Problem with a second connection on partimaged-server

Messages about how to use partimage across a network (with the partimaged server, samba, nfs, ...)

Moderator: feffer

Post Reply
Etudix

Problem with a second connection on partimaged-server

Post by Etudix » Wed Jan 11, 2006 5:54 pm

hello,

I used Partimaged server on a debian distribution, with a partimage client on another debian host.
The first connection work very fine, but when I try to connect again on the server I obtain this error message :

error ! @IP (wrong password)---

I always used the same command, so it isn't a problem with pthe password.

I use this command :
partimage -f3 -z1 -m -b -d --server @IP --username=user --password=password save /dev/hdaX /var/lib/partimaged/test.img

Thx a lot.
Best regard.

Etudix

Post by Etudix » Thu Jan 12, 2006 4:43 pm

I'm response to myself if someone same problem. I'm solve the problem in compiling partimage client and server with --disable-login option. This is not the best solution, but it work fine ;))

Thx to the Partimage team for this soft.

ADR
Posts: 1
Joined: Mon Feb 06, 2006 7:28 am

Re: Problem with a second connection on partimaged-server

Post by ADR » Mon Feb 06, 2006 7:41 am

For me the same behaviour with Debian testing (from today) and partimaged 0.6.4-14 using partimage client 0.6.4 from Knoppix 4.0.2:
one connection is running without a problem but a second (or third,...) parallel using is not possible. The error messages says authentication failed.

After restarting partimaged I can connect successfully again with exactly one session but not more.

Any ideas?

iceburn
Posts: 4
Joined: Wed Aug 10, 2005 3:11 pm
Location: Portugal

Post by iceburn » Wed Feb 08, 2006 4:58 pm

bug or feature? :D

daffy
Posts: 4
Joined: Sat Aug 12, 2006 1:08 am

Post by daffy » Sat Aug 12, 2006 1:27 am

I got the exact same problem. My guess is that it has to do with partimaged losing root capabilities (for security) between the first and second login attempts. I have searched my logs for interesting errors and this is the only I find:

[Main] access.cpp->pam_conv_partimaged#217: PAM: conv called
[Main] access.cpp->pam_conv_partimaged#222: PAM ECHOOFF
[Main] access.cpp->CheckAccess#276: pam_autenticate failed: Authentication failure
[Main] netserver.cpp->ValidatePass#298: return of checkaccess: 2
[Main] netserver.h->Send#63: before GET: 0
[Main] netserver.h->Send#65: after GET: 0
[Main] partimaged-client.cpp->Release#84: 0 released
[Main] partimaged-main.cpp->main#382: infernal loop
[Main] netserver.cpp->~CNetServer#98: cns detroyed

I really hope someone (developer maybe?) can give us a hint what's wrong, it seems like we're many who experience this problem.

Im using Partimaged Version is 0.6.4 [4.0.3 (Debian 4.0.3-1)].

jdt
Posts: 1
Joined: Fri Sep 22, 2006 10:15 am

Problem with a second connection on partimaged-server

Post by jdt » Fri Sep 22, 2006 10:33 am

Same problem.
The socket opened between partimage server and client stay in CLOSE_WAIT as long as the partimage server is running.

daffy
Posts: 4
Joined: Sat Aug 12, 2006 1:08 am

Post by daffy » Sun Oct 01, 2006 10:00 pm

I think the problem is related to partimaged switching away from root at the first login, and using partimag user on the second attempt. I strace'd partimaged and found out it tries to access /etc/shadow, which of course is not readable by the partimag user:

tgkill(11117, 0, SIGRT_1) = -1 EINVAL (Invalid argument)
setresuid32(-1, 0, -1) = -1 EPERM (Operation not permitted)
open("/etc/shadow", O_RDONLY) = -1 EACCES (Permission denied) <---- look here!
tgkill(11117, 0, SIGRT_1) = -1 EINVAL (Invalid argument)

To developer(s), where do we file a bugreport for this?
/D

thermal
Posts: 2
Joined: Tue Dec 26, 2006 1:42 pm

Post by thermal » Wed Dec 27, 2006 1:58 pm

daffy wrote:I think the problem is related to partimaged switching away from root at the first login, and using partimag user on the second attempt. I strace'd partimaged and found out it tries to access /etc/shadow, which of course is not readable by the partimag user:

tgkill(11117, 0, SIGRT_1) = -1 EINVAL (Invalid argument)
setresuid32(-1, 0, -1) = -1 EPERM (Operation not permitted)
open("/etc/shadow", O_RDONLY) = -1 EACCES (Permission denied) <---- look here!
tgkill(11117, 0, SIGRT_1) = -1 EINVAL (Invalid argument)

To developer(s), where do we file a bugreport for this?
/D
First of all, I`m not a developer :) but here http://www.partimage.org/forums/viewtopic.php?t=619 is my description of the problem and a patch. I haven`t recieved any notice about it being merged but you can apply it to your own sources and have this issue solved.

Post Reply