[sr-dev] [SR-Users] kamailio 3.1.3 fail to start as a service when load the ldap.so module

laura testi lau.testi at gmail.com
Tue Jun 21 12:33:08 CEST 2011


The LDAP server is running on another machine in the same LAN without any
firewall.

As by your suggestion, I change the user and group from kamailio to root in
the /etc/default/kamilio file. Now it works.

Why I can not run the kamailio as the user kamailio as the default
installation set? (I install the kamilio from rpm and the user and group of
kamailio are already created by the installation)

wuthout ldap.so, I can run the kamilio from the user kamailio normally when
I run "service kamailio start" from root.





On Tue, Jun 21, 2011 at 12:07 PM, Daniel-Constantin Mierla <
miconda at gmail.com> wrote:

>  Hello,
>
> interesting, is the ldap server running on same server? Is the connection
> via local network?
>
> When starting as service, kamailio is probably run under user kamailio. Any
> firewall in place or system restrictions for user 'kamailio'?
>
> You can change the user/group for kamailio service in /etc/default/kamailio
>
> Cheers,
> Daniel
>
>
> On 6/21/11 12:00 PM, laura testi wrote:
>
> Hi Daniel,
> thank you very much for your quick reply. Yes I can connect to ldap and
> make search from kamailio if I start the kamailio with command line in a
> terminal ("# kamctl start" or "#kamailio") as root.It fail to connect to
> ldap only when I start it as service from the boot or I run the command
> "service kamailio start".
>
> Best Regards,
> Peng
>
>
>
> On Tue, Jun 21, 2011 at 11:48 AM, Daniel-Constantin Mierla <
> miconda at gmail.com> wrote:
>
>>  Hello,
>>
>> the first error I could spot related to ldap is:
>>
>> Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8786]: ERROR: ldap
>> [ldap_connect.c:166]: [sipaccounts]: ldap bind failed: Can't contact LDAP
>> server
>>
>>  suggesting connectivity problem to ldap server. Is it running? Can you
>> connect to ldap server from a terminal?
>>
>> Cheers,
>> Daniel
>>
>>
>> On 6/21/11 11:39 AM, laura testi wrote:
>>
>>  Hi,
>> we try to use LDAP module in kamailio, first we try only load the ldap.so
>> only to see if it can be loaded. When we start from the command line with
>> either "kamctl start" or directly "kamilio", the kamailio is started
>> normally with different children. When I try to start as service with
>> "service kamailio start" or "/etc/init.d/kamailio start". It fails with the
>> following error in the /var/log/messages:
>>
>> ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>>
>> Jun 21 10:28:39 kamailio3p1 kamailio: INFO: <core> [tcp_main.c:4716]:
>> init_tcp: using epoll_lt as the io watch method (auto detected)
>>
>> Jun 21 10:28:39 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: usrloc
>> [hslot.c:53]: locks array size 512
>>
>> Jun 21 10:28:39 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: auth
>> [auth_mod.c:312]: auth: qop set, but nonce-count (nc_enabled) support
>> disabled
>>
>> Jun 21 10:28:39 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: permissions
>> [parse_config.c:251]: file not found: //etc/kamailio/permissions.allow
>>
>> Jun 21 10:28:39 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: permissions
>> [permissions.c:606]: default allow file (//etc/kamailio/permissions.allow)
>> not found => empty rule set
>>
>> Jun 21 10:28:39 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: permissions
>> [parse_config.c:251]: file not found: //etc/kamailio/permissions.deny
>>
>> Jun 21 10:28:39 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: permissions
>> [permissions.c:615]: default deny file (//etc/kamailio/permissions.deny) not
>> found => empty rule set
>>
>> Jun 21 10:28:39 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: ldap
>> [ldap_mod.c:246]: OpenLDAP - 20343
>>
>> Jun 21 10:28:39 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_init.c:511]: tls: _init_tls_h:  compiled  with  openssl  version
>> "OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008" (0x0090802f), kerberos support: on,
>> compression: on
>>
>> Jun 21 10:28:39 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_init.c:519]: tls: init_tls_h: installed openssl library version
>> "OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008" (0x0090802f), kerberos support: on,
>> zlib compression: on  compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB
>> -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DKRB5_MIT
>> -I/usr/kerberos/include -DL_ENDIAN -DTERMIO -Wall -DMD32_REG_T=int -O2 -g
>> -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector
>> --param=ssp-buffer-size=4 -m64 -mtune=generic -Wa,--noexecstack
>> -DOPENSSL_USE_NEW_FUNCTIONS -fno-strict-aliasing -DOPENSSL_BN_ASM_MONT
>> -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM
>>
>> Jun 21 10:28:39 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_init.c:373]: tls: init_tls: disabling compression...
>>
>> Jun 21 10:28:39 kamailio3p1 /usr/sbin/kamailio[8774]: WARNING: tls
>> [tls_init.c:564]: tls: init_tls_h: openssl kerberos malloc bug detected,
>> kerberos support will be disabled...
>>
>> Jun 21 10:28:39 kamailio3p1 /usr/sbin/kamailio[8774]: WARNING: tls
>> [tls_init.c:587]: tls: openssl bug #1491 (crash/mem leaks on low memory)
>> workaround enabled (on low memory tls operations will fail preemptively)
>> with free memory thresholds 9961472 and 4980736 bytes
>>
>> Jun 21 10:28:39 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: <core>
>> [cfg/cfg_ctx.c:411]: INFO: cfg_set_now(): tls.low_mem_threshold1 has been
>> changed to 9961472
>>
>> Jun 21 10:28:39 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: <core>
>> [cfg/cfg_ctx.c:411]: INFO: cfg_set_now(): tls.low_mem_threshold2 has been
>> changed to 4980736
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: <core>
>> [udp_server.c:178]: INFO: udp_init: SO_RCVBUF is initially 129024
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: <core>
>> [udp_server.c:229]: INFO: udp_init: SO_RCVBUF is finally 262142
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: <core>
>> [udp_server.c:178]: INFO: udp_init: SO_RCVBUF is initially 129024
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: <core>
>> [udp_server.c:229]: INFO: udp_init: SO_RCVBUF is finally 262142
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:176]: TLSs<default>: tls_method=9
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:188]: TLSs<default>:
>> certificate='//etc/kamailio/FBCIDS01V01.pem'
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:195]: TLSs<default>: ca_list='//etc/kamailio/tiglobalca.pem'
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:202]: TLSs<default>: crl='(null)'
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:206]: TLSs<default>: require_certificate=0
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:213]: TLSs<default>: cipher_list='(null)'
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:220]: TLSs<default>:
>> private_key='//etc/kamailio/FBCIDS01V01KEY.pem'
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:224]: TLSs<default>: verify_certificate=0
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:227]: TLSs<default>: verify_depth=9
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:544]: TLSs<default>: No client certificate required and no
>> checks performed
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:597]: tls: set_ssl_options: detected openssl version (90802f)
>> has the SSL_OP_TLS_BLOCK_PADDING bug, but compression  is disabled so no
>> workaround is needed
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:176]: TLSc<default>: tls_method=9
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:188]: TLSc<default>: certificate='(null)'
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:195]: TLSc<default>: ca_list='(null)'
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:202]: TLSc<default>: crl='(null)'
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:206]: TLSc<default>: require_certificate=0
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:213]: TLSc<default>: cipher_list='(null)'
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:220]: TLSc<default>: private_key='(null)'
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:224]: TLSc<default>: verify_certificate=0
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:227]: TLSc<default>: verify_depth=9
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:547]: TLSc<default>: Server MAY present invalid certificate
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:597]: tls: set_ssl_options: detected openssl version (90802f)
>> has the SSL_OP_TLS_BLOCK_PADDING bug, but compression  is disabled so no
>> workaround is needed
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:176]: TLSs<10.10.5.214:5061>: tls_method=12
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:188]: TLSs<10.10.5.214:5061>:
>> certificate='//etc/kamailio/FBCIDS01V01.pem'
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:195]: TLSs<10.10.5.214:5061>:
>> ca_list='//etc/kamailio/tiglobalca.pem'
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:202]: TLSs<10.10.5.214:5061>: crl='(null)'
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:206]: TLSs<10.10.5.214:5061>: require_certificate=0
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:213]: TLSs<10.10.5.214:5061>: cipher_list='(null)'
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:220]: TLSs<10.10.5.214:5061>:
>> private_key='//etc/kamailio/FBCIDS01V01KEY.pem'
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:224]: TLSs<10.10.5.214:5061>: verify_certificate=0
>>
>> Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:227]: TLSs<10.10.5.214:5061>: verify_depth=9
>>
>> Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:544]: TLSs<10.10.5.214:5061>: No client certificate
>> required and no checks performed
>>
>> Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls
>> [tls_domain.c:597]: tls: set_ssl_options: detected openssl version (90802f)
>> has the SSL_OP_TLS_BLOCK_PADDING bug, but compression  is disabled so no
>> workaround is needed
>>
>> Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8786]: ERROR: ldap
>> [ldap_connect.c:166]: [sipaccounts]: ldap bind failed: Can't contact LDAP
>> server
>>
>> Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8786]: ERROR: ldap
>> [ldap_mod.c:182]: [sipaccounts]: failed to connect to LDAP host(s)
>>
>> Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8786]: ERROR: <core>
>> [sr_module.c:832]: init_mod_child(): Error while initializing module ldap
>> (/usr/lib64/kamailio/modules_k/ldap.so)
>>
>> Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8786]: ERROR: <core>
>> [pt.c:337]: ERROR: fork_process(): init_child failed for  process 1, pid
>> 8786, "udp receiver child=0 sock=127.0.0.1:5060"
>>
>> Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8786]: : <core>
>> [main.c:1546]: main_loop: Cannot fork
>>
>> Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8788]: ERROR: ldap
>> [ldap_connect.c:166]: [sipaccounts]: ldap bind failed: Can't contact LDAP
>> server
>>
>> Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8788]: ERROR: ldap
>> [ldap_mod.c:182]: [sipaccounts]: failed to connect to LDAP host(s)
>>
>> Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8788]: ERROR: <core>
>> [sr_module.c:832]: init_mod_child(): Error while initializing module ldap
>> (/usr/lib64/kamailio/modules_k/ldap.so)
>>
>> Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8788]: ERROR: <core>
>> [pt.c:337]: ERROR: fork_process(): init_child failed for  process 2, pid
>> 8788, "udp receiver child=1 sock=127.0.0.1:5060"
>>
>> Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8788]: : <core>
>> [main.c:1546]: main_loop: Cannot fork
>>
>> Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8774]: ALERT: <core>
>> [main.c:738]: child process 8786 exited normally, status=255
>>
>> Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8774]: ALERT: <core>
>> [main.c:738]: child process 8788 exited normally, status=255
>>
>> Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: <core>
>> [main.c:756]: INFO: terminating due to SIGCHLD
>>
>> Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8801]: INFO: <core>
>> [main.c:807]: INFO: signal 15 received
>>
>> Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8799]: INFO: <core>
>> [main.c:807]: INFO: signal 15 received
>>
>> Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8797]: INFO: <core>
>> [main.c:807]: INFO: signal 15 received
>>
>> Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8795]: INFO: <core>
>> [main.c:807]: INFO: signal 15 received
>>
>> Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8793]: INFO: <core>
>> [main.c:807]: INFO: signal 15 received
>>
>> Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8790]: INFO: <core>
>> [main.c:807]: INFO: signal 15 received
>>
>> Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8812]: INFO: <core>
>> [main.c:807]: INFO: signal 15 received
>>
>> Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8808]: INFO: <core>
>> [main.c:807]: INFO: signal 15 received
>>
>> Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8810]: INFO: <core>
>> [main.c:807]: INFO: signal 15 received
>>
>> Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8814]: INFO: <core>
>> [main.c:807]: INFO: signal 15 received
>>
>> Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8816]: INFO: <core>
>> [main.c:807]: INFO: signal 15 received
>> ...
>>
>> --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>>
>> Without ldap.so loaded, we can start the kamailio as a service normally
>> with "service kamailio start".
>> The platform running kamailio is: RHEL5.6_X64
>>
>>
>> Can you help us please? Because we want to start the kamailio as a service
>> from the boot
>>
>>
>> Thanks a lot in advanced!
>>
>>
>> Best Regards,
>> Laura
>>
>>
>>
>>  _______________________________________________
>> sr-dev mailing listsr-dev at lists.sip-router.orghttp://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
>>
>>
>> --
>> Daniel-Constantin Mierla -- http://www.asipto.comhttp://linkedin.com/in/miconda -- http://twitter.com/miconda
>>
>>
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing listsr-users at lists.sip-router.orghttp://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>
>
> --
> Daniel-Constantin Mierla -- http://www.asipto.comhttp://linkedin.com/in/miconda -- http://twitter.com/miconda
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-dev/attachments/20110621/799fd7e7/attachment-0001.htm>


More information about the sr-dev mailing list