Cant launch opsi

dovecot

#1

Hello!
I have just installer opsi in ucs, and downloaded configed.jnpl. After I trying to launch configed.jnpl happens nothing, he just stuck by loadingimage
Can someone help a little bit with tips what can I do?
Thx.


#2

I would try this:

  1. Change in /etc/opsi/opsiconfd.conf:
accepted ciphers = AES128-GCM-SHA256
  1. Restart of opsiconfd

#3

Cant findt this row in opsiconfd.conf.


#4

Oh sorry, you’ve to add this line to the service section.


#5

Can you maybe tell me how to do this?


#6

Hi @maksvell,

just to make sure your OPSI port is open: can you please run

nmap -p 4447 192.168.4.142

from another UCS server/Linux desktop client? This should give output similar to this:

PORT     STATE SERVICE
4447/tcp open  n1-rmgmt

If the port is closed, please check on the UCS server having OPSI installed if the firewall is configured correctly:

ucr search 4447

This should return something like

security/packetfilter/package/opsi4ucs/tcp/4447/all/en: Port for opsi-Webservice
security/packetfilter/package/opsi4ucs/tcp/4447/all: ACCEPT

If this is also the case, please check if the port is actually open using iptables:

iptables -L | grep 4447

This should give output similar to

ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:4447

Last but not least, is the opsiconfd actually running? Check with

ps auxf | grep -v grep | grep opsiconfd

This should return output similar to

5543     28301  1.0  1.7 784292 327652 ?       Sl   Aug21 1859:57 /usr/bin/python /usr/bin/opsiconfd -D
root     28325  0.0  0.0  13064  4032 ?        S    Aug21  24:32 /bin/bash +e /usr/bin/opsiconfd-guard daemon

If no output is printed, let OPSI fix its settings and restart the OPSI process:

opsi-setup --set-rights
systemctl restart opsiconfd.service

Regards,
Timo Denissen


#7

You have to change this section with an editor of your choice (e.g. nanon):

[service]

        # The network interfaces to bind to.
        # This must be the IP address of an network interface.
        # Use 0.0.0.0 to listen to all interfaces
        # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect.
        #
        # Default:
        #   interface = 0.0.0.0

        interface = 0.0.0.0

        # The port where opsiconfd will listen for HTTP requests.
        # Use 0 to disable HTTP protocol
        # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect.
        #
        # Default:
        #   http port = 0

        http port = 0

        # The port where opsiconfd will listen for HTTPS requests.
        # Use 0 to disable HTTPS protocol
        # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect.
        #
        # Default:
        #   https port = 4447

        https port = 4447

        # The location of the server certificate.
        # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect.
        #
        # Default:
        #   ssl server cert = /etc/opsi/opsiconfd.pem

        ssl server cert = /etc/opsi/opsiconfd.pem

        # The location of the server private key
        # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect.
        #
        # Default:
        #   ssl server key = /etc/opsi/opsiconfd.pem

        ssl server key = /etc/opsi/opsiconfd.pem
        accepted ciphers = AES128-GCM-SHA256

#8


Yes Port 4447 is open.
But got 1 failed by opsi-setup --set-rights


#9

Thank you so much, your variant helped.


#10

That’s no failure. If you havn’t bought co-financed modules, you always get this message.


#11

Hi @maksvell,

that message is just a warning that you don’t have a module file installed. That’s like a licence for OPSI which is only needed if you want to use not-yet-free modules for OPSI.

Glad to hear that your problem could be solved :slight_smile:

Regards,
Timo Denissen

PS: I marked the post from @SirTux as the solution to this problem.