit
On Wed, Jun 25, 2014 at 3:05 PM, Daniel Thielking
<daniel.thielk...@ias.rwth-aachen.de> wrote:
> Hi,
>
> I have a huge problem with csync2.
> I have a CentOS 6.5 with csync2 installed from yum.
>
> Everytime i tried to execute 'csync2 -xdvvv' I get this error message:
>
> vz1 csync2 #:( [1] csync2 -xvvv
> My hostname is vz1.ias.rwth-aachen.de.
> Database-File: /var/lib/csync2/vz1.ias.rwth-aachen.de.db
> Config-File: /etc/csync2/csync2.cfg
> Running recursive check for / ...
> SQL: SELECT filename from file where filename = '/' or 1 ORDER BY filename
> SQL Query finished.
> Checking /* ..
> Don't check at all: /vz.orig
> Don't check at all: /vz
> Don't check at all: /var
> Don't check at all: /usr
> Don't check at all: /tmp
> Don't check at all: /sys
> Don't check at all: /srv
> Don't check at all: /selinux
> Don't check at all: /sbin
> Don't check at all: /root
> Don't check at all: /proc
> Don't check at all: /opt
> Don't check at all: /mnt
> Don't check at all: /media
> Don't check at all: /lost+found
> Don't check at all: /lib64
> Don't check at all: /lib
> Don't check at all: /home
> Checking /etc/* ..
> Don't check at all: /etc/zshrc
> Don't check at all: /etc/zshenv
> Don't check at all: /etc/zprofile
> Don't check at all: /etc/zlogout
> Don't check at all: /etc/zlogin
> Don't check at all: /etc/yum.repos.d
> Don't check at all: /etc/yum.conf
> Don't check at all: /etc/yum
> Don't check at all: /etc/xinetd.d
> Don't check at all: /etc/xinetd.conf
> Don't check at all: /etc/xen
> Don't check at all: /etc/xdg
> Don't check at all: /etc/wgetrc
> Don't check at all: /etc/warnquota.conf
> Don't check at all: /etc/vz.orig
> Don't check at all: /etc/vz
> Don't check at all: /etc/virc
> Don't check at all: /etc/vimrc
> Don't check at all: /etc/updatedb.conf.rpmsave
> Don't check at all: /etc/updatedb.conf
> Don't check at all: /etc/udev
> Don't check at all: /etc/test.txt
> Don't check at all: /etc/terminfo
> Don't check at all: /etc/system-release-cpe
> Don't check at all: /etc/system-release
> Don't check at all: /etc/sysctl.conf
> Don't check at all: /etc/sysconfig
> Don't check at all: /etc/sudoers.d
> Don't check at all: /etc/sudoers
> Don't check at all: /etc/sudo.conf
> Don't check at all: /etc/sudo-ldap.conf
> Don't check at all: /etc/statetab.d
> Don't check at all: /etc/statetab
> Don't check at all: /etc/ssl
> Don't check at all: /etc/ssh
> Don't check at all: /etc/skel
> Don't check at all: /etc/shells
> Don't check at all: /etc/shadow-
> Don't check at all: /etc/shadow
> Don't check at all: /etc/sestatus.conf
> Don't check at all: /etc/services
> Don't check at all: /etc/selinux
> Don't check at all: /etc/security
> Don't check at all: /etc/securetty
> Don't check at all: /etc/sasl2
> Don't check at all: /etc/samba
> Don't check at all: /etc/rwtab.d
> Don't check at all: /etc/rwtab
> Don't check at all: /etc/rsyslog.d
> Don't check at all: /etc/rsyslog.conf
> Don't check at all: /etc/rpm
> Don't check at all: /etc/rpc
> Don't check at all: /etc/resolv.conf
> Don't check at all: /etc/request-key.d
> Don't check at all: /etc/request-key.conf
> Don't check at all: /etc/redhat-release
> Don't check at all: /etc/rc6.d
> Don't check at all: /etc/rc5.d
> Don't check at all: /etc/rc4.d
> Don't check at all: /etc/rc3.d
> Don't check at all: /etc/rc2.d
> Don't check at all: /etc/rc1.d
> Don't check at all: /etc/rc0.d
> Don't check at all: /etc/rc.sysinit
> Don't check at all: /etc/rc.local
> Don't check at all: /etc/rc.d
> Don't check at all: /etc/rc
> Don't check at all: /etc/quotatab
> Don't check at all: /etc/quotagrpadmins
> Don't check at all: /etc/pulse
> Don't check at all: /etc/protocols
> Don't check at all: /etc/profile.d
> Don't check at all: /etc/profile
> Don't check at all: /etc/printcap
> Don't check at all: /etc/ppp
> Don't check at all: /etc/postfix
> Don't check at all: /etc/popt.d
> Don't check at all: /etc/pm
> Don't check at all: /etc/plymouth
> Don't check at all: /etc/pki
> Don't check at all: /etc/pkcs11
> Don't check at all: /etc/passwd-
> Don't check at all: /etc/passwd
> Don't check at all: /etc/pam.d
> Don't check at all: /etc/opt
> Don't check at all: /etc/openldap
> Don't check at all: /etc/ntp.conf
> Don't check at all: /etc/ntp
> Don't check at all: /etc/nsswitch.conf
> Don't check at all: /etc/nfsmount.conf
> Don't check at all: /etc/networks
> Don't check at all: /etc/netconfig
> Don't check at all: /etc/my.cnf
> Don't check at all: /etc/multipath
> Don't check at all: /etc/mtab
> Don't check at all: /etc/motd
> Don't check at all: /etc/modprobe.d
> Don't check at all: /etc/mke2fs.conf
> Don't check at all: /etc/mime.types
> Don't check at all: /etc/maven
> Don't check at all: /etc/man.config
> Don't check at all: /etc/makedev.d
> Don't check at all: /etc/mailcap
> Don't check at all: /etc/mail.rc
> Don't check at all: /etc/magic
> Don't check at all: /etc/lvm
> Don't check at all: /etc/logrotate.d
> Don't check at all: /etc/logrotate.conf
> Don't check at all: /etc/login.defs
> Don't check at all: /etc/localtime
> Don't check at all: /etc/libuser.conf
> Don't check at all: /etc/libibverbs.d
> Don't check at all: /etc/libaudit.conf
> Don't check at all: /etc/ld.so.conf.d
> Don't check at all: /etc/ld.so.conf
> Don't check at all: /etc/ld.so.cache
> Don't check at all: /etc/krb5.conf
> Don't check at all: /etc/jvm-commmon
> Don't check at all: /etc/jvm
> Don't check at all: /etc/java
> Don't check at all: /etc/issue.net
> Don't check at all: /etc/issue
> Don't check at all: /etc/iproute2
> Don't check at all: /etc/inputrc
> Don't check at all: /etc/inittab
> Don't check at all: /etc/init.d
> Don't check at all: /etc/init
> Don't check at all: /etc/idmapd.conf
> Don't check at all: /etc/httpd
> Don't check at all: /etc/hosts.deny
> Don't check at all: /etc/hosts.allow
> Don't check at all: /etc/hosts
> Don't check at all: /etc/hostname
> Don't check at all: /etc/host.conf
> Don't check at all: /etc/ha.d
> Don't check at all: /etc/gssapi_mech.conf
> Don't check at all: /etc/gshadow-
> Don't check at all: /etc/gshadow
> Don't check at all: /etc/grub.conf
> Don't check at all: /etc/group-
> Don't check at all: /etc/group
> Don't check at all: /etc/gnupg
> Don't check at all: /etc/gcrypt
> Don't check at all: /etc/gai.conf
> Don't check at all: /etc/fstab
> Don't check at all: /etc/fonts
> Don't check at all: /etc/filesystems
> Don't check at all: /etc/favicon.png
> Don't check at all: /etc/exports
> Don't check at all: /etc/ethers
> Don't check at all: /etc/environment
> Don't check at all: /etc/drbd.d.bak.1396945573
> Don't check at all: /etc/drbd.d.bak.1396945512
> Don't check at all: /etc/drbd.d.bak.1396944719
> Don't check at all: /etc/drbd.d.bak.1396944702
> Don't check at all: /etc/drbd.d.bak.1396944675
> Don't check at all: /etc/drbd.d.bak.1396944626
> Don't check at all: /etc/drbd.d.bak.1396944539
> Don't check at all: /etc/drbd.d.bak.1396944500
> Don't check at all: /etc/drbd.d.bak.1396944399
> Don't check at all: /etc/drbd.d.bak.1396944357
> Don't check at all: /etc/drbd.d.bak.1396944339
> Don't check at all: /etc/drbd.d.bak.1396943760
> Don't check at all: /etc/drbd.d.bak.1396943728
> Don't check at all: /etc/drbd.d.bak.1396943702
> Don't check at all: /etc/drbd.d
> Don't check at all: /etc/drbd.conf.1396943702
> Don't check at all: /etc/drbd.conf
> Don't check at all: /etc/dracut.conf.d
> Don't check at all: /etc/dracut.conf
> Don't check at all: /etc/dhcp
> Don't check at all: /etc/depmod.d
> Don't check at all: /etc/default
> Don't check at all: /etc/dbus-1
> Checking /etc/csync2/* ..
> Don't check at all: /etc/csync2/csync2_ssl_key.pem
> Don't check at all: /etc/csync2/csync2_ssl_cert.pem
> Don't check at all: /etc/csync2/csync2_ssl_cert.csr
> Don't check at all: /etc/csync2/csync2.key
> Match (+): /etc/csync2/csync2.cfg on /etc/csync2/csync2.cfg
> Checking /etc/csync2/csync2.cfg.
> SQL: SELECT checktxt FROM file WHERE filename = '/etc/csync2/csync2.cfg'
> SQL Query finished.
> Don't check at all: /etc/csh.login
> Don't check at all: /etc/csh.cshrc
> Don't check at all: /etc/crypttab
> Don't check at all: /etc/crontab
> Don't check at all: /etc/cron.weekly
> Don't check at all: /etc/cron.monthly
> Don't check at all: /etc/cron.hourly
> Don't check at all: /etc/cron.deny
> Don't check at all: /etc/cron.daily
> Don't check at all: /etc/cron.d
> Don't check at all: /etc/crm
> Don't check at all: /etc/corosync
> Don't check at all: /etc/chkconfig.d
> Don't check at all: /etc/cgsnapshot_blacklist.conf
> Don't check at all: /etc/cgrules.conf
> Don't check at all: /etc/cgconfig.conf
> Don't check at all: /etc/centos-release
> Don't check at all: /etc/blkid
> Don't check at all: /etc/bashrc
> Don't check at all: /etc/bash_completion.d
> Don't check at all: /etc/audit
> Don't check at all: /etc/audisp
> Don't check at all: /etc/asound.conf
> Don't check at all: /etc/anacrontab
> Don't check at all: /etc/alternatives
> Don't check at all: /etc/aliases.db
> Don't check at all: /etc/aliases
> Don't check at all: /etc/adsm
> Don't check at all: /etc/adjtime
> Don't check at all: /etc/X11
> Don't check at all: /etc/TIVGUID
> Don't check at all: /etc/NetworkManager
> Don't check at all: /etc/DIR_COLORS.lightbgcolor
> Don't check at all: /etc/DIR_COLORS.256color
> Don't check at all: /etc/DIR_COLORS
> Don't check at all: /etc/.pwd.lock
> Don't check at all: /etc/.java
> Don't check at all: /dev
> Don't check at all: /cgroup
> Don't check at all: /boot
> Don't check at all: /bin
> Don't check at all: /.pki
> Don't check at all: /.autorelabel
> Don't check at all: /.autofsck
> SQL: SELECT peername FROM dirty GROUP BY peername ORDER BY random()
> SQL Query finished.
> SQL: SELECT filename, myname, force FROM dirty WHERE peername =
> 'vz2.ias.rwth-aachen.de' ORDER by filename ASC
> SQL Query finished.
> Connecting to host vz2.ias.rwth-aachen.de (SSL) ...
> Local> SSL\n
> Peer> OK (activating_ssl).\n
> HSK[0x15d3c40]: Keeping ciphersuite: RSA_ARCFOUR_MD5
> HSK[0x15d3c40]: Keeping ciphersuite: RSA_ARCFOUR_SHA1
> HSK[0x15d3c40]: Keeping ciphersuite: RSA_CAMELLIA_128_CBC_SHA1
> HSK[0x15d3c40]: Keeping ciphersuite: RSA_AES_128_CBC_SHA1
> HSK[0x15d3c40]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1
> HSK[0x15d3c40]: Keeping ciphersuite: RSA_AES_256_CBC_SHA1
> HSK[0x15d3c40]: Keeping ciphersuite: RSA_CAMELLIA_256_CBC_SHA1
> HSK[0x15d3c40]: Keeping ciphersuite: DHE_RSA_CAMELLIA_128_CBC_SHA1
> HSK[0x15d3c40]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA1
> HSK[0x15d3c40]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1
> HSK[0x15d3c40]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA1
> HSK[0x15d3c40]: Keeping ciphersuite: DHE_RSA_CAMELLIA_256_CBC_SHA1
> HSK[0x15d3c40]: Keeping ciphersuite: DHE_DSS_ARCFOUR_SHA1
> HSK[0x15d3c40]: Keeping ciphersuite: DHE_DSS_CAMELLIA_128_CBC_SHA1
> HSK[0x15d3c40]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA1
> HSK[0x15d3c40]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1
> HSK[0x15d3c40]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA1
> HSK[0x15d3c40]: Keeping ciphersuite: DHE_DSS_CAMELLIA_256_CBC_SHA1
> HSK[0x15d3c40]: Removing ciphersuite: PSK_SHA_ARCFOUR_SHA1
> HSK[0x15d3c40]: Removing ciphersuite: PSK_SHA_AES_128_CBC_SHA1
> HSK[0x15d3c40]: Removing ciphersuite: PSK_SHA_3DES_EDE_CBC_SHA1
> HSK[0x15d3c40]: Removing ciphersuite: PSK_SHA_AES_256_CBC_SHA1
> HSK[0x15d3c40]: Removing ciphersuite: DHE_PSK_SHA_ARCFOUR_SHA1
> HSK[0x15d3c40]: Removing ciphersuite: DHE_PSK_SHA_AES_128_CBC_SHA1
> HSK[0x15d3c40]: Removing ciphersuite: DHE_PSK_SHA_3DES_EDE_CBC_SHA1
> HSK[0x15d3c40]: Removing ciphersuite: DHE_PSK_SHA_AES_256_CBC_SHA1
> HSK[0x15d3c40]: Removing ciphersuite: SRP_SHA_RSA_AES_128_CBC_SHA1
> HSK[0x15d3c40]: Removing ciphersuite: SRP_SHA_RSA_3DES_EDE_CBC_SHA1
> HSK[0x15d3c40]: Removing ciphersuite: SRP_SHA_RSA_AES_256_CBC_SHA1
> HSK[0x15d3c40]: Removing ciphersuite: SRP_SHA_DSS_AES_128_CBC_SHA1
> HSK[0x15d3c40]: Removing ciphersuite: SRP_SHA_DSS_3DES_EDE_CBC_SHA1
> HSK[0x15d3c40]: Removing ciphersuite: SRP_SHA_DSS_AES_256_CBC_SHA1
> HSK[0x15d3c40]: Removing ciphersuite: SRP_SHA_AES_128_CBC_SHA1
> HSK[0x15d3c40]: Removing ciphersuite: SRP_SHA_3DES_EDE_CBC_SHA1
> HSK[0x15d3c40]: Removing ciphersuite: SRP_SHA_AES_256_CBC_SHA1
> EXT[0x15d3c40]: Sending extension CERT_TYPE
> EXT[0x15d3c40]: Sending extension SAFE_RENEGOTIATION
> HSK[0x15d3c40]: CLIENT HELLO was sent [93 bytes]
> HSK[0x15d3c40]: SERVER HELLO was received [81 bytes]
> HSK[0x15d3c40]: Server's version: 3.2
> HSK[0x15d3c40]: SessionID length: 32
> HSK[0x15d3c40]: SessionID:
> 79458488fd63b4108d0a9cff78c8fae70554a439a64121b0ccfec30c03f3bf3f
> HSK[0x15d3c40]: Selected cipher suite: RSA_ARCFOUR_MD5
> EXT[0x15d3c40]: Found extension 'SAFE_RENEGOTIATION/65281'
> Safe renegotiation succeeded.
> HSK[0x15d3c40]: CERTIFICATE was received [701 bytes]
> HSK[0x15d3c40]: CERTIFICATE REQUEST was received [169 bytes]
> HSK[0x15d3c40]: SERVER HELLO DONE was received [4 bytes]
> HSK[0x15d3c40]: CERTIFICATE was sent [701 bytes]
> HSK[0x15d3c40]: CLIENT KEY EXCHANGE was sent [134 bytes]
> HSK[0x15d3c40]: CERTIFICATE VERIFY was sent [134 bytes]
> REC[0x15d3c40]: Sent ChangeCipherSpec
> HSK[0x15d3c40]: Cipher Suite: RSA_ARCFOUR_MD5
> HSK[0x15d3c40]: Initializing internal [write] cipher sessions
> HSK[0x15d3c40]: FINISHED was sent [16 bytes]
> HSK[0x15d3c40]: Cipher Suite: RSA_ARCFOUR_MD5
> HSK[0x15d3c40]: Initializing internal [read] cipher sessions
> HSK[0x15d3c40]: FINISHED was received [16 bytes]
> SQL: SELECT certdata FROM x509_cert WHERE peername =
> 'vz2.ias.rwth-aachen.de'
> SQL Query finished.
> Peer x509 certificate is:
> 308202AF30820218020900FC15E08C46F88683300D06092A864886F70D010105050030819B310B3009060355040613024445310C300A06035504080C034E5257310F300D06035504070C0641616368656E31143012060355040A0C0B525754482041616368656E310C300A060355040B0C03494153311F301D06035504030C16767A312E6961732E727774682D61616368656E2E64653128302606092A864886F70D010901161961646D696E73406961732E727774682D61616368656E2E6465301E170D3134303632353131343534385A170D3136303231353131343534385A30819B310B3009060355040613024445310C300A06035504080C034E5257310F300D06035504070C0641616368656E31143012060355040A0C0B525754482041616368656E310C300A060355040B0C03494153311F301D06035504030C16767A312E6961732E727774682D61616368656E2E64653128302606092A864886F70D010901161961646D696E73406961732E727774682D61616368656E2E646530819F300D06092A864886F70D010101050003818D0030818902818100C48298521E59CFB6D1AB04E42E72BD87EF660086E2CECD24208DD1AB2D32AE4CDAEC44F4A6E6C5B0FFF5965606D9F200BB3F65DCCD0808CE7DE6CC9CD78B8C789A9BA049A427C495CC44CD0D77C2F0FB672D50DDBEA10F0B72931A3310AF825AF819E76D8419430FEF0FA71AC228F6515024AAB74297D722C2047C7F4A1FEF350203010001300D06092A864886F70D0101050500038181006DFB2B564E2009F4065B031FF89BFAD289C69AB7ACFEB1555D7CB91EFF2F2092D1A672AA1F23968FA7C655FB2BF852DDDE6D6B17A84BF7F4B0530401F5DBCB061BE0E0F34EADEF1EB0A08385F68B97B6F361DCA618BD4A792B39D34E4D00EF734325CB9461CB13FD54C2E80E9F036F185AFD6C72D1B5987A1375C1EDAECCC497
> Local> CONFIG \n
> Peer> OK (cmd_finished).\n
> Local> HELLO vz1.ias.rwth-aachen.de\n
> Peer> Identification failed!\n
> While syncing file /etc/csync2/csync2.cfg:
> ERROR from peer vz2.ias.rwth-aachen.de: Identification failed!
> Local> BYE\n
> Peer> OK (cu_later).\n
> ASSERT: gnutls_buffers.c:330
> ASSERT: gnutls_buffers.c:584
> XXX[]: ret: -54 Error in the pull function.
> XXX2[]: ret: -54 Error in the pull function.
> ASSERT: gnutls_record.c:917
> SQL: SELECT command, logfile FROM action GROUP BY command, logfile
> SQL Query finished.
> Finished with 1 errors.
>
>
> Here is my config: group mycluster
> {
> host vz1.ias.rwth-aachen.de vz2.ias.rwth-aachen.de;
> key /etc/csync2/csync2.key;
>
> include /etc/csync2/csync2.cfg;
> # include /etc/apache;
> # include %homedir%/bob;
> # exclude %homedir%/bob/temp;
> # exclude *~ .*;
> #
> # action
> # {
> # pattern /etc/apache/httpd.conf;
> # pattern /etc/apache/sites-available/*;
> # exec "/usr/sbin/apache2ctl graceful";
> # logfile "/var/log/csync2_action.log";
> # do-local;
> # }
> #
> backup-directory /var/backups/csync2;
> backup-generations 3;
>
> auto none;
> }
>
> I have also read the topics from the mailing list but i didn't find a
> solution for that.
> Please help me!
>
> Thanks
>
> --
> _____________________________________________________
>
> Auszubildender Fachinformatiker für Systemintegration
> RWTH Aachen
> Lehrstuhl für Integrierte Analogschaltungen
> Raum 24C 313
> Walter-Schottky-Haus
> Sommerfeldstr. 24
> D-52074 Aachen
>
> www.ias.rwth-aachen.de
>
> Email: daniel.thielk...@ias.rwth-aachen.de
> Phone: +49-(0)241-80-27771
> FAX: +49-(0)241-80-627771
> _____________________________________________________
>
>
> _______________________________________________
> Csync2 mailing list
> Csync2@lists.linbit.com
> http://lists.linbit.com/mailman/listinfo/csync2
_______________________________________________
Csync2 mailing list
Csync2@lists.linbit.com
http://lists.linbit.com/mailman/listinfo/csync2
