Problems with a CentOS 7 and 4.1.6
Sune
I’m trying to install iRODS on a CentOS 7… with a PostgreSQL 9.2.
Got any info on how to do that ?
I got all the packages from ftp://ftp.renci.org/pub/irods/releases/4.1.6/centos7/
And installed them with rpm –ivh [.rpm]
But after run : sudo /var/lib/irods/packaging/setup_irods.sh
I get this error…. –Any ideas ??
===================================================================
Updating /etc/irods/database_config.json...
Stopping iRODS server...
-----------------------------
Running irods_setup.pl...
Step 1 of 4: Configuring database user...
Updating user's .pgpass...
Step 2 of 4: Creating database and tables...
Checking whether iCAT database exists...
Install problem:
Database [ICAT] on [127.0.0.1] cannot be found.
psql: FATAL: Ident authentication failed for user "irods"
Found 0 processes:
There are no iRODS servers running.
Abort.
-------------------------------------
In CentOS 7 I got problems with this:
sudo nano /etc/xinetd.d/auth ⇒ locate and change the line server_args = -t60 --xerror --os -E to server_args = -t60 --xerror --os.
sudo /etc/init.d/xinetd restart ⇒ restarts xinetd
sudo /sbin/chkconfig --level=3 auth on ⇒ sets the proper level of authd
sudo /etc/init.d/xinetd restart ⇒ restarts xinetd
---------------------------
The full install-guide:
1. Installing iRODS Server on RHEL with Postgresql
Depending on the preferences: I am using packages for centos 6, postgresql 8.x ( you can also install using postgresql 9.x. Make sure your yum repository is up to date before installing postgresql 9.x)
• Step I: Installing dependencies: postgresql 8.x-odbc, postgresql 8.x, authd, unixODBC
To find the available packages, run the sudo yum list command. For instance, if I wanted to see the packages available for postgresql, you can run sudo yum list postgresql*
sudo yum install authd ⇒ installs authd
sudo yum install postgresql-server.x86_64 ⇒ installs postgresql server
sudo yum install postgresql-odbc.x86_64 ⇒ installs postgresql-odbc
sudo yum install unixODBC.x86_64 ⇒ installs unixODBC
• Step II: Start the database
sudo /sbin/service postgresql initdb ⇒ initializes the database
sudo /sbin/service postgresql start ⇒ Starts postgresql
• Step III: Modify the authd config file for xinetd.d
sudo nano /etc/xinetd.d/auth ⇒ locate and change the line server_args = -t60 --xerror --os -E to server_args = -t60 --xerror --os.
sudo /etc/init.d/xinetd restart ⇒ restarts xinetd
sudo /sbin/chkconfig --level=3 auth on ⇒ sets the proper level of authd
sudo /etc/init.d/xinetd restart ⇒ restarts xinetd
• Step III: Open firewall to let iRODS in
Open your /etc/sysconfig/iptables, by running the command:
sudo nano /etc/sysconfig/iptables
Add the following lines above the last default rejection rules to avoid firewall issues. (If not done correctly, you won’t be able to connect via clients like iDrop or jargon)
-A INPUT -m state --state NEW -m tcp -p tcp --dport 1247 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 20000:20199 -j ACCEPT -A INPUT -m state --state NEW -m udp -p udp --dport 20000:20199 -j ACCEPT
Save the file (ctl + x, and choose save), and refresh the firewall rules by running:
sudo service iptables restart
If all goes well, after the latter command you should see [ OK ] messages.
Note: since you have only allowed the irods port to be 1247 (check the first - A INPUT line you above), then when you install iRODS make sure you keep the default port: 1247, otherwise you will run into issues down the road.
• Step IV: install irods-icat and irods-database-plugin
sudo rpm -i irods-icat-<xxxxx>.rpm irods-database-plugin-postgresql.<xxxxx>.rpm ⇒ installs the irods packages downloaded earlier.
A sample output:
iRODS Postgres Database Plugin installation was successful.
To configure this plugin, the following prerequisites need to be met:
- an existing database user (to be used by the iRODS server)
- an existing database (to be used as the iCAT catalog)
- permissions for existing user on existing database
Then run the following setup script:
sudo /var/lib/irods/packaging/setup_irods.sh
• Step V: setup ICAT and iRODS admin user
sudo -u postgres psql template1 ⇒ logs postres into postgresql
ALTER USER postgres with encrypted password 'your_password'; ⇒ assigns a new password to postgres. (*Take note of the password set here).
\q ⇒ quits the postgresql interactive mode
sudo service postgresql restart ⇒ Restarts postgresql
sudo su - postgres ⇒ logs in postgres
psql ⇒ opens up interactive mode for postgresql
create database “ICAT”; ⇒ creates the ICAT database
create user <user-name> with password ‘<password>’; ⇒ creates user with chosen username and password. In my case I chose irods/irods for simplicity
grant all privileges on database “ICAT” to irods; ⇒ Grants all privileges to rods on ICAT.
\q ⇒ quits the interactive mode
exit ⇒ goes back to the original user
Also need to create RHEL user account as irods
sudo adduser irods ⇒ creates a new user account with for irods
sudo passwd irods ⇒ prompts for the password for this user
sudo su - irods ⇒ to verify if you can be logged in as irods. Run exit to go back
Add irods to the list of sudoers
sudo nano /usr/sbin/visudo ⇒ opens up the sudoer file. Find where the users are listed with lines looking like: root ALL=(ALL) ALL, insert the line irods ALL=(ALL) ALL on the next line. Hit escape and type :wq to exit
• Note that here, it’s a requirement that the user account on rhel coincides with the database username(with the same passwords too)
• Step VI: Configure the login scheme for postgresql
For some reasons, the default postgres configuration on RHEL does not allow database login via the traditional username-password scheme. So, we need to edit the configuration file to make this work. Follow the steps below to edit the file:
sudo chmod -R 770 /var/lib/pgsql ⇒ grants access to the pgsql folder
sudo nano var/lib/pgsql/data/pg_hba.conf ⇒ opens the configuration file. By default Postgresql uses IDENT-based authentication. All you have to do is allow username and password based authentication for your network or web server. IDENT will never allow you to login via -U and -W options. For more information, refer to this document.
Toward the end of the document, wherever you see “ident”, replace it with “trust.”
For example, replace the line [local all all ident] with [local all all trust].
Save and close the file (Hit ctl + x to exit and save after you hit y).
• Step VII: back to installation to run the script /var/lib/irods/packaging/setup_irods.sh
sudo su - irods ⇒ logs into the irods user account
sudo /var/lib/irods/packaging/setup_irods.sh ⇒ installation interactive mode
Info will be asked about zone, ICAT username and password etc.
A strange error might occur here and it has something to do with permissions on /var/lib/irods/iRODS/server. If this happens, you can just chmod the entire folder of /var/lib/irods and /etc/irods to allow control over it and rerun the script.
Verify installation by running the simple commands such as iinit, ils, ienv etc. The installation isn’t complete until you have verified that remote clients such as irods_exp, jargon etc can connect to your server
suna...@gmail.com
I got it runnning...
I did : chmod -R 755 /var/lib/irods
-- My Server files---
#rpm -qa postgre*
postgresql-server-9.2.13-1.el7_1.x86_64
postgresql-9.2.13-1.el7_1.x86_64
postgresql-odbc-09.03.0100-2.el7.x86_64
postgresql-devel-9.2.13-1.el7_1.x86_64
postgresql-contrib-9.2.13-1.el7_1.x86_64
#rpm -qa irod*
irods-dev-4.1.6-0.x86_64
irods-icat-4.1.6-0.x86_64
irods-runtime-4.1.6-0.x86_64
irods-database-plugin-postgres-1.6-0.x86_64
in the file : /var/lib/pgsql/data/postgresql.conf
you need to change : listen_addresses = 'localhost' to listen_addresses = '*'
Also remember to add it to firewall-cmd with the option : --permanent
To fix this error open PostgreSQL client authentication configuration file /var/lib/pgsql/data/pg_hba.conf :
# vi /var/lib/pgsql/data/pg_hba.conf
This file controls: Which hosts are allowed to connect
How clients are authenticated which PostgreSQL user names they can use Which databases they can access
By default Postgresql uses IDENT-based authentication.
All you have to do is allow username and password based authentication for your network or webserver.
IDENT will never allow you to login via -U and -W options. Append following to allow login via localhost only:
local all all trust
host all 127.0.0.1/32 trust
Save and close the file. Restart Postgresql!
Other usefull stuff: (systemD)
systemctl status postgresql.service
systemctl stop postgresql.service
systemctl start postgresql.service
--
Test your iRODS password with : iinit
Wrong password will give :
Enter your current iRODS password:
[-] libnative.cpp:336:native_auth_client_response : status [CAT_INVALID_AUTHENTICATION] errno [] -- message [Call to rcAuthResponseFailed.]
failed with error -826000 CAT_INVALID_AUTHENTICATION
Right password will give :
Enter your current iRODS password:
#
-----
install postgresql93: (NOT the latest one!!! )
rpm -iUvh http://yum.postgresql.org/9.3/redhat/rhel-latest-x86_64/pgdg-centos93-9.3-1.noarch.rpm; yum update
yum -y install postgresql93 postgresql93-server postgresql93-contrib postgresql93-libs postgresql93-odbc fuse-libs.x86_64 perl-JSON* python-jsonschema.noarch
Get the rpm from.... ftp://ftp.renci.org/pub/irods/releases/
Please Note : IDROP-web need : TomCat 7 or 8 (and Varnish???)
--
I'm still testing with Varnish vs. Apache Traffic Server as a Reverse Proxy
---
--My Setup:
Varnish : nano /etc/yum.repos.d/varnish.repo
---the file-------
[varnish-4.0]
name=Varnish 4.0 for Enterprise Linux
baseurl=https://repo.varnish-cache.org/redhat/varnish-4.0/el7/$basearch
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-VARNISH
---------
yum install varnish varnish-libs varnish-libs-devel
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --reload
nano /etc/varnish/varnish.params
Setup : DAEMON_OPTS="-a :80 -T localhost:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,256m"
Please let me know how you did your CentOS 7 or RedHat ES 7
Sune Andersen , Denmark