[Search for users] [Overall Top Noters] [List of all Conferences] [Download this site]

Conference decwet::advfs_support

Title:AdvFS Support/Info/Questions Notefile
Notice:note 187 is Freq Asked Questions;note 7 is support policy
Moderator:DECWET::DADDAMIO
Created:Wed Jun 02 1993
Last Modified:Fri Jun 06 1997
Last Successful Update:Fri Jun 06 1997
Number of topics:1077
Total number of notes:4417

1064.0. "dtadvfs error 573" by VAXRIO::CSANTOS () Thu May 22 1997 11:11

    
    
    
    	Hi,
    
    	I'm just starting with Digital Unix and need some help here...
    
    
    	We have a customer trying to run dtadvfs and is getting the
    following error in /usr/var/opt/advfsd/logs
    
    
    Wed May 21 13:30:52 1997 | AUDIT | WARNING - Failed security check |
    File socket
    _agent.c | Line 573
    Wed May 21 13:30:54 1997 | AUDIT | WARNING - Failed security check |
    File socket
    _agent.c | Line 573
    Wed May 21 13:32:19 1997 | ERROR | Received errno 2 while trying to
    open
    /dev/rr
    z8a. | File getlists.c | Line 492
    Wed May 21 13:37:19 1997 | ERROR | Received errno 2 while trying to
    open
    /dev/rr
    z8a. | File getlists.c | Line 492
    Wed May 21 13:42:19 1997 | ERROR | Received errno 2 while trying to
    open
    /dev/rr
    z8a. | File getlists.c | Line 492
    Wed May 21 13:47:20 1997 | ERROR | Received errno 2 while trying to
    open
    /dev/rr
    z8a. | File getlists.c | Line 492
    
    
    
	Does not look like the second error (492) has soething to do with
    the first one, because we have lots of its entries.  The 573 error
    only shows when we try to run dtadvfs.
    
    	#HOSTNAME, /etc/hosts and hosts.allow have the same value/entry...
    
    
    
    			Any ideas?? Thanks in advance
    
    							Claudia
    
T.RTitleUserPersonal
Name
DateLines
1064.1Check this first...DECWET::DIPIETROThu May 22 1997 13:5516
Excerpt from note 881.1 (Thanks to Ken Martin):

The 'Failed security check' messages probably come from your attempts to telnet
to port 30000.  There are a couple of configurable files for advfsd security. 
The first is /var/opt/advfsd/socket/hosts.allow, which should list
(carriage-return separated) all the 'trusted hosts', i.e., machines that are
allowed to connect to advfsd.  On installation, this file should have been
created with the local hostname in the file.

A second file is /var/opt/advfsd/socket/gui.passwd, which can contain a user
configurable password that would be asked for in a dialogue window from dtadvfs
when attempting to connect to a host that has this set up.  Note that this is
NOT the root password for the system.  Both of these files are explained in the
man page for advfsd(8).

Also please check notes 939 and 1001 for additional info.
1064.2DECWET::MARTINThu May 22 1997 14:4123
The failed security check is coming from one of the two problems Steph describes
in .1.

The error coming from line 492 of getlists.c is completely unrelated.  It's
appearing every 5 minutes, which is how often advfsd polls the system for
information.  You can change this polling interval once you fix the security
problem by going to the options window of dtadvfs.

errno 2 is, according to /usr/include/errno.h,

	#define ENOENT          2               /* No such file or directory */

My best guess is that the kernel you're currently running was built on a system
that had rz8, and is now on a system that doesn't have that device.  You
probably won't even find a /dev/rrz8a entry on your system.

To get rid of this error (which can be ignored for the most part, except that it
will chew up disk space on your /var filesystem where the log resides), you can
either make sure that you have an rz8 disk and have a /dev/rrz8a entry (make
sure 'disklabel rz8' works) or "doconfig" a new kernel on your currently running
system.

--Ken
1064.3Checked hostname alreadyVAXRIO::CSANTOSThu May 22 1997 16:4013
    
    
    	I've checked those notes, but customer is trying to connect to 
    	the local host (he is trying to run DTADVFS form the console
    	using the local system).  We've checkes the hostname in the 3 
    	possible places (#HOSTNAME, /etc/hosts and
        /var/opt/advfsd/socket/hosts.allow) and they all look the same.
    
    
    		Any other ideas??
    
    				Claudia
    
1064.4DECWET::MARTINThu May 22 1997 20:076
Try using a fully qualified hostname in hosts.allow.  I don't know why
unqualified hostnames sometimes don't work, but they don't.

E.g., use foo.bar.dec.com instead of just foo.

--Ken
1064.5Just one node...VAXRIO::16.179.32.62::csantosTue May 27 1997 16:0214

	
	Ken,


	Customer is not using name service, so he does not have a complete name 
	to use...  It is just one local node...  



		Any other ideas

			Claudia
1064.6Customer's system logVAXRIO::16.179.32.62::csantosTue Jun 03 1997 10:25108


	I'm posting alog from customers system, so maybe
	someone can find something wrong:


edglobo2#echo `hostname`
edglobo2
edglobo2#
 
edglobo2#cd /etc
edglobo2#pwd
/etc
edglobo2#cat hosts
#
# *****************************************************************
# *                                                               *
# *    Copyright (c) Digital Equipment Corporation, 1991, 1996    *
# *                                                               *
# *   All Rights Reserved.  Unpublished rights  reserved  under   *
# *   the copyright laws of the United States.                    *
# *                                                               *
# *   The software contained on this media  is  proprietary  to   *
# *   and  embodies  the  confidential  technology  of  Digital   *
# *   Equipment Corporation.  Possession, use,  duplication  or   *
# *   dissemination of the software and media is authorized only  *
# *   pursuant to a valid written license from Digital Equipment  *
# *   Corporation.                                                *
# *                                                               *
# *   RESTRICTED RIGHTS LEGEND   Use, duplication, or disclosure  *
# *   by the U.S. Government is subject to restrictions  as  set  *
# *   forth in Subparagraph (c)(1)(ii)  of  DFARS  252.227-7013,  *
# *   or  in  FAR 52.227-19, as applicable.                       *
# *                                                               *
# *****************************************************************
#
# HISTORY
#
# @(#)$RCSfile: hosts,v $ $Revision: 1.1.5.2 $ (DEC) $Date: 1995/05/16
16:19:31
$
#
# Description:  The hosts file associates hostnames with IP addresses.
#
# Syntax:  nnn.nnn.nnn.nnn hostname.domain.name 
[alias_1,...,alias_n]
[#comments
]
#
# nnn.nnn.nnn.nnn       the IP address of the host
# hostname.domain.name  the fully qualified hostname, including the
domainname
# alias_n               other names or abbreviations for this host
# #comments             text following the comment character (#) is
ignored
#
127.0.0.1       localhost
129.1.1.102     dtc02
129.1.1.103     dtc01
129.1.1.104     pc01
129.1.1.105     dtc03
129.1.1.106     dtc04
129.1.1.107     dtc05
129.1.1.108     dtc06
129.1.1.109     dtc07
129.1.1.100     globo1
129.1.1.200     pctrans
129.1.1.201     xerox
129.1.0.50      globo2
129.1.1.100     edglobo2
129.1.0.120     edglobo1
129.1.0.110     edglobo
129.1.1.101     hpg70
edglobo2#

edglobo2#cd /usr/var/opt/advfsd/socket
edglobo2#pwd
/usr/var/opt/advfsd/socket

edglobo2#ls -l
total 1
-r-x------   1 root     system         9 Jan 31 13:13 hosts.allow
edglobo2#cat hosts.allow
edglobo2

edglobo2#

edglobo2#pwd
/usr/var/opt/advfsd/logs

edglobo2#pg advfsd 

Mon Jun  2 10:20:28 1997 | AUDIT | WARNING - Failed security check |
File socket
_agent.c | Line 573
Mon Jun  2 10:20:32 1997 | AUDIT | WARNING - Failed security check |
File socket
_agent.c | Line 573
Mon Jun  2 10:20:41 1997 | AUDIT | WARNING - Failed security check |
File socket
_agent.c | Line 573
Mon Jun  2 10:20:53 1997 | AUDIT | WARNING - Failed security check |
File socket
_agent.c | Line 573
Mon Jun  2 10:21:56 1997 | AUDIT | WARNING - Failed security check |
File socket
_agent.c | Line 573