Hi,
Our intelmq installation on Ubuntu 20.04 LTS was auto-updated to the versions:
Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ Name Version Architecture Description +++-===============-============-============-=======================================> ii intelmq 2.3.2-1 all Solution for IT security teams for coll> ii intelmq-api 2.3.1-1 all HUG based API for the intelmq project ii intelmq-manager 2.3.1-2 all Graphical interface to manage configura
For some reason intelmq-manager now shows a problem with accessing redis queues as it tries to run
sudo -u www-data sudo -u intelmq intelmqctl --type json list queues-and-status
Traceback (most recent call last): File "/usr/lib/python3/dist-packages/intelmq/lib/pipeline.py", line 286, in count_queued_messages queue_dict[queue] = self.pipe.llen(queue) File "/usr/lib/python3/dist-packages/redis/client.py", line 1671, in llen return self.execute_command('LLEN', name) File "/usr/lib/python3/dist-packages/redis/client.py", line 836, in execute_command conn = self.connection or pool.get_connection(command_name, **options) File "/usr/lib/python3/dist-packages/redis/connection.py", line 1073, in get_connection connection.connect() File "/usr/lib/python3/dist-packages/redis/connection.py", line 544, in connect raise ConnectionError(self._error_message(e)) redis.exceptions.ConnectionError: Error 111 connecting to 127.0.0.1:6379. Connection refused.
systemctl status redis.service indicates there's a problem starting redis:
May 03 15:48:20 ourhost systemd[1]: Failed to start Advanced key-value store. May 03 15:48:20 ourhost systemd[1]: redis-server.service: Scheduled restart job, restart counter is at 5. May 03 15:48:20 ourhost systemd[1]: Stopped Advanced key-value store. May 03 15:48:20 ourhost systemd[1]: redis-server.service: Start request repeated too quickly. May 03 15:48:20 ourhost systemd[1]: redis-server.service: Failed with result 'exit-code'. May 03 15:48:20 ourhost systemd[1]: Failed to start Advanced key-value store.
Don't know whether this has anything to do with the package update or is this an independent problem but hints as to how to remedy this would be welcome.
Br, Mika
Hi Mika,
On 5/3/21 3:03 PM, Mika Silander wrote:
systemctl status redis.service indicates there's a problem starting redis:
May 03 15:48:20 ourhost systemd[1]: Failed to start Advanced key-value store. May 03 15:48:20 ourhost systemd[1]: redis-server.service: Scheduled restart job, restart counter is at 5. May 03 15:48:20 ourhost systemd[1]: Stopped Advanced key-value store. May 03 15:48:20 ourhost systemd[1]: redis-server.service: Start request repeated too quickly. May 03 15:48:20 ourhost systemd[1]: redis-server.service: Failed with result 'exit-code'. May 03 15:48:20 ourhost systemd[1]: Failed to start Advanced key-value store.
Do redis' logs reveal anything useful?
Sebastian
Hi Sebastian,
I'm afraid not much info here:
root@ourhost:~# ls -la /var/log/redis/ total 12 drwxr-s--- 2 redis adm 4096 Apr 4 00:00 . drwxrwxr-x 13 root syslog 4096 May 1 00:00 .. -rw-r--r-- 1 intelmq intelmq 0 Apr 4 00:00 redis-server.log -rw-rw---- 1 redis adm 2917 Mar 31 16:27 redis-server.log.1
However, the ownerships and permissions between the current log file and the (logrotated?) one differ substantially. Could this be the reason?
Br, Mika
----- Original Message ----- From: "Sebastian Wagner" wagner@cert.at To: "Mika Silander" mika.silander@csc.fi, "intelmq-dev" intelmq-dev@lists.cert.at Sent: Monday, 3 May, 2021 16:16:46 Subject: Re: [IntelMQ-dev] Redis failing to start after intelmq* package update
Hi Mika,
On 5/3/21 3:03 PM, Mika Silander wrote:
systemctl status redis.service indicates there's a problem starting redis:
May 03 15:48:20 ourhost systemd[1]: Failed to start Advanced key-value store. May 03 15:48:20 ourhost systemd[1]: redis-server.service: Scheduled restart job, restart counter is at 5. May 03 15:48:20 ourhost systemd[1]: Stopped Advanced key-value store. May 03 15:48:20 ourhost systemd[1]: redis-server.service: Start request repeated too quickly. May 03 15:48:20 ourhost systemd[1]: redis-server.service: Failed with result 'exit-code'. May 03 15:48:20 ourhost systemd[1]: Failed to start Advanced key-value store.
Do redis' logs reveal anything useful?
Sebastian
Hi,
On 5/3/21 3:25 PM, Mika Silander wrote:
I'm afraid not much info here:
But very strange.
root@ourhost:~# ls -la /var/log/redis/ total 12 drwxr-s--- 2 redis adm 4096 Apr 4 00:00 . drwxrwxr-x 13 root syslog 4096 May 1 00:00 .. -rw-r--r-- 1 intelmq intelmq 0 Apr 4 00:00 redis-server.log -rw-rw---- 1 redis adm 2917 Mar 31 16:27 redis-server.log.1
However, the ownerships and permissions between the current log file and the (logrotated?) one differ substantially. Could this be the reason?
Did you try? But I have no clue why intelmq is the owner of those files now. I see nothing relevant in our packaging scripts (postinst etc) and the logrotate configuration. Maybe Birger has an idea?
Sebastian
Br, Mika
----- Original Message ----- From: "Sebastian Wagner" wagner@cert.at To: "Mika Silander" mika.silander@csc.fi, "intelmq-dev" intelmq-dev@lists.cert.at Sent: Monday, 3 May, 2021 16:16:46 Subject: Re: [IntelMQ-dev] Redis failing to start after intelmq* package update
Hi Mika,
On 5/3/21 3:03 PM, Mika Silander wrote:
systemctl status redis.service indicates there's a problem starting redis:
May 03 15:48:20 ourhost systemd[1]: Failed to start Advanced key-value store. May 03 15:48:20 ourhost systemd[1]: redis-server.service: Scheduled restart job, restart counter is at 5. May 03 15:48:20 ourhost systemd[1]: Stopped Advanced key-value store. May 03 15:48:20 ourhost systemd[1]: redis-server.service: Start request repeated too quickly. May 03 15:48:20 ourhost systemd[1]: redis-server.service: Failed with result 'exit-code'. May 03 15:48:20 ourhost systemd[1]: Failed to start Advanced key-value store.
Do redis' logs reveal anything useful?
Sebastian
Hi,
On 5/3/21 3:40 PM, Sebastian Wagner wrote:
Hi,
On 5/3/21 3:25 PM, Mika Silander wrote:
I'm afraid not much info here:
But very strange.
root@ourhost:~# ls -la /var/log/redis/ total 12 drwxr-s--- 2 redis adm 4096 Apr 4 00:00 . drwxrwxr-x 13 root syslog 4096 May 1 00:00 .. -rw-r--r-- 1 intelmq intelmq 0 Apr 4 00:00 redis-server.log -rw-rw---- 1 redis adm 2917 Mar 31 16:27 redis-server.log.1
However, the ownerships and permissions between the current log file
and the (logrotated?) one
differ substantially. Could this be the reason?
Did you try? But I have no clue why intelmq is the owner of those files now. I see nothing relevant in our packaging scripts (postinst etc) and the logrotate configuration. Maybe Birger has an idea?
not really. The intelmq user should not even be able to read files in the /var/log/redis directory, much less create a file. The redis-server.log file is empty, so I would just delete it and try again, though it would be interesting to find out how the file got created with these ownership settings in the first place.
cheers, Birger
Sebastian
Br, Mika
----- Original Message ----- From: "Sebastian Wagner" wagner@cert.at To: "Mika Silander" mika.silander@csc.fi, "intelmq-dev" intelmq-dev@lists.cert.at Sent: Monday, 3 May, 2021 16:16:46 Subject: Re: [IntelMQ-dev] Redis failing to start after intelmq* package update
Hi Mika,
On 5/3/21 3:03 PM, Mika Silander wrote:
systemctl status redis.service indicates there's a problem starting
redis:
May 03 15:48:20 ourhost systemd[1]: Failed to start Advanced key-value store. May 03 15:48:20 ourhost systemd[1]: redis-server.service: Scheduled restart job, restart counter is at 5. May 03 15:48:20 ourhost systemd[1]: Stopped Advanced key-value store. May 03 15:48:20 ourhost systemd[1]: redis-server.service: Start request repeated too quickly. May 03 15:48:20 ourhost systemd[1]: redis-server.service: Failed with
result 'exit-code'.
May 03 15:48:20 ourhost systemd[1]: Failed to start Advanced key-value store.
Do redis' logs reveal anything useful?
Sebastian
IntelMQ-dev mailing list https://lists.cert.at/cgi-bin/mailman/listinfo/intelmq-dev https://intelmq.readthedocs.io/
Hi Sebastian,
Yes, it's odd. Fixing the ownership + permissions of redis-server.log to match the ones of redis-server.log.1 solved the problem but I have no idea as to why and how the ownership had changed.
Br, Mika
----- Original Message ----- From: "Sebastian Wagner" wagner@cert.at To: "Mika Silander" mika.silander@csc.fi, "intelmq-dev" intelmq-dev@lists.cert.at Sent: Monday, 3 May, 2021 16:40:56 Subject: Re: [IntelMQ-dev] Redis failing to start after intelmq* package update
Hi,
On 5/3/21 3:25 PM, Mika Silander wrote:
I'm afraid not much info here:
But very strange.
root@ourhost:~# ls -la /var/log/redis/ total 12 drwxr-s--- 2 redis adm 4096 Apr 4 00:00 . drwxrwxr-x 13 root syslog 4096 May 1 00:00 .. -rw-r--r-- 1 intelmq intelmq 0 Apr 4 00:00 redis-server.log -rw-rw---- 1 redis adm 2917 Mar 31 16:27 redis-server.log.1
However, the ownerships and permissions between the current log file and the (logrotated?) one differ substantially. Could this be the reason?
Did you try? But I have no clue why intelmq is the owner of those files now. I see nothing relevant in our packaging scripts (postinst etc) and the logrotate configuration. Maybe Birger has an idea?
Sebastian
Br, Mika
----- Original Message ----- From: "Sebastian Wagner" wagner@cert.at To: "Mika Silander" mika.silander@csc.fi, "intelmq-dev" intelmq-dev@lists.cert.at Sent: Monday, 3 May, 2021 16:16:46 Subject: Re: [IntelMQ-dev] Redis failing to start after intelmq* package update
Hi Mika,
On 5/3/21 3:03 PM, Mika Silander wrote:
systemctl status redis.service indicates there's a problem starting redis:
May 03 15:48:20 ourhost systemd[1]: Failed to start Advanced key-value store. May 03 15:48:20 ourhost systemd[1]: redis-server.service: Scheduled restart job, restart counter is at 5. May 03 15:48:20 ourhost systemd[1]: Stopped Advanced key-value store. May 03 15:48:20 ourhost systemd[1]: redis-server.service: Start request repeated too quickly. May 03 15:48:20 ourhost systemd[1]: redis-server.service: Failed with result 'exit-code'. May 03 15:48:20 ourhost systemd[1]: Failed to start Advanced key-value store.
Do redis' logs reveal anything useful?
Sebastian