I am having newbie problems with boinc, ports and SELinux -- I think.
Networks and SELinux are two subjects I have put off learning to any
rudimentary depth. So here goes.
I can get Boinc to connect to the World Community Grid immediately after
first download and install. (I have removed it and re-installed to test
this). But after a reboot I can no longer connect to any of the project
sites.
I went to the WCG forum and explained my problem. The response was --
open ports 80 and 443.
'netstat' does not list 80 or 443 as present, i.e, as active.
SELinux is in permissible mode.
SELinux gives the following for those two ports.
http_port_t tcp s0 80
http_port_t tcp s0 443
--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
06-28-2008, 01:19 AM
John Munn
BOINC again !?
You need to open the ports in your firewall (iptables).
John
William Case wrote:
Hi;
I am having newbie problems with boinc, ports and SELinux -- I think.
Networks and SELinux are two subjects I have put off learning to any
rudimentary depth. So here goes.
I can get Boinc to connect to the World Community Grid immediately after
first download and install. (I have removed it and re-installed to test
this). But after a reboot I can no longer connect to any of the project
sites.
I went to the WCG forum and explained my problem. The response was --
open ports 80 and 443.
'netstat' does not list 80 or 443 as present, i.e, as active.
SELinux is in permissible mode.
SELinux gives the following for those two ports.
http_port_t tcp s0 80
http_port_t tcp s0 443
So ... where do I go from here?
--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
06-28-2008, 03:22 AM
William Case
BOINC again !?
On Fri, 2008-06-27 at 21:19 -0400, John Munn wrote:
> You need to open the ports in your firewall (iptables).
Didn't have iptables running. I do now with ports 80 and 443 set as
trusted -- still nothing.
Do I have to move or link some file(s) from /var/lib/boinc to $HOME?
>
> John
>
>
> William Case wrote:
> > Hi;
> >
> > I am having newbie problems with boinc, ports and SELinux -- I think.
> >
> > Networks and SELinux are two subjects I have put off learning to any
> > rudimentary depth. So here goes.
> >
> > I can get Boinc to connect to the World Community Grid immediately after
> > first download and install. (I have removed it and re-installed to test
> > this). But after a reboot I can no longer connect to any of the project
> > sites.
> >
> > I went to the WCG forum and explained my problem. The response was --
> > open ports 80 and 443.
> >
> > 'netstat' does not list 80 or 443 as present, i.e, as active.
> > SELinux is in permissible mode.
> > SELinux gives the following for those two ports.
> > http_port_t tcp s0 80
> > http_port_t tcp s0 443
> >
> > So ... where do I go from here?
> >
> >
>
--
Regards Bill;
Fedora 9, Gnome 2.22.2
Evo.2.22.2, Emacs 22.2.1
--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
06-28-2008, 03:55 AM
Craig White
BOINC again !?
On Fri, 2008-06-27 at 23:22 -0400, William Case wrote:
> On Fri, 2008-06-27 at 21:19 -0400, John Munn wrote:
> > You need to open the ports in your firewall (iptables).
> Didn't have iptables running. I do now with ports 80 and 443 set as
> trusted -- still nothing.
>
> Do I have to move or link some file(s) from /var/lib/boinc to $HOME?
----
don't know anything about BOINC but do you have/need httpd running
(sounds like it)
/sbin/service httpd status
/sbin/service httpd start
Craig
--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
06-28-2008, 04:44 AM
William Case
BOINC again !?
Hi Craig;
On Fri, 2008-06-27 at 20:55 -0700, Craig White wrote:
> On Fri, 2008-06-27 at 23:22 -0400, William Case wrote:
> > On Fri, 2008-06-27 at 21:19 -0400, John Munn wrote:
> > > You need to open the ports in your firewall (iptables).
> > Didn't have iptables running. I do now with ports 80 and 443 set as
> > trusted -- still nothing.
> >
> > Do I have to move or link some file(s) from /var/lib/boinc to $HOME?
> ----
> don't know anything about BOINC but do you have/need httpd running
> (sounds like it)
>
> /sbin/service httpd status
> /sbin/service httpd start
>
Half-way there. Now port 80 is showing on netstat but not 443.
Never thought to check httpd service. Every new install before Fedora 9
automagically set httpd as a default service. That is not a complaint
-- just a weak wristed excuse.
--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
06-28-2008, 04:54 AM
Craig White
BOINC again !?
On Sat, 2008-06-28 at 00:44 -0400, William Case wrote:
> Hi Craig;
>
> On Fri, 2008-06-27 at 20:55 -0700, Craig White wrote:
> > On Fri, 2008-06-27 at 23:22 -0400, William Case wrote:
> > > On Fri, 2008-06-27 at 21:19 -0400, John Munn wrote:
> > > > You need to open the ports in your firewall (iptables).
> > > Didn't have iptables running. I do now with ports 80 and 443 set as
> > > trusted -- still nothing.
> > >
> > > Do I have to move or link some file(s) from /var/lib/boinc to $HOME?
> > ----
> > don't know anything about BOINC but do you have/need httpd running
> > (sounds like it)
> >
> > /sbin/service httpd status
> > /sbin/service httpd start
> >
>
> Half-way there. Now port 80 is showing on netstat but not 443.
>
> Never thought to check httpd service. Every new install before Fedora 9
> automagically set httpd as a default service. That is not a complaint
> -- just a weak wristed excuse.
----
httpd should start both 80 & 443 and thus should show a Listener on both
ports in netstat...
# netstat -an|grep 443
tcp 0 0 :::443 :::*
LISTEN
check /var/log/httpd/error_log
and
/var/log/httpd/ssl_error_log for clues about problems.
chkconfig httpd on
will make sure that httpd always starts up when you restart
Craig
--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
06-28-2008, 05:45 AM
William Case
BOINC again !?
Hi Craig;
On Fri, 2008-06-27 at 21:54 -0700, Craig White wrote:
> On Sat, 2008-06-28 at 00:44 -0400, William Case wrote:
> > Hi Craig;
> >
> > On Fri, 2008-06-27 at 20:55 -0700, Craig White wrote:
> > > On Fri, 2008-06-27 at 23:22 -0400, William Case wrote:
> > > > On Fri, 2008-06-27 at 21:19 -0400, John Munn wrote:
> > > > > You need to open the ports in your firewall (iptables).
> > > > Didn't have iptables running. I do now with ports 80 and 443 set as
> > > > trusted -- still nothing.
> > > >
> > > > Do I have to move or link some file(s) from /var/lib/boinc to $HOME?
> > > ----
> > > don't know anything about BOINC but do you have/need httpd running
> > > (sounds like it)
> > >
> > > /sbin/service httpd status
> > > /sbin/service httpd start
> > >
> >
> > Half-way there. Now port 80 is showing on netstat but not 443.
> >
> > Never thought to check httpd service. Every new install before Fedora 9
> > automagically set httpd as a default service. That is not a complaint
> > -- just a weak wristed excuse.
> ----
> httpd should start both 80 & 443 and thus should show a Listener on both
> ports in netstat...
>
> # netstat -an|grep 443
> tcp 0 0 :::443 :::*
> LISTEN
Nope. Still not there.
> check /var/log/httpd/error_log
/httpd/error_log
[Sat Jun 28 00:29:16 2008] [notice] SELinux policy enabled; httpd
running as context unconfined_u:system_r:httpd_t:s0
[Sat Jun 28 00:29:16 2008] [notice] suEXEC mechanism enabled
(wrapper: /usr/sbin/suexec)
[Sat Jun 28 00:29:16 2008] [notice] Digest: generating secret for digest
authentication ...
[Sat Jun 28 00:29:16 2008] [notice] Digest: done
[Sat Jun 28 00:29:16 2008] [notice] Apache/2.2.8 (Unix) DAV/2 configured
-- resuming normal operations
It is still a bit Greek to me; but seems to be alright.
> and
> /var/log/httpd/ssl_error_log for clues about problems.
I have no httpd/ssl_error_log
>
> chkconfig httpd on
> will make sure that httpd always starts up when you restart
Shttpd was already set for all 4 runlevels
--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
06-28-2008, 05:52 AM
Craig White
BOINC again !?
On Sat, 2008-06-28 at 01:45 -0400, William Case wrote:
> Hi Craig;
>
> On Fri, 2008-06-27 at 21:54 -0700, Craig White wrote:
> > On Sat, 2008-06-28 at 00:44 -0400, William Case wrote:
> > > Hi Craig;
> > >
> > > On Fri, 2008-06-27 at 20:55 -0700, Craig White wrote:
> > > > On Fri, 2008-06-27 at 23:22 -0400, William Case wrote:
> > > > > On Fri, 2008-06-27 at 21:19 -0400, John Munn wrote:
> > > > > > You need to open the ports in your firewall (iptables).
> > > > > Didn't have iptables running. I do now with ports 80 and 443 set as
> > > > > trusted -- still nothing.
> > > > >
> > > > > Do I have to move or link some file(s) from /var/lib/boinc to $HOME?
> > > > ----
> > > > don't know anything about BOINC but do you have/need httpd running
> > > > (sounds like it)
> > > >
> > > > /sbin/service httpd status
> > > > /sbin/service httpd start
> > > >
> > >
> > > Half-way there. Now port 80 is showing on netstat but not 443.
> > >
> > > Never thought to check httpd service. Every new install before Fedora 9
> > > automagically set httpd as a default service. That is not a complaint
> > > -- just a weak wristed excuse.
> > ----
> > httpd should start both 80 & 443 and thus should show a Listener on both
> > ports in netstat...
> >
> > # netstat -an|grep 443
> > tcp 0 0 :::443 :::*
> > LISTEN
> Nope. Still not there.
>
> > check /var/log/httpd/error_log
>
> /httpd/error_log
>
> [Sat Jun 28 00:29:16 2008] [notice] SELinux policy enabled; httpd
> running as context unconfined_u:system_r:httpd_t:s0
> [Sat Jun 28 00:29:16 2008] [notice] suEXEC mechanism enabled
> (wrapper: /usr/sbin/suexec)
> [Sat Jun 28 00:29:16 2008] [notice] Digest: generating secret for digest
> authentication ...
> [Sat Jun 28 00:29:16 2008] [notice] Digest: done
> [Sat Jun 28 00:29:16 2008] [notice] Apache/2.2.8 (Unix) DAV/2 configured
> -- resuming normal operations
>
> It is still a bit Greek to me; but seems to be alright.
> > and
> > /var/log/httpd/ssl_error_log for clues about problems.
>
> I have no httpd/ssl_error_log
> >
> > chkconfig httpd on
> > will make sure that httpd always starts up when you restart
> Shttpd was already set for all 4 runlevels
----
yum install mod_ssl
service httpd restart
seems hard to believe that mod_ssl wasn't already installed.
What packages are required by boinc? Are they installed? Sounds like
you built it from source and not from rpm packaging.
Craig
--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
06-28-2008, 06:31 AM
William Case
BOINC again !?
On Fri, 2008-06-27 at 22:52 -0700, Craig White wrote:
[big snip]
> ----
> yum install mod_ssl
> service httpd restart
>
Port 443 now appears in netstat. Thanks.
Boinc still not working -- but that is an application problem to be
figured out in the morning.
> seems hard to believe that mod_ssl wasn't already installed.
>
> What packages are required by boinc? Are they installed? Sounds like
> you built it from source and not from rpm packaging.
>
Had it working fine in Fedora 8 when it was an rpm install from the
Boinc site. If you are wondering; it is a distributed computing program
working on cancer, dengue fever cures etc.
This time it was packaged in the Fedora 9 repo site.
I downloaded and installed it with yum (yumex).
Thanks Craig. I actually learned a lot about a subject(s) I had been
putting off too long. I appreciate your help.
--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
06-28-2008, 09:37 AM
Markku Kolkka
BOINC again !?
Craig White kirjoitti viestissään (lähetysaika lauantai, 28.
kesäkuuta 2008):
> ----
> don't know anything about BOINC but do you have/need httpd
> running (sounds like it)
You don't need httpd to run the BOINC client. It doesn't need any
incoming firewall ports open either. I think this thread got
sidetracked somewhere, I don't believe the OP wants to run a
BOINC project server.
--
Markku Kolkka
markku.kolkka@iki.fi
--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
BOINC again !?
