Karaf 4.0.0-SNAPSHOT hang on startup
Hi I've cloned the 4.0.0-SNAPSHOT repository and built it from scratch. When I try to run it, it hangs on startup with following message in karaf.log: 2014-07-17 12:29:16,235 | ERROR | pool-1-thread-1 | BootFeaturesInstaller | 6 - org.apache.karaf.features.core - 4.0.0.SNAPSHOT | Error installing boot features org.osgi.service.resolver.ResolutionException: Unable to resolve root: missing requirement [root] osgi.identity; osgi.identity=management; type=karaf.feature; version=[4.0.0.SNAPSHOT,4.0.0.SNAPSHOT]; filter:=((osgi.identity=management)(type=karaf.feature)(version=4.0.0.SNAPSHOT)(version=4.0.0.SNAPSHOT)) [caused by: Unable to resolve management/4.0.0.SNAPSHOT: missing requirement [management/4.0.0.SNAPSHOT] osgi.identity; osgi.identity=org.apache.aries.jmx.core; type=osgi.bundle; version=[1.1.2,1.1.2]; resolution:=mandatory [caused by: Unable to resolve org.apache.aries.jmx.core/1.1.2: missing requirement [org.apache.aries.jmx.core/1.1.2] osgi.service; effective:=active; filter:=(objectClass=javax.management.MBeanServer)]] at org.apache.felix.resolver.Candidates.populateResource(Candidates.java:285)[6:org.apache.karaf.features.core:4.0.0.SNAPSHOT] at org.apache.felix.resolver.Candidates.processCandidates(Candidates.java:454)[6:org.apache.karaf.features.core:4.0.0.SNAPSHOT] at org.apache.felix.resolver.Candidates.populateResource(Candidates.java:266)[6:org.apache.karaf.features.core:4.0.0.SNAPSHOT] . . . . Base on older discussions, I tried different values for *respectStartLvlDuringFeatureStartup* and *featuresBootAsynchronous* properties but nothing happened. The org.apache.aries.jmx.core/1.1.2 already exists in users's maven repository as well as karaf/system repository. I'm using Windows 7 32bit, JDK 1.7 HotSpot. Is there any necessary configuration or installation hint that I missed? Regards - Ehsan Zaery Moghaddam zaerymoghad...@gmail.com developmentor.blogspot.com -- View this message in context: http://karaf.922171.n3.nabble.com/Karaf-4-0-0-SNAPSHOT-hang-on-startup-tp4034268.html Sent from the Karaf - Dev mailing list archive at Nabble.com.
Re: [PROPOSAL] Remove default ssh key
A tool to generate an SSH key and set up the related files would be better than providing a default SSH key. On 17 July 2014 14:44, Jean-Baptiste Onofré j...@nanthrax.net wrote: Hi all, Following a discussion that we had with Christian, I would like to raise a concern. Now, on Karaf 2.x/3.x/4.x, the JMX layer is secure using RBAC. The MBeanServerBuilder is enabled by default, meaning that it's not possible to locally connect to the MBean server. I think it's good and secure. However, on the other hand, we have a key enabled by default (in etc/keys.properties) and used by default by bin/client. So it means that any user that download a Karaf distribution can connect to any Karaf runtimes by default. On one hand we have a very secure JMX layer (even for local connection), but on the other hand, bin/client can connect to any Karaf running instance (so not very secure). I would like to propose the following: - in etc/keys.properties, we should comment out the default key. We can document how to enable it and how to change the keys. - in bin/client, we should be able to specify a key that we want to use. WDYT ? I already created some Jira about the keys: - KARAF-2786: I would change this one by comment out the default key - KARAF-2836 to allow to specify multiple keys for an user in etc/keys.properties - KARAF-2787 to allow to specify the key to bin/client Thanks, Regards JB -- Jean-Baptiste Onofré jbono...@apache.org http://blog.nanthrax.net Talend - http://www.talend.com -- Matt Sicker boa...@gmail.com
Re: [PROPOSAL] Remove default ssh key
+1 to comment out the default public key in keys.properties, it's really a security hole. And about specify the key to bin/client, I just added it weeks ago, please see KARAF-3059[1] [1]https://issues.apache.org/jira/browse/KARAF-3059 - Freeman(Yue) Fang Red Hat, Inc. FuseSource is now part of Red Hat On 2014-7-18, at 上午3:44, Jean-Baptiste Onofré wrote: Hi all, Following a discussion that we had with Christian, I would like to raise a concern. Now, on Karaf 2.x/3.x/4.x, the JMX layer is secure using RBAC. The MBeanServerBuilder is enabled by default, meaning that it's not possible to locally connect to the MBean server. I think it's good and secure. However, on the other hand, we have a key enabled by default (in etc/keys.properties) and used by default by bin/client. So it means that any user that download a Karaf distribution can connect to any Karaf runtimes by default. On one hand we have a very secure JMX layer (even for local connection), but on the other hand, bin/client can connect to any Karaf running instance (so not very secure). I would like to propose the following: - in etc/keys.properties, we should comment out the default key. We can document how to enable it and how to change the keys. - in bin/client, we should be able to specify a key that we want to use. WDYT ? I already created some Jira about the keys: - KARAF-2786: I would change this one by comment out the default key - KARAF-2836 to allow to specify multiple keys for an user in etc/keys.properties - KARAF-2787 to allow to specify the key to bin/client Thanks, Regards JB -- Jean-Baptiste Onofré jbono...@apache.org http://blog.nanthrax.net Talend - http://www.talend.com
Re: [PROPOSAL] Remove default ssh key
Hi Freeman, thanks for the update ;) Regards JB On 07/18/2014 02:38 AM, Freeman Fang wrote: +1 to comment out the default public key in keys.properties, it's really a security hole. And about specify the key to bin/client, I just added it weeks ago, please see KARAF-3059[1] [1]https://issues.apache.org/jira/browse/KARAF-3059 - Freeman(Yue) Fang Red Hat, Inc. FuseSource is now part of Red Hat On 2014-7-18, at 上午3:44, Jean-Baptiste Onofré wrote: Hi all, Following a discussion that we had with Christian, I would like to raise a concern. Now, on Karaf 2.x/3.x/4.x, the JMX layer is secure using RBAC. The MBeanServerBuilder is enabled by default, meaning that it's not possible to locally connect to the MBean server. I think it's good and secure. However, on the other hand, we have a key enabled by default (in etc/keys.properties) and used by default by bin/client. So it means that any user that download a Karaf distribution can connect to any Karaf runtimes by default. On one hand we have a very secure JMX layer (even for local connection), but on the other hand, bin/client can connect to any Karaf running instance (so not very secure). I would like to propose the following: - in etc/keys.properties, we should comment out the default key. We can document how to enable it and how to change the keys. - in bin/client, we should be able to specify a key that we want to use. WDYT ? I already created some Jira about the keys: - KARAF-2786: I would change this one by comment out the default key - KARAF-2836 to allow to specify multiple keys for an user in etc/keys.properties - KARAF-2787 to allow to specify the key to bin/client Thanks, Regards JB -- Jean-Baptiste Onofré jbono...@apache.org http://blog.nanthrax.net Talend - http://www.talend.com -- Jean-Baptiste Onofré jbono...@apache.org http://blog.nanthrax.net Talend - http://www.talend.com
RAT plugin error on ssh key files
Hi Last night I was trying to rebuild the latest branches of the project from ground up (master, 3.0.x and 2.3.x). I noticed there is an error in RAT plugin while checking SSH key files. I created a JIRA issue ( KARAF-3129 https://issues.apache.org/jira/browse/KARAF-3129 ) and attached an appropriate patch for each branch to fix it by adding *.key pattern to RAT plugin's exclude list. Regards - Ehsan Zaery Moghaddam zaerymoghad...@gmail.com developmentor.blogspot.com -- View this message in context: http://karaf.922171.n3.nabble.com/RAT-plugin-error-on-ssh-key-files-tp4034281.html Sent from the Karaf - Dev mailing list archive at Nabble.com.