Re: [OpenXPKI-users] Error when publishing a cert to local disk
Hi Lixin,
the problem with Net::Server is already on our list and we have created
a bug ticket for this with the project. For our enterprise packages we
currently use the last version without this bug which works without
problems.
Oliver
On 26.02.23 20:01, Lixin Liu wrote:
Hi Martin,
Thanks! This is very helpful.
Add permission mode appears to work correct for new cert publishing.
And, thanks to your sharp eye,
removing extra "I" in "RA Operator.yaml" file, line 329, does clear
the error.
I also noticed errors in stderr.log file:
Use of uninitialized value in numeric eq (==) at
/usr/local/share/perl5/5.32/Net/Server/Fork.pm line 168, line 1.
This seems to be a known issue and someone suggested the fix like:
--- Fork.pm.bak 2022-12-01 16:34:11.0 -0800
+++ Fork.pm 2023-02-26 09:58:57.044542839 -0800
@@ -165,7 +165,8 @@
return undef if ! defined $sock;
# check if this is UDP
- if (SOCK_DGRAM == unpack('i', $sock->getsockopt(SOL_SOCKET,
SO_TYPE))) {
+ my $sockopt = unpack('i', $sock->getsockopt(SOL_SOCKET, SO_TYPE));
+ if (defined $sockopt and SOCK_DGRAM == $sockopt) {
$prop->{'udp_true'} = 1;
$prop->{'client'} = $sock;
$prop->{'udp_peer'} = $sock->recv($prop->{'udp_data'},
$sock->NS_recv_len, $sock->NS_recv_flags);
Cheers,
Lixin.
On 2023-02-26, 9:04 AM, "Martin Bartosch via OpenXPKI-users"
> wrote:
Hi,
> I am hitting another error when publishing a cert (to a local file).
I see the cert file is written
> to local directory, but with a 777 permission which I think is wrong.
I observed a similar same problem recently, if the file does not
exist, it is created with the system umask. If it exists, it gets
properly written with the permissions set in the configuration.
It is probably easy to fix on your side:
Add the configuration setting
mode: "0644"
on the same level as "content:" and "file:", this setting defines the
octal file mode of the published file. Mind the quote characters and
the leading zero.
Once this is done, restart the server and repeat the publication
process with the target file already in place. Check if the
permissions are OK when the file is rewritten, it should be OK then.
> Here is the error message right after publishing is finished.
>
> 2023/02/25 18:19:34 INFO Workflow
2303/certificate_publishing/SUCCESS executed
'certpublish_publish_profile' (autorun) in state 'PUBLISH'
[pid=75782|user=ra-liu|role=System|sid=HhEJ|wftype=certificate_publishing|wfid=2303]
> 2023/02/25 18:19:34 INFO Workflow
2303/certificate_publishing/SUCCESS changed from state 'PUBLISH'
[pid=75782|user=ra-liu|role=System|sid=HhEJ|wftype=certificate_publishing|wfid=2303]
> 2023/02/25 18:19:53 ERROR
I18N_OPENXPKI_TEMPLATE_ERROR_PARSING_TEMPLATE_FOR_PARAM; __ERROR__ =>
file error - parse error - input text line 3: unexpected token (END)
> [% END %], __TEMPLATE__ => [%I IF meta_email %]
I18N_OPENXPKI_UI_WORKFLOW_FIELD_META_EMAIL_LABEL: [% FOREACH mail =
meta_email %]
> mailto:[% mail %]">[% mail %],
> [% END %][% END %]
> [pid=75725|sid=Av82]
>
> I am not sure if these are related to the publishing.
The error message indicates that you have an error in your Template code.
> __TEMPLATE__ => [%I IF meta_email %
The I following the percent sign looks fishy :)
Cheers
Martin
___
OpenXPKI-users mailing list
OpenXPKI-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openxpki-users
___
OpenXPKI-users mailing list
OpenXPKI-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openxpki-users
--
Protect your environment - close windows and adopt a penguin!
___
OpenXPKI-users mailing list
OpenXPKI-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openxpki-users
Re: [OpenXPKI-users] Error when publishing a cert to local disk
Hi Martin,
Thanks! This is very helpful.
Add permission mode appears to work correct for new cert publishing. And,
thanks to your sharp eye,
removing extra "I" in "RA Operator.yaml" file, line 329, does clear the error.
I also noticed errors in stderr.log file:
Use of uninitialized value in numeric eq (==) at
/usr/local/share/perl5/5.32/Net/Server/Fork.pm line 168, line 1.
This seems to be a known issue and someone suggested the fix like:
--- Fork.pm.bak 2022-12-01 16:34:11.0 -0800
+++ Fork.pm 2023-02-26 09:58:57.044542839 -0800
@@ -165,7 +165,8 @@
return undef if ! defined $sock;
# check if this is UDP
-if (SOCK_DGRAM == unpack('i', $sock->getsockopt(SOL_SOCKET, SO_TYPE))) {
+my $sockopt = unpack('i', $sock->getsockopt(SOL_SOCKET, SO_TYPE));
+if (defined $sockopt and SOCK_DGRAM == $sockopt) {
$prop->{'udp_true'} = 1;
$prop->{'client'} = $sock;
$prop->{'udp_peer'} = $sock->recv($prop->{'udp_data'},
$sock->NS_recv_len, $sock->NS_recv_flags);
Cheers,
Lixin.
On 2023-02-26, 9:04 AM, "Martin Bartosch via OpenXPKI-users"
mailto:openxpki-users@lists.sourceforge.net>> wrote:
Hi,
> I am hitting another error when publishing a cert (to a local file). I see
> the cert file is written
> to local directory, but with a 777 permission which I think is wrong.
I observed a similar same problem recently, if the file does not exist, it is
created with the system umask. If it exists, it gets properly written with the
permissions set in the configuration.
It is probably easy to fix on your side:
Add the configuration setting
mode: "0644"
on the same level as "content:" and "file:", this setting defines the octal
file mode of the published file. Mind the quote characters and the leading zero.
Once this is done, restart the server and repeat the publication process with
the target file already in place. Check if the permissions are OK when the file
is rewritten, it should be OK then.
> Here is the error message right after publishing is finished.
>
> 2023/02/25 18:19:34 INFO Workflow 2303/certificate_publishing/SUCCESS
> executed 'certpublish_publish_profile' (autorun) in state 'PUBLISH'
> [pid=75782|user=ra-liu|role=System|sid=HhEJ|wftype=certificate_publishing|wfid=2303]
> 2023/02/25 18:19:34 INFO Workflow 2303/certificate_publishing/SUCCESS changed
> from state 'PUBLISH'
> [pid=75782|user=ra-liu|role=System|sid=HhEJ|wftype=certificate_publishing|wfid=2303]
> 2023/02/25 18:19:53 ERROR
> I18N_OPENXPKI_TEMPLATE_ERROR_PARSING_TEMPLATE_FOR_PARAM; __ERROR__ => file
> error - parse error - input text line 3: unexpected token (END)
> [% END %], __TEMPLATE__ => [%I IF meta_email %]
> I18N_OPENXPKI_UI_WORKFLOW_FIELD_META_EMAIL_LABEL: [% FOREACH mail =
> meta_email %]
> mailto:[% mail %]">[% mail %],
> [% END %][% END %]
> [pid=75725|sid=Av82]
>
> I am not sure if these are related to the publishing.
The error message indicates that you have an error in your Template code.
> __TEMPLATE__ => [%I IF meta_email %
The I following the percent sign looks fishy :)
Cheers
Martin
___
OpenXPKI-users mailing list
OpenXPKI-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openxpki-users
___
OpenXPKI-users mailing list
OpenXPKI-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openxpki-users
Re: [OpenXPKI-users] Error when publishing a cert to local disk
Hi, > I am hitting another error when publishing a cert (to a local file). I see > the cert file is written > to local directory, but with a 777 permission which I think is wrong. I observed a similar same problem recently, if the file does not exist, it is created with the system umask. If it exists, it gets properly written with the permissions set in the configuration. It is probably easy to fix on your side: Add the configuration setting mode: "0644" on the same level as "content:" and "file:", this setting defines the octal file mode of the published file. Mind the quote characters and the leading zero. Once this is done, restart the server and repeat the publication process with the target file already in place. Check if the permissions are OK when the file is rewritten, it should be OK then. > Here is the error message right after publishing is finished. > > 2023/02/25 18:19:34 INFO Workflow 2303/certificate_publishing/SUCCESS > executed 'certpublish_publish_profile' (autorun) in state 'PUBLISH' > [pid=75782|user=ra-liu|role=System|sid=HhEJ|wftype=certificate_publishing|wfid=2303] > 2023/02/25 18:19:34 INFO Workflow 2303/certificate_publishing/SUCCESS changed > from state 'PUBLISH' > [pid=75782|user=ra-liu|role=System|sid=HhEJ|wftype=certificate_publishing|wfid=2303] > 2023/02/25 18:19:53 ERROR > I18N_OPENXPKI_TEMPLATE_ERROR_PARSING_TEMPLATE_FOR_PARAM; __ERROR__ => file > error - parse error - input text line 3: unexpected token (END) > [% END %], __TEMPLATE__ => [%I IF meta_email %] > I18N_OPENXPKI_UI_WORKFLOW_FIELD_META_EMAIL_LABEL: [% FOREACH mail = > meta_email %] > mailto:[% mail %]">[% mail %], > [% END %][% END %] > [pid=75725|sid=Av82] > > I am not sure if these are related to the publishing. The error message indicates that you have an error in your Template code. > __TEMPLATE__ => [%I IF meta_email % The I following the percent sign looks fishy :) Cheers Martin ___ OpenXPKI-users mailing list OpenXPKI-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openxpki-users
