What is the correct way to start the openid connector (kopano) with a higher loglevel for debugging? There is a
serveCmd.Flags().String("log-level", "info", "Log level (one of panic, fatal, error, warn, info or debug)")
but how can this be integrated in the container startup on UCS?
Hi @thommie,
you can set the loglevel through the configuration file. Its located (in the container and on the host afair) at /etc/kopano/konnectd.cfg .
Thanks for reply. Can I edit it directly, as there is a warning message
WARNING: this file is maintained by univention-directory-listener, manual changes will be overwritten
So I need to use a udm create … command ?
Bye, Thommie
Ah yes, indeed. Looking at the code of the app at https://github.com/univention/openid-connect-provider/blob/02e492f22583197d0e01d70c4fbc304a7fbfa0b1/app/configure#L45-L60 it looks like these values are indeed best set through the ucr.
Something like this I would say (untested): ucr set oidc_konnectd_log_level=debug
Hm, I tested this but without success. No change for konnectd.cfg after a
ucr set oidc_konnectd_log_level=debug
I also tested
ucr set oidc/konnectd/log-level=debug
as we already have a similar oidc/konnectd/issuer_identifier object in the ucr which appears in the cfg file as
oidc_issuer_identifier=https://ucs-sso.netzwissen.de
But after both tests I see no changes in the cfg file ;-(.
Info: the standard syntax for the debug values is here:
Do we really need an ucr object and not an udm object instead? Logically UCR makes sense because its a config for the whole container. I am only a bit puzzled because the cfg file header states “this file is maintained by univention-directory-listener” … ???
Hey thommie,
as the OpenID Connect Provider is indeed a Univention App the settings can be set via the univention-app command:
univention-app configure openid-connect-provider --set oidc/konnectd/log_level=debug
Best regards
Jan-Luca