On Sun, 9 Oct 2016, Michael Rash michael.rash-at-gmail.com |fwknop| wrote: ... > Ok, a couple of additional thoughts - can you try setting a path for the > digest cache file that is outside of /var/run/? So, just add something like > this to the init script start line for fwknopd: > > -d /root/fwknopd.cache > > Is the problem reproducible with this path? Also, is SELinux deployed on > your system? If the problem is reproducible with /root/fwknopd.cache, then > can you temporarily disable SELinux to see if it is still reproducible?
Neither changing the cache location nor disabling selinux makes any difference, either separately or together. > Also, I've attached a small patch to fwknop-2.6.5 (which is an older > version) to get strerror() output for the log message you are seeing. This > would help determine the exact reason that fopen() is failing if you want > to apply it and recompile (let me know if you have any questions about > this). Also, I've applied this patch to git master, so if you want to try > the latest sources, this is patch is already there. Right, I've downloaded, untarred and patched fwknop-2.6.5.tar.bz2. (I downloaded fwknop-master.zip, but had trouble when I tried to configure it.) Running the fwknopd that I get, I've noticed two odd things: 1) A successful command produces a log entry [127.0.0.1] (stanza #2) CMD_EXEC: command returned 0, pid_status: 2 while an unsuccessful one gives [127.0.0.1] (stanza #2) CMD_EXEC: command returned 0, pid_status: 0 2) After the unsuccessful command, I have two fwknopd processes running, where I only had one before. And I think that may account for the error messages saying (with line folded for readability) Could not open digest cache: /usr/local/var/run/fwknop/digest.cache: Permission denied that I get on subsequent tries, because the /usr/local/var/run/fwknop/fwknopd.pid file still has the pid of the original process, not the new one. Stephen Isard ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Fwknop-discuss mailing list Fwknop-discuss@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fwknop-discuss
