Astaro User Bulletin Board
Go Back   Astaro User Bulletin Board > Astaro Gateway Products > General Discussion and Feature Requests
Reload this Page Can't login to webmin [7.305]
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Welcome to the Astaro User Bulletin Board.
If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Page 1 of 3 1 23
Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 12-25-2008, 08:16 AM
Moderator
  
Join Date: Jul 2001
Location: southern California
Posts: 4,178
Exclamation /tmp FULL -- Can't login to webmin and VPN [7.305]
Hi,
I was going to post that I can no longer log into the VPN using the Linux OpenVPN client, however, I now see that I can't login to webmin either.
"Invalid username or password."


1. Is there still a problem with db corruption or whatever which could cause this?

2. would VPN login failures lock my account from webmin?

3. I can login via SSH. What should I do now?

I first noticed the VPN login wasn't working yesterday.

I've been running 7.305 for 28 days. That is also the last time the firewall was rebooted, and it is on a large UPS.

dmesg shows no errors

kernel logs are empty all this month except for 2 occasions where I power cycled my internal ethernet switch, for which there are the expected link down/link up messages.

httpd.log has nothing unusual



Also, I'm not getting emails about the webmin login failures.

Thanks,
Barry
__________________
Home & business end-user since v1.x
  • ASL 6.3x, HP DL145 Dual Opteron, 1GB RAM, 6 gigE NICs, 50-IP Platinum License
  • ASL 7.3x, Dell PE1550 Dual PIII 1GHz, 1GB RAM, 2 NICs, 50-IP Platinum License
  • ASL 7.460β, 17-watt fanless mini-ITX system: MSI IM-945GSE-A Atom n270, 2GB RAM, Morex T3310 case. 2 Intel GigE, 3 VLANs. 80G 5200rpm 2.5" HD
    Netgear GS108T gigE VLAN switch & Linksys WRT54G WAP
    Total network infrastructure: 27 watts. 50-IP Home User License. FiOS 10mb/4mb
Last edited by BarryG; 12-25-2008 at 08:36 AM.
Reply With Quote
  #2 (permalink)  
Old 12-25-2008, 08:18 AM
Moderator
  
Join Date: Jul 2001
Location: southern California
Posts: 4,178
Default
confd.log during a login attempt:

Code:
2008:12:25-01:15:10 (none) confd[10320]: id="3106" severity="info" sys="System" sub="confd" name="authentication successful" client="dns-resolver.plx" facility="system" user="system" srcip="127.0.0.1"
2008:12:25-01:15:10 (none) confd[10320]: id="3100" severity="info" sys="System" sub="confd" name="closing session DtYgFaPkscQkMJhdptGB: logout" client="dns-resolver.plx" facility="system" user="system" srcip="127.0.0.1"
2008:12:25-01:15:16 (none) confd[10204]: id="3100" severity="info" sys="System" sub="confd" name="logout" client="index.plx" facility="" user="system" srcip="0.0.0.0"
2008:12:25-01:15:17 (none) confd[10325]: id="310o" severity="warn" sys="System" sub="confd" name="authentication failed" client="index.plx" facility="webadmin" user="barry" srcip="192.168.11.230"
2008:12:25-01:15:17 (none) confd[10325]: id="3100" severity="warn" sys="System" sub="confd" name="PERM_DENIED (permission denied)" client="index.plx" facility="webadmin" user="anonymous" srcip="192.168.11.230"
2008:12:25-01:15:17 (none) confd[10325]: id="3100" severity="info" sys="System" sub="confd" name="logout" client="index.plx" facility="webadmin" user="anonymous" srcip="192.168.11.230"
__________________
Home & business end-user since v1.x
  • ASL 6.3x, HP DL145 Dual Opteron, 1GB RAM, 6 gigE NICs, 50-IP Platinum License
  • ASL 7.3x, Dell PE1550 Dual PIII 1GHz, 1GB RAM, 2 NICs, 50-IP Platinum License
  • ASL 7.460β, 17-watt fanless mini-ITX system: MSI IM-945GSE-A Atom n270, 2GB RAM, Morex T3310 case. 2 Intel GigE, 3 VLANs. 80G 5200rpm 2.5" HD
    Netgear GS108T gigE VLAN switch & Linksys WRT54G WAP
    Total network infrastructure: 27 watts. 50-IP Home User License. FiOS 10mb/4mb
Reply With Quote
  #3 (permalink)  
Old 12-25-2008, 08:19 AM
Moderator
  
Join Date: Jul 2001
Location: southern California
Posts: 4,178
Default /tmp is FULL :(
Code:
 ll /tmp/
total 673960
-rw------- 1 root root     12288 Dec 23 12:43 aua_auth_cache.db
-rw-r--r-- 1 root root         0 Dec 25 01:15 aua_auth_cache.db.lock
-rw-r--r-- 1 root root         0 Dec 25 01:15 aua_confd_cache.db.lock
-rw------- 1 root root  32098548 Dec 25 01:18 confd-debug.log
-rw------- 1 root root     20480 Dec 25 01:17 dnsresolver.db
-rw-r--r-- 1 root root         0 Dec 25 01:17 dnsresolver.db.lock
-rw------- 1 root root     68285 Dec 24 03:03 mdwdebug.log
-rw------- 1 root root 657244160 Dec 25 01:18 netacc_sql.cache
drwxr-xr-x 2 root root      4096 Dec 25 00:00 pdk-root
__________________
Home & business end-user since v1.x
  • ASL 6.3x, HP DL145 Dual Opteron, 1GB RAM, 6 gigE NICs, 50-IP Platinum License
  • ASL 7.3x, Dell PE1550 Dual PIII 1GHz, 1GB RAM, 2 NICs, 50-IP Platinum License
  • ASL 7.460β, 17-watt fanless mini-ITX system: MSI IM-945GSE-A Atom n270, 2GB RAM, Morex T3310 case. 2 Intel GigE, 3 VLANs. 80G 5200rpm 2.5" HD
    Netgear GS108T gigE VLAN switch & Linksys WRT54G WAP
    Total network infrastructure: 27 watts. 50-IP Home User License. FiOS 10mb/4mb
Reply With Quote
  #4 (permalink)  
Old 12-25-2008, 08:23 AM
Moderator
  
Join Date: Jul 2001
Location: southern California
Posts: 4,178
Default
Not sure if I should delete any of those files... they all have a current timestamp.

deleted mdwdebug.log as it's older, but I still can't login.

going to try reboot...

Barry
__________________
Home & business end-user since v1.x
  • ASL 6.3x, HP DL145 Dual Opteron, 1GB RAM, 6 gigE NICs, 50-IP Platinum License
  • ASL 7.3x, Dell PE1550 Dual PIII 1GHz, 1GB RAM, 2 NICs, 50-IP Platinum License
  • ASL 7.460β, 17-watt fanless mini-ITX system: MSI IM-945GSE-A Atom n270, 2GB RAM, Morex T3310 case. 2 Intel GigE, 3 VLANs. 80G 5200rpm 2.5" HD
    Netgear GS108T gigE VLAN switch & Linksys WRT54G WAP
    Total network infrastructure: 27 watts. 50-IP Home User License. FiOS 10mb/4mb
Reply With Quote
  #5 (permalink)  
Old 12-25-2008, 08:35 AM
Moderator
  
Join Date: Jul 2001
Location: southern California
Posts: 4,178
Default
rebooted.
can login to webmin again.
will try vpn later

/tmp looks better for now
Code:
 ll /tmp
total 136
-rw------- 1 root     root     12288 Dec 25 01:27 aua_auth_cache.db
-rw-r--r-- 1 root     root         0 Dec 25 01:28 aua_auth_cache.db.lock
-rw------- 1 root     root     12288 Dec 25 01:28 aua_confd_cache.db
-rw-r--r-- 1 root     root         0 Dec 25 01:28 aua_confd_cache.db.lock
-rw-r--r-- 1 root     root       196 Dec 25 01:27 auadebug.log
-rw------- 1 root     root     43098 Dec 25 01:29 confd-debug.log
-rw-r--r-- 1 root     root         9 Dec 25 01:28 dhcpd-interfaces
-rw------- 1 root     root     12288 Dec 25 01:28 dnsresolver.db
-rw-r--r-- 1 root     root         0 Dec 25 01:28 dnsresolver.db.lock
-rw-r--r-- 1 root     root         0 Dec 25 01:27 dnsresolver.log
-rw------- 1 root     root     41324 Dec 25 01:28 mdwdebug.log
drwxr-xr-x 2 root     root      4096 Dec 25 01:27 pdk-root
-rw------- 1 postgres postgres    77 Dec 25 01:27 postgres.log

I'm lowering the IPS, PacketFilter, and Accounting settings to "2 weeks" for now; they were set to "1 month".

Drive is a 20GB, fwiw.

Barry
__________________
Home & business end-user since v1.x
  • ASL 6.3x, HP DL145 Dual Opteron, 1GB RAM, 6 gigE NICs, 50-IP Platinum License
  • ASL 7.3x, Dell PE1550 Dual PIII 1GHz, 1GB RAM, 2 NICs, 50-IP Platinum License
  • ASL 7.460β, 17-watt fanless mini-ITX system: MSI IM-945GSE-A Atom n270, 2GB RAM, Morex T3310 case. 2 Intel GigE, 3 VLANs. 80G 5200rpm 2.5" HD
    Netgear GS108T gigE VLAN switch & Linksys WRT54G WAP
    Total network infrastructure: 27 watts. 50-IP Home User License. FiOS 10mb/4mb
Last edited by BarryG; 12-25-2008 at 08:46 AM.
Reply With Quote
  #6 (permalink)  
Old 12-25-2008, 08:49 AM
Moderator
  
Join Date: Jul 2001
Location: southern California
Posts: 4,178
Default
FWIW, I'm currently setting up v7 at work; server has 73GB SCSI disks, and a lot more traffic than I have at home. v6 has been working great, but I need to be sure that v7 won't have problems with accounting, etc. I like how I can keep MANY months of accounting data in v6; I'm not sure what I'll be able to do in v7, but it'd be nice to know.

Thanks,
Barry
__________________
Home & business end-user since v1.x
  • ASL 6.3x, HP DL145 Dual Opteron, 1GB RAM, 6 gigE NICs, 50-IP Platinum License
  • ASL 7.3x, Dell PE1550 Dual PIII 1GHz, 1GB RAM, 2 NICs, 50-IP Platinum License
  • ASL 7.460β, 17-watt fanless mini-ITX system: MSI IM-945GSE-A Atom n270, 2GB RAM, Morex T3310 case. 2 Intel GigE, 3 VLANs. 80G 5200rpm 2.5" HD
    Netgear GS108T gigE VLAN switch & Linksys WRT54G WAP
    Total network infrastructure: 27 watts. 50-IP Home User License. FiOS 10mb/4mb
Reply With Quote
  #7 (permalink)  
Old 12-26-2008, 02:21 PM
KSeemann's Avatar
Senior Member
  
Join Date: Jul 2004
Location: Germany
Posts: 157
Default
Hi BarryG,

looking at the Name of the biggest File in /tmp/ i am assuming, that something had gone wrong with the Network Accounting. Maybe it was not able to dump the detail Data in to the SQL Database so the temporary File never shrunk.

Quote:
Originally Posted by BarryG View Post
Code:
-rw------- 1 root root 657244160 Dec 25 01:18 netacc_sql.cache
And on my 80GB Disk the /tmp/ is still only 1.8GB big, so a bigger Disk might have bought you only a few days (depending on when the Problem startet of course...). The /var/log/ is 36GB big, so it should be able to hold some Water. 1 Month of Logfiles consumes 1% here. But being a Home User with v7, i have no Idea how that scales...

With the v6 at Work i had to dial down the Log Archive to 90 Days, because 1 Year would not fit on the 32GB Log Partition (on a 73GB Disk).The 90 Days consume 25% of /var/log/. On a realy busy Day i get up to 1GB in Logs witch results in a 65MB tgz compressed File in the remote Log Archive.
__________________
Astaro V7.4 Beta at Home - VIA PD10000 / 1GB Ram / 80 GB Hdd
Astaro V6.314 at Work - HP DL360G3 / 2x3Ghz / 3GB Ram / 76 GB Hdd
Reply With Quote
  #8 (permalink)  
Old 12-27-2008, 12:47 AM
Moderator
  
Join Date: Jul 2001
Location: southern California
Posts: 4,178
Default
My /tmp is 688M, and after 1.7days uptime, the accounting file is at 43MB.
Note that I've already lowered my accounting settings to only keep 2 weeks.

Also, I am now able to login to the VPN again, at least internally

Thanks,
Barry
__________________
Home & business end-user since v1.x
  • ASL 6.3x, HP DL145 Dual Opteron, 1GB RAM, 6 gigE NICs, 50-IP Platinum License
  • ASL 7.3x, Dell PE1550 Dual PIII 1GHz, 1GB RAM, 2 NICs, 50-IP Platinum License
  • ASL 7.460β, 17-watt fanless mini-ITX system: MSI IM-945GSE-A Atom n270, 2GB RAM, Morex T3310 case. 2 Intel GigE, 3 VLANs. 80G 5200rpm 2.5" HD
    Netgear GS108T gigE VLAN switch & Linksys WRT54G WAP
    Total network infrastructure: 27 watts. 50-IP Home User License. FiOS 10mb/4mb
Reply With Quote
  #9 (permalink)  
Old 12-31-2008, 09:19 PM
Moderator
  
Join Date: Jul 2001
Location: southern California
Posts: 4,178
Default still growing...
I think there's still a problem...

Code:
loginuser@fw:/tmp > uptime
  2:17pm  up 6 days 12:51,  1 user,  load average: 0.67, 0.31, 0.31
loginuser@fw:/tmp > ll /tmp/
total 175916
-rw------- 1 root      root         12288 Dec 25 23:04 aua_auth_cache.db
-rw-r--r-- 1 root      root             0 Dec 25 23:04 aua_auth_cache.db.lock
-rw------- 1 root      root         12288 Dec 25 23:04 aua_confd_cache.db
-rw-r--r-- 1 root      root             0 Dec 25 23:04 aua_confd_cache.db.lock
-rw-r--r-- 1 root      root           196 Dec 25 01:27 auadebug.log
-rw------- 1 root      root       7840415 Dec 31 14:17 confd-debug.log
-rw-r--r-- 1 root      root             9 Dec 25 01:28 dhcpd-interfaces
-rw------- 1 root      root         20480 Dec 31 14:16 dnsresolver.db
-rw-r--r-- 1 root      root             0 Dec 31 14:16 dnsresolver.db.lock
-rw-r--r-- 1 root      root             0 Dec 25 01:27 dnsresolver.log
-rw-r--r-- 1 root      root             0 Dec 25 22:59 ipsec_status.debug
-rw------- 1 root      root         49359 Dec 31 02:40 mdwdebug.log
-rw------- 1 root      root     170545152 Dec 31 14:05 netacc_sql.cache
-rw-r--r-- 1 root      root             0 Dec 31 14:17 netacc_sql.cache.lock
drwxr-xr-x 2 root      root          4096 Dec 27 01:15 pdk-root
-rw------- 1 postgres  postgres        77 Dec 25 01:27 postgres.log
-rw-r--r-- 1 root      root             0 Dec 25 01:31 reversednsresolver.log
-rw------- 1 root      root       1445888 Dec 31 14:17 sql.cache
-rw-r--r-- 1 root      root             0 Dec 31 14:17 sql.cache.lock
drwx------ 2 loginuser users         4096 Dec 31 14:17 ssh-mNvGH27401
loginuser@fw:/tmp > df -h
Filesystem            Size  Used Avail Use% Mounted on
rootfs                5.3G  1.1G  4.0G  22% /
udev                  253M   60K  252M   1% /dev
/dev/disk/by-label/root
                      5.3G  1.1G  4.0G  22% /
/dev/disk/by-label/boot
                      342M   14M  311M   5% /boot
/dev/disk/by-label/storage
                      4.3G  754M  3.3G  19% /var/storage
/dev/disk/by-label/log
                      5.6G  2.1G  3.3G  40% /var/log
Still running 7.305, btw.
__________________
Home & business end-user since v1.x
  • ASL 6.3x, HP DL145 Dual Opteron, 1GB RAM, 6 gigE NICs, 50-IP Platinum License
  • ASL 7.3x, Dell PE1550 Dual PIII 1GHz, 1GB RAM, 2 NICs, 50-IP Platinum License
  • ASL 7.460β, 17-watt fanless mini-ITX system: MSI IM-945GSE-A Atom n270, 2GB RAM, Morex T3310 case. 2 Intel GigE, 3 VLANs. 80G 5200rpm 2.5" HD
    Netgear GS108T gigE VLAN switch & Linksys WRT54G WAP
    Total network infrastructure: 27 watts. 50-IP Home User License. FiOS 10mb/4mb
Reply With Quote
  #10 (permalink)  
Old 01-01-2009, 12:47 AM
Wizard
  
Join Date: Oct 2005
Posts: 2,065
Default
I haven't really seen any problems like this at any sites... is this a new config, or one you converted from V6?
__________________
Convergent Information Security Solutions, LLC
Astaro Preferred Solution Partner
Reply With Quote
Reply
Page 1 of 3 1 23

Tags
/tmp full, disk full

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


All times are GMT. The time now is 11:12 PM.

 
Contact Us - Astaro User Bulletin Board - Archive - Top

Powered by vBulletin® Version 3.8.2
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.


These pages are specifically maintained for the discussion of firewall issues within the Open Source community, and might already reflect new alpha/beta releases under development. Please refer to our product specifications for the functionality of the actual release. Discussions of new/enhanced functionality does not constitute a commitment of Astaro, to integrate this functionality into future releases. issues within the Open Source community, and might already reflect new alpha/beta releases under development. Please refer to our product specifications for the functionality of the actual release. Discussions of new/enhanced functionality does not constitute a commitment of Astaro, to integrate this functionality into future releases.