search

dragonresearch / rpki.net

Dragon Research Labs rpki.net RPKI toolkit
54 stars 30 forks source link

ca0.rpki.net daemons do not start after upgrade #619

Closed sraustein closed 11 years ago

sraustein commented 11 years ago

ca0.rpki.net:/var/log# rpkic version 0.5484

ca0.rpki.net:/var/log# service rpki-ca start Started irdbd Started rpkid Started pubd Started rootd

the only clue and it is old

Sep 3 02:24:07 ca0 rootd[29624]: Could not auto_update <rpki.x509.X509 object at 0x80757ded0> (failures 1): [Errno 2] No such file or directory: '/usr/local/share/rpki/ca.cer'

Trac ticket #606 component rpkid priority blocker, owner sra, created by randy on 2013-09-03T02:41:57Z, last modified 2013-09-11T03:48:34Z

sraustein commented 11 years ago

portupgrade -a stuff looked really hosed so rebooted

got a copy of missing ca.cer from backup

restarted services, only irbd and rootd came up

Sep 3 02:57:41 ca0 rpkid[2722]: Updating /usr/local/share/rpki/ca.cer, timestamp 2013-08-09T03:30:01Z

Sep 3 02:57:41 ca0 rootd[2727]: Updating /usr/local/share/rpki/ca.cer, timestamp 2013-08-09T03:30:01Z Sep 3 02:57:41 ca0 rootd[2727]: Updating /usr/local/share/rpki/rootd.key, timestamp 2013-09-01T02:27:19Z Sep 3 02:57:41 ca0 rootd[2727]: Updating /usr/local/share/rpki/rootd.cer, timestamp 2013-09-02T03:30:01Z Sep 3 02:57:41 ca0 rootd[2727]: Updating /usr/local/share/rpki/ca.crl, timestamp 2013-09-02T03:30:01Z Sep 3 02:57:41 ca0 rootd[2727]: Updating /usr/local/share/rpki/child.cer, timestamp 2013-09-02T03:30:01Z Sep 3 02:57:42 ca0 rootd[2727]: Updating /usr/local/share/rpki/root.key, timestamp 2012-11-13T20:23:05Z

Sep 3 02:57:41 ca0 pubd[2725]: Updating /usr/local/share/rpki/ca.cer, timestamp 2013-08-09T03:30:01Z

a ton of scary stuff in syslog, but none since reboot

Trac comment by randy on 2013-09-03T03:03:42Z

sraustein commented 11 years ago

{{{ rpkic update_bpki }}}

Trac comment by sra on 2013-09-03T04:05:31Z

sraustein commented 11 years ago

rpkic update_bpki

how intuitive! silly me.

Trac comment by randy on 2013-09-03T04:09:21Z

sraustein commented 11 years ago

rpkic update_bpki how intuitive! silly me.

but it worked. thanks for that. appreciated,

actually, i had to

{{{ rpkic update_bpki service rpki-ca restart rpkic update_bpki }}}

because the first one ended with

{{{
Writing /usr/local/share/rpki/ca.crl
Writing /usr/local/share/rpki/rootd.cer
Writing /usr/local/share/rpki/child.cer
2013-09-03 04:07:54 rpkic[9011]: <rpki.http.http_client>: Error on HTTP client connection ca0.rpki.net:4404 <class 'socket.error'> [Errno 61] ECONNREFUSED
2013-09-03 04:07:54 rpkic[9011]: <rpki.http.http_client>: Closing due to error
2013-09-03 04:07:54 rpkic[9011]: <rpki.http.http_queue ca0.rpki.net:4404>: Returning exception error(61, 'ECONNREFUSED') to caller: [Errno 61] ECONNREFUSED
Couldn't push updated BSCs into rpkid: [Errno 61] ECONNREFUSED
}}}

Trac comment by randy on 2013-09-03T04:12:30Z

sraustein commented 11 years ago

rpkic update_bpki

how intuitive! silly me.

I don't know how to write the code for {{{ rpkic recover-from-whatever-idiot-thing-freebsd-port-system-broke-this-week }}}

Trac comment by sra on 2013-09-03T04:51:13Z

sraustein commented 11 years ago

I don't know how to write the code for {{{ rpkic recover-from-whatever-idiot-thing-freebsd-port-system-broke-this-week }}}

it's probably in java

Trac comment by randy on 2013-09-04T02:05:39Z

sraustein commented 11 years ago

So, this one looks like botched installation due to external causes (#604, etc). I don't see further useful work to be done here, so closing. Reopen if you disagree.

Trac comment by sra on 2013-09-11T03:48:34Z

sraustein commented 11 years ago

Closed with resolution fixed