Hi Manuel,
in December 2006 Joachim Schrod posted a work-around to that problem
on the list. This worked very fine for me. See below my mail to find
his work-around.
Kind regards, Matthias
<quote>
Hello,
[It might be that this is actually something for openca-devel, but
since I'm new to the project, I cannot really judge it.]
I would like to tell about one of the inconveniences that occured
during installation of openca-0.9.3-rc1. Maybe one wants to document
it somewhere; or some other user can find it here on the mailing list.
My problem:
===========
After some while, I got the error message in stderr.log, that the
OpenCA server could not write log messages to syslog.
Error message:
PKI Master Alert: Logging error
PKI Master Alert: Aborting all operations
PKI Master Alert: Error: 64510030
PKI Master Alert: Message: addMessage failed for log slot
sys_syslog (6511070).
Cannot write to syslogdevice.
PKI Master Alert: debugging messages of logging follow
OpenCA: General error trapped 64510030: addMessage failed for log
slot sys_syslog (6511070). Cannot write to syslogdevice. at
/opt/openca/perl5/OpenCA/UI/HTML.pm line 179.
Compilation failed in require at
/opt/openca/CA/OpenCA/etc/openca_start line 62.
I searched in the openca mailing lists, but the discussions there
about similar errors did not match my situation. The syslog service is
running and configured correctly, I use it all the time.
The root cause:
===============
I'm using syslog-ng (on SUSE 10.0 actually, but I suspect that this
does not matter). I used socket_type 'unix' in log.xml, as is default.
Then the communication from the OpenCA server to the syslog service
uses /dev/log.
When syslog-ng is restarted -- e.g., during a log rotation -- it
closes and reopens /dev/log. Afterwards that error appears. This is
repeatable:
1) Starting OpenCA server: logging works w/o error messages
2) Reload of syslog-ng: afterwards, error messages appear
3) Restart of OpenCA server: error messages disappear
4) repeat 2) as necessary to check the situation. ;-)
It might well be that using the original syslog has the same effect,
as long as /dev/log is used for communication.
The workaround:
===============
I updated the Perl module Sys::Syslog to the current version of 0.18.
(Btw, this is a system module and not a site-module.) Then I could use
the (newly introduced) socket_type 'native' which is much more stable
and Just Works(tm). Just updating was not sufficient, the unix
socket_type in Sys-Syslog-0.18 has still the same behaviour.
But this workaround might not be suitable for the general
distribution, since Sys::Syslog-0.18 is too new to be available in
most installations. This is the reason why I'm posting this
observation on openca-users and not on openca-devel. For a full
generic improvement, I assume that one would need to repeat a call to
openlog() on specific errors.
I hope this is of interest for anyone,
Joachim
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Joachim Schrod Email: [EMAIL PROTECTED]
Roedermark, Germany
</quote>
On 5/23/07, Subredu Manuel <[EMAIL PROTECTED]> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I manage to recreate the condition which gives me this error.
> If I make a /etc/init.d/syslog reload, openca starts to give me those
> error. The problem seems to be in Sys::Syslog. Did anyone get into this
> before ?
>
> Subredu Manuel wrote:
> > Hi,
> >
> > we recently installed OpenCA 0.9.3-rc1 . I configured all thats
> > required. I generated the CA and RA certificates. All was fine
> > yesterday. Today, when I try to use CA, RA or PUB sections I got an error:
> >
> > Error 64510030
> > General Error addMessage failed for log slot sys_syslog (6511070).
> > Cannot write to syslogdevice.
> >
> > What is this ? The only thing that happens since yesterday was a syslog
> > reload (due to cron scripts). The system where OpenCA is hosted, is a
> > OpenSuSE 10.1 up2date.
> > What can I do ?
>
> - -------------------------------------------------------------------------
> This SF.net email is sponsored by DB2 Express
> Download DB2 Express C - the FREE version of DB2 express and take
> control of your XML. No limits. Just data. Click to get it now.
> http://sourceforge.net/powerbar/db2/
> _______________________________________________
> Openca-Users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/openca-users
>
> - --
> ===================================
> inf. Manuel SUBREDU
> Senior SysAdm @ RoEduNet
>
> Phone: +40 (232) 201007
> Email: [EMAIL PROTECTED]
> website: http://www.packages.ro
> ===================================
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFGVBWvjGXbUSvc3AsRAoP9AJ9tkkv9ahazFCe+nqw9/VFhEkJQOACfQgv3
> ugnqm4kmzMq2+BN8TqZ4jBs=
> =1LQ9
> -----END PGP SIGNATURE-----
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by DB2 Express
> Download DB2 Express C - the FREE version of DB2 express and take
> control of your XML. No limits. Just data. Click to get it now.
> http://sourceforge.net/powerbar/db2/
> _______________________________________________
> Openca-Users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/openca-users
>
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users
