Question #13179
closedFATAL: Ident authentication failed for user "rudder"
Added by kumar ctr over 6 years ago. Updated about 6 years ago.
Description
Installed Rudder on centos and getting the below error:
should i need to create new user rudder in postgresql database or how should i approach here.
please help me here
thanks
kumar
[2018-08-08 19:56:05] INFO application - Use configuration file defined by JVM property -Drudder.configFile : /opt/rudder/etc/rudder-web.properties
[2018-08-08 19:56:05] INFO application - Starting Rudder 4.1.13 web application [build timestamp: 2018-07-17T13:00:45Z]
[2018-08-08 19:56:07] ERROR com.zaxxer.hikari.pool.HikariPool - HikariPool-1 - Exception during pool initialization.
org.postgresql.util.PSQLException: FATAL: Ident authentication failed for user "rudder"
at org.postgresql.core.v3.ConnectionFactoryImpl.doAuthentication(ConnectionFactoryImpl.java:443)
at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:217)
at org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:52)
Updated by Alexis Mousset over 6 years ago
Did you run the initial configuration script: https://www.rudder-project.org/doc-4.1/install-server.html#_initial_configuration_of_your_rudder_root_server_3 ?
Updated by kumar ctr over 6 years ago
yes i ran the script and i am not getting the login prompt and log shows above error
Updated by Alexis Mousset over 6 years ago
Did you install the "rudder-server-root" package?
What does "rudder agent run -i" give on the server?
Does the password given by:
grep rudder.jdbc.password /opt/rudder/etc/rudder-web.properties
matches what is in:
/root/.pgpass
and
grep RUDDER_PSQL_PASSWORD /opt/rudder/etc/rudder-passwords.conf
and is it a random password?
Updated by kumar ctr over 6 years ago
followed the instructions in the below Link
https://www.itzgeek.com/how-tos/linux/centos-how-tos/audit-your-infrastructure-install-rudder-server-on-centos-7-ubuntu-16-04-debian-9.html
And disabled the firewalls
Updated by kumar ctr over 6 years ago
rudder agent run -i" give the below ouput
Rudder agent 4.1.13.release (CFEngine Core 3.10.4)
Node uuid: root
Start execution with config [0]
rudder info: Automatically promoting context scope for 'heartbeat_sent' to namespace visibility, due to pe rsistence
R: [INFO] Starting CFEngine 3.10.4 on host cdtsdvo117p.rxcorp.com (oracle_7 x86_64)
rudder info: Created file '/var/rudder/cfengine-community/state/rudder_expected_reports.26833.csv.tmp', mo de 0600
error: Unable to open template file '/var/rudder/cfengine-community/inputs/rudder_expected_reports.csv' to make '/var/rudder/cfengine-community/state/rudder_expected_reports.26833.csv.tmp'
rudder info: Method '_create_current_expected_reports_file' aborted in some repairs
M| State Technique Component Key Message
E| compliant Common ncf Initialization Configuration library initialization was correct
E| compliant Common Security parameters The internal environme nt security is acceptable
E| compliant Common Red Button Red Button is not in e ffect, continuing as normal...
E| n/a Common Process checking Rudder agent proccesse s check is done by the rudder-agent cron job
E| compliant Common CRON Daemon Cron daemon status was correct
info Inventory inventory An inventory was alrea dy sent less than 8 hours ago
E| compliant Inventory inventory Next inventory schedul ed between 00:00 and 06:00
rudder info: Can't stat file '/var/rudder/cfengine-community/inputs/distributePolicy/1.0/nodeslist.json' o n 'localhost' in files.copy_from promise
E| compliant DistributePolicy Configure ncf Configure configuratio n library was correct
E| n/a DistributePolicy Synchronize policies Rudder server does not need to synchronize its policies
E| n/a DistributePolicy Synchronize files Rudder server does not need to synchronize its shared files
warning DistributePolicy Synchronize resources Cannot copy local node s list
E| compliant DistributePolicy Send inventories to Rudd| No inventory to send
E| compliant server-roles Check logrotate configur| The logrotate configur ation is correct
E| n/a server-roles Check LDAP in rudder-web| Checking LDAP password s is unnecessary on this machine, skipping.
E| n/a server-roles Check LDAP credentials Checking LDAP password s is unnecessary on this machine, skipping.
E| n/a server-roles Check SQL in rudder-weba| Checking SQL passwords is unnecessary on this machine, skipping.
E| n/a server-roles Check SQL credentials Checking SQL passwords is unnecessary on this machine, skipping.
E| n/a server-roles Check rudder-passwords.c| Checking the password files is unnecessary on this machine, skipping...
E| compliant server-roles Check allowed networks c| Allowed networks confi guration is correct
rudder info: Executing 'no timeout' ... '/usr/bin/htpasswd b /opt/rudder/etc/htpasswd-webdav rudder rudde r' an er ror occurred, returned 1
notice: Q: "...n/htpasswd -b /": Updating password for user rudder
rudder info: Last 1 quoted lines were generated by promiser '/usr/bin/htpasswd -b /opt/rudder/etc/htpasswd -webdav rudder rudder'
rudder info: Completed execution of '/usr/bin/htpasswd -b /opt/rudder/etc/htpasswd-webdav rudder rudder'
E| repaired server-roles Check WebDAV credentials Apache WebDAV user and password were updated
R: [INFO] Executing is-active-process on httpd using the systemctl method
R: [ERROR] Promise could not be repaired, error encountered: Check if the service httpd is started using ps
rudder info: Executing 'no timeout' ... '/bin/systemctl --no-ask-password start httpd.service'
error: Finished command related to promiser '/bin/systemctl --no-ask-password start httpd.service' -
rudder info: Completed execution of '/bin/systemctl --no-ask-password start httpd.service'
R: [INFO] Executing start on httpd using the systemctl method
error: Method 'ncf_services' failed in some repairs
R: [ERROR] Promise could not be repaired, error encountered: Run action start on service httpd
error: Method 'service_action' failed in some repairs
R: [ERROR] Promise could not be repaired, error encountered: Start service httpd
error: Method 'service_start' failed in some repairs
R: [ERROR] Promise could not be repaired, error encountered: Ensure that service httpd is running
error: Method 'service_ensure_running_path' failed in some repairs
E| error server-roles Check apache process Check apache process r unning could not be repaired
error: Method 'generic_process_check_process' failed in some repairs
R: [INFO] Executing is-enabled on httpd using the systemctl method
E| compliant server-roles Check apache boot script Check apache boot star ting parameters was correct
R: [INFO] Executing is-active-process on .*java.*/opt/rudder/jetty7/start.jar using the systemctl method
R: [ERROR] Promise could not be repaired, error encountered: Check if the service .*java.*/opt/rudder/jetty7/s tart.jar is started using ps
rudder info: Executing 'no timeout' ... '/sbin/service rudder-jetty start'
rudder info: Completed execution of '/sbin/service rudder-jetty start'
R: [INFO] Executing start on rudder-jetty using the service method
R: [INFO] Promise repaired, made a change: Run action start on service rudder-jetty
R: [INFO] Promise repaired, made a change: Start service rudder-jetty
R: [INFO] Promise repaired, made a change: Ensure that service rudder-jetty is running
E| repaired server-roles Check jetty process Check jetty process running was repaired
E| compliant server-roles Check configuration-repo| The /var/rudder/configuration-repository directory is present
E| compliant server-roles Check configuration-repo| The /var/rudder/configuration-repository git lock file is not present or not older than 5 minutes
rudder info: Executing 'no timeout' ... '/usr/bin/curl --proxy '' s http://localhost:8080/rudder/api/techniqueLibrary/reload |/bin/grep -q OK' an error occurred, returned 1
error: Finished command related to promiser '/usr/bin/curl --proxy '' -s http://localhost:8080/rudder/api/techniqueLibrary/reload |/bin/grep -q OK' -
rudder info: Completed execution of '/usr/bin/curl --proxy '' s http://localhost:8080/rudder/api/techniqueLibrary/reload |/bin/grep -q OK' an error occurred, returned 1
info server-roles Check Technique library | The /opt/rudder/etc/force_technique_reload file is present. Reloading Technique library...
warning server-roles Check Technique library | The Technique library failed to reload. Will try again next time.
error: Method 'root_technique_reload' failed in some repairs
rudder info: Executing 'no timeout' ... '/usr/bin/curl --proxy '' --max-time 240 -s http://localhost:8080/rudder/api/status |/bin/grep -q OK'
error: Finished command related to promiser '/usr/bin/curl --proxy '' --max-time 240 -s http://localhost:8080/rudder/api/status |/bin/grep -q OK' -
rudder info: Automatically promoting context scope for 'site_down_once_http___localhost_8080_rudder_api_status' to namespace visibility, due to persistence
rudder info: Completed execution of '/usr/bin/curl --proxy '' --max-time 240 s http://localhost:8080/rudder/api/status |/bin/grep -q OK' an error occurred, returned 1
E| error server-roles Check rudder status This is the first time the http://localhost:8080/rudder/api/status web interface failed to respond. Deferring the restart.
error: Method 'generic_alive_check' failed in some repairs
rudder info: Executing 'no timeout' ... '/usr/bin/curl --proxy '' --max-time 240 -s http://localhost:8080/endpoint/api/status |/bin/grep -q OK'
error: Finished command related to promiser '/usr/bin/curl --proxy '' --max-time 240 -s http://localhost:8080/endpoint/api/status |/bin/grep -q OK' -
rudder info: Automatically promoting context scope for 'site_down_once_http___localhost_8080_endpoint_api_status' to namespace visibility, due to persistence
rudder info: Completed execution of '/usr/bin/curl --proxy '' --max-time 240 -s http://localhost:8080/endpoint/api/status |/bin/grep -q OK'
E| error server-roles Check endpoint status This is the first time the http://localhost:8080/endpoint/api/status web interface failed to respond. Deferring the restart.
error: Method 'generic_alive_check' failed in some repairs
R: [INFO] Executing is-active-process on /opt/rudder/libexec/slapd using the systemctl method
E| compliant server-roles Check slapd process Check slapd process running was correct
E| compliant server-roles Check PostgreSQL configu| There is no need of specific PostgreSQL configuration on this system
R: [INFO] Executing is-active-process on postgres:.* writer process using the systemctl method
E| compliant server-roles Check postgresql process Check postgresql process running was correct
R: [INFO] Executing is-enabled on postgresql using the systemctl method
E| compliant server-roles Check postgresql boot sc| Check postgresql boot starting parameters was correct
E| compliant Common Binaries update The agent binaries in /var/rudder/cfengine-community/bin are up to date
rudder info: Deleted file '/var/rudder/cfengine-community/state/rudder_expected_reports.26833.csv.tmp'
- Summary #####################################################################
30 components verified in 5 directives
=> 30 components in Enforce mode
-> 17 compliant
-> 2 repaired
-> 8 not-applicable
-> 3 error
execution time: 27.48s ################################################################################
Updated by kumar ctr over 6 years ago
sorry for referring other site if that is the reason for your no answer
waiting for your reply
Updated by Nicolas CHARLES over 6 years ago
Hi Kumar,
Could you check Alexis questions in https://www.rudder-project.org/redmine/issues/13179#note-3 ? Are all the password matching ?
It also seems that there is an issue with service httpd that cannot be started - do you have specific configurations for Apache2 ?
I understand your OS is Oracle 7 ? Do you have a standard postgresql installed, or is it downloaded from Postgresql repository ?
Updated by Benoît PECCATTE about 6 years ago
- Status changed from New to Resolved
Closing since there is no answer.
Feel free to answer and reopen.