It's all about the answers!

Ask a question
QuestionsTagsUsersBadges
Guidelines | FAQ
Follow this question
Question details

×1,192

question asked: May 14 '10, 10:46 a.m.
question was seen: 15,277 times
last updated: May 14 '10, 10:46 a.m.

Related questions

Build Forge on HP-UX 11.31

0
Frank van den Nieuwboer (311) | asked May 14 '10, 10:46 a.m.
Hi all,

We are trying to get Build Forge running on HP-UX version 11.31, but every time we get a Functional Failure. I tried with the 7.1.1.0 client, and 7.1.1.4 client, both resulting in the same error.

Host: 10.xx.xx.xxx:5555
Agent Version: 7.1.1.4-0-0010
Authentication: root
Platform:
Status: Functional failure
Duration: 4

Does anyone know where to look? I tried changing /etc/pam.conf; but that did not seem to work.

Best Regards,
Frank


" C:\Program Files\IBM\Build Forge>bfservertest pf2eaiodb01 5/7/2010 4:11:44 PM: Services: 5984: CRRBF1381I: Established connection to Build Forge Services.
Got server record for
Test ID is
5/7/2010 4:11:44 PM: ServerTest: 5984: CRRBF0364I: Agent Test initiated for server 'pf2eaiodb01'.
Set cleared store for []
Storing host information for
Agent Connecting...
Storing Agent Version for
cmd ping
username root
encpass 7e6065c96932359a00fb0c0f0abd1c06cbe3196ecd5126292801
go
Sending agent request...
Agent: ]
Agent:
Use of uninitialized value in concatenation (.) or string at bfservertest.pl line 163, <sock> line 5.
Agent: []
5/7/2010 4:11:47 PM: ServerTest: 5984: CRRBF0363I: Agent test completed for server 'pf2eaiodb01', setting error status to 'Y'.

C:\Program Files\IBM\Build Forge> "

15 answers

Most liked answers ↑|Newest answers|Oldest answers

0
permanent link
Brent Ulbricht (2.5k11) | answered May 17 '10, 12:00 p.m.
JAZZ DEVELOPER
Hi all,

We are trying to get Build Forge running on HP-UX version 11.31, but every time we get a Functional Failure. I tried with the 7.1.1.0 client, and 7.1.1.4 client, both resulting in the same error.

Host: 10.xx.xx.*:5555
Agent Version: 7.1.1.4-0-0010
Authentication: root
Platform:
Status: Functional failure
Duration: 4

Does anyone know where to look? I tried changing /etc/pam.conf; but that did not seem to work.

Best Regards,
Frank


" C:\Program Files\IBM\Build Forge>bfservertest pf2eaiodb01 5/7/2010 4:11:44 PM: Services: 5984: CRRBF1381I: Established connection to Build Forge Services.
Got server record for
Test ID is
5/7/2010 4:11:44 PM: ServerTest: 5984: CRRBF0364I: Agent Test initiated for server 'pf2eaiodb01'.
Set cleared store for []
Storing host information for
Agent Connecting...
Storing Agent Version for
cmd ping
username root
encpass 7e6065c96932359a00fb0c0f0abd1c06cbe3196ecd5126292801
go
Sending agent request...
Agent: ]
Agent:
Use of uninitialized value in concatenation (.) or string at bfservertest.pl line 163, <sock> line 5.
Agent: []
5/7/2010 4:11:47 PM: ServerTest: 5984: CRRBF0363I: Agent test completed for server 'pf2eaiodb01', setting error status to 'Y'.

C:\Program Files\IBM\Build Forge> "


Hi,

It looks like you've pasted the text from a server test. It might make debugging quicker if you directly try to issue these commands from the command line.


telnet localhost 5555
username <user>
password <password>
cmd ping
go

The following message indicates success:

AUTH: set user account to <user>

If the above tests work but jobs are failing, and a test of your server shows a user authentication error, check the pluggable authentication modules (PAM) configuration.
0
permanent link
Frank van den Nieuwboer (311) | answered May 18 '10, 10:29 a.m.
Unfortunately no luck: 


# telnet localhost 5555

Trying...

Connected to localhost.

Escape character is '^]'.

200 HELLO - BuildForge Agent v7.1.1.0-0-0022

cmd ping

username root

password *****

go

320 AUTH AuthFail[*AuthUnknownUser,"root"]

251 RESULT 1

260 EOR

go

400 RequestNoCommand

210 GOODBYE - BuildForge Agent v7.1.1.0-0-0022

Connection closed by foreign host.

#
0
permanent link
Peter Birk (501145) | answered May 21 '10, 4:30 p.m.
JAZZ DEVELOPER
You might try un-remarking the activity_log in bfagent.conf and have that create a log file with some information. Try the test connection again and see if the information logged helps understand the problem. It does seem to be a platform authentication configuration issue though since it's saying that "root" is an unknown user. What do you have in your PAM configuration?

Regards,
Pete
0
permanent link
FU YONG (4672) | answered May 23 '10, 9:48 p.m.
We encountered the same problem.

Make sure the Server Auth configuation in Build Forge uses Windows account for each server. Since agent logs in using windows account with administrative rights.
0
permanent link
Frank van den Nieuwboer (311) | answered May 24 '10, 1:24 a.m.
You might try un-remarking the activity_log in bfagent.conf and have that create a log file with some information. Try the test connection again and see if the information logged helps understand the problem. It does seem to be a platform authentication configuration issue though since it's saying that "root" is an unknown user. What do you have in your PAM configuration?

Regards,
Pete


Pete, see below the pam.conf: 

# cat /etc/pam.conf

#

# PAM Configuration

#

# Account Management

#

bfagent  account  required  libpam_hpsec.so.1

bfagent  account  required  libpam_unix.so.1

dtaction  account  required  libpam_hpsec.so.1

dtaction  account  required  libpam_unix.so.1

dtlogin  account  required  libpam_hpsec.so.1

dtlogin  account  required  libpam_unix.so.1

ftp  account  required  libpam_hpsec.so.1

ftp  account  required  libpam_unix.so.1

login  account  required  libpam_hpsec.so.1

login  account  required  libpam_unix.so.1

rcomds  account  required  libpam_hpsec.so.1

rcomds  account  required  libpam_unix.so.1

sshd  account  required  libpam_hpsec.so.1

sshd  account  required  libpam_unix.so.1

su  account  required  libpam_hpsec.so.1

su  account  required  libpam_unix.so.1

OTHER  account  required  libpam_hpsec.so.1

OTHER  account  required  libpam_unix.so.1

#

# Authentication Management

#

bfagent  auth  required  libpam_hpsec.so.1

bfagent  auth  required  libpam_unix.so.1

dtaction  auth  required  libpam_hpsec.so.1

dtaction  auth  required  libpam_unix.so.1

dtlogin  auth  required  libpam_hpsec.so.1

dtlogin  auth  required  libpam_unix.so.1

ftp  auth  required  libpam_hpsec.so.1

ftp  auth  required  libpam_unix.so.1

login  auth  required  libpam_hpsec.so.1

login  auth  required  libpam_unix.so.1

rcomds  auth  required  libpam_hpsec.so.1

rcomds  auth  required  libpam_unix.so.1

sshd  auth  required  libpam_hpsec.so.1

sshd  auth  required  libpam_unix.so.1

su  auth  required  libpam_hpsec.so.1  bypass_setaud

su  auth  required  libpam_unix.so.1

OTHER  auth  required  libpam_hpsec.so.1

OTHER  auth  required  libpam_unix.so.1

#

# Password Management

#

dtlogin  password  required  libpam_hpsec.so.1

dtlogin  password  required  libpam_unix.so.1

login  password  required  libpam_hpsec.so.1

login  password  required  libpam_unix.so.1

passwd  password  required  libpam_hpsec.so.1

passwd  password  required  libpam_unix.so.1

sshd  password  required  libpam_hpsec.so.1

sshd  password  required  libpam_unix.so.1

OTHER  password  required  libpam_hpsec.so.1

OTHER  password  required  libpam_unix.so.1

#

# Session Management

#

bfagent  session  required  libpam_hpsec.so.1

bfagent  session  required  libpam_unix.so.1

dtlogin  session  required  libpam_hpsec.so.1

dtlogin  session  required  libpam_unix.so.1

ftp  session  required  libpam_hpsec.so.1  bypass_limit_login bypass_umask bypass_nologin

ftp  session  required  libpam_unix.so.1

login  session  required  libpam_hpsec.so.1

login  session  required  libpam_unix.so.1

rcomds  session  required  libpam_hpsec.so.1  bypass_limit_login

rcomds  session  required  libpam_unix.so.1

sshd  session  required  libpam_hpsec.so.1

sshd  session  required  libpam_unix.so.1

OTHER  session  required  libpam_hpsec.so.1

OTHER  session  required  libpam_unix.so.1

#
0
permanent link
Peter Birk (501145) | answered May 24 '10, 9:05 a.m.
JAZZ DEVELOPER
I believe we'd need to see the activity_log from the Agent or trace from the OS auth services to determine why it's failing. However, make sure the Agent is running as root so it can use the OS authentication services to auth and switch users. If you don't want to run the Agent as root, there are other alternatives we can explore. Make sure the root password you are using in your server auth is the OS root password, not the BF root password. Also, try a different OS user besides root to see if that works.

Regards,
Pete
0
permanent link
Frank van den Nieuwboer (311) | answered May 26 '10, 9:22 a.m.
Hmm.. not much I see in the activity logs:

On the Telnet connection I type: 

# telnet XX.XX.XX.XX 5555

Trying...

Connected to XX.XX.XX.XX.

Escape character is '^]'.

200 HELLO - BuildForge Agent v7.1.1.0-0-0022

cmd ping

username root

password ****

go

320 AUTH AuthFail[*AuthUnknownUser,"root"]

251 RESULT 1

260 EOR

cmd ping

username oracle

password ****

go

320 AUTH AuthFail[*AuthUnknownUser,"oracle"]

251 RESULT 1

260 EOR


And on the activity log it shows: 
[   20173] agent.c         : 518: tag: cmd

[   20173] agent.c         : 518: tag: username

[   20173] agent.c         : 518: tag: password

[   20173] agent.c         : 417: tag: go

[   20173] agent.c         : 348: agent_process_request

[   20173] agent.c         : 219: agent_process_command cmd=[ping]

[   20173] agent.c         : 116: AUTH normal

[   20173] pam.c           :  70: AUTH using PAM

[   20173] agent.c         : 254: AUTH failed

[   20173] agent.c         : 197: ClobberPasswords

[   20173] agent.c         : 518: tag: cmd

[   20173] agent.c         : 518: tag: username

[   20173] agent.c         : 518: tag: password

[   20173] agent.c         : 417: tag: go

[   20173] agent.c         : 348: agent_process_request

[   20173] agent.c         : 219: agent_process_command cmd=[ping]

[   20173] agent.c         : 116: AUTH normal

[   20173] pam.c           :  70: AUTH using PAM

[   20173] agent.c         : 254: AUTH failed

[   20173] agent.c         : 197: ClobberPasswords
0
permanent link
Peter Birk (501145) | answered May 26 '10, 10:40 a.m.
JAZZ DEVELOPER
See if you can add "debug" at the end of the "libpam_unix.so.1" module to gather more information. This is a failure authenticating at the OS so that's were we should try to focus debugging. Make sure the user/password you are sending to the agent are OS users not BF users and make sure the Agent is running under the root ID so that it has the authority to authenticate other users. Let me know if the PAM debug flag shows more information.

Regards,
Pete
0
permanent link
Frank van den Nieuwboer (311) | answered May 27 '10, 6:34 a.m.
It looks like we are getting somewhere, the result of the PAM-debug shows the following, any idea how to proceed from here? 

May 27 18:29:16 syslogd: restart

May 27 18:29:41 syslogd: restart

May 27 18:29:55 PAM: pam_start(bfagent root)

May 27 18:29:55 PAM: pam_set_item(1)

May 27 18:29:55 PAM: pam_set_item(2)

May 27 18:29:55 PAM: pam_set_item(5)

May 27 18:29:55 PAM: pam_authenticate()

May 27 18:29:55 PAM: load_modules: /usr/lib/security/libpam_hpsec.so.1

May 27 18:29:55 PAM: open_module: /usr/lib/security/libpam_hpsec.so.1 failed: Error 0 Can't open shared library: /usr/lib/libacps.1

May 27 18:29:55 PAM: load_modules: can not open module /usr/lib/security/libpam_hpsec.so.1

May 27 18:29:55 PAM: pam_authenticate: load_modules failed

May 27 18:29:55 PAM: pam_authenticate: returning 1

May 27 18:29:55 PAM: pam_end(): status = Success


Additionally, looking into that folder: 
# pwd

/usr/lib

# find . | grep acp

./hpux32/libacps.so

./hpux32/libacps.so.1

./hpux32/libfmthp_apalacp.so

./hpux32/libfmthp_apalacp.so.1

./nls/msg/C/fmthp_apalacp.cat

./hpux64/libacps.so

./hpux64/libacps.so.1

./security/hpux32/libacpm_hpux_rbac.so

./security/hpux32/libacpm_hpux_rbac.so.1

./security/hpux64/libacpm_hpux_rbac.so

./security/hpux64/libacpm_hpux_rbac.so.1

#



# pwd

/usr

# find . | grep libacps.1

#
0
permanent link
Peter Birk (501145) | answered May 27 '10, 11:00 a.m.
JAZZ DEVELOPER
It appears this document describes the purpose of the module that's not found, but I don't know why it cannot be found.

http://docs.hp.com/en/B3921-60631/acps_api.3.html

Your answer

Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.