Symantec Access Management

  • Private Community
 View Only

  • 1.  webfort fails to start when using systemd vs binary (linux)

    Posted Jan 23, 2018 08:59 AM

    when i try to start webfort using systemd services it fails but starts fine from the binaries. I'm new to AdvAuth and first in our company to learn the config / install process so any help would be welcome

     

    /etc/systemd/system/strongauth.service

    [Unit]
    Description=CA Strong Auth Server
    After=network.target

    [Service]
    Type=simple
    EnvironmentFile=/etc/sysconfig/arcot
    ExecStart=/opt/CA/AdvAuth/bin/webfortserver start
    ExecStop=/opt/CA/AdvAuth/bin/webfortserver stop

    WorkingDirectory=/opt/CA/AdvAuth

    User=arcot
    Group=arcot

    [Install]
    WantedBy=multi-user.target

     

    /etc/sysconfig/arcot

    JAVA_HOME=/opt/java
    JAVA_OPTS='-Djava.awt.headless=true -Djava.security.egd=file:/dev/./urandom'

    # CA VARS
    LD_LIBRARY_PATH=/opt/CA/AdvAuth/odbc64v80/lib:/opt/CA/AdvAuth/sbin:/opt/CA/AdvAuth/lib:/opt/CA/AdvAuth/bin:/opt/CA/AdvAuth/sdk/server/plugin/c/lib:/opt/java/jre/bin
    ARCOT_HOME=/opt/CA/AdvAuth
    PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/bin:/opt/puppetlabs/bin:/opt/tomcat/bin:/opt/java/bin:/root/bin:/opt/java/bin

     

    Output from journalctl

    systemd[1]: Starting CA Strong Auth Server...
    webfortserver[52940]: Operation start being performed on Server WebFort Server
    webfortserver[52940]: All environment variables are set
    polkitd[772]: Unregistered Authentication Agent for unix-process:52934:58479880 (system bus name :1.22, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, l
    systemd[1]: Started CA Strong Auth Server.
    webfortserver[52940]: Arcot arwfserver.real Watchdog Service initializing ...
    webfortserver[52956]: Operation stop being performed on Server WebFort Server
    webfortserver[52956]: Operation failed.
    webfortserver[52956]: Could not get failure details.TransportException. while connecting to [http://localhost:9743/] Err : create: No Transports Available

     

    Note: the polkit error appears to be insignificant, according to: linux - Explanation of polkitd Unregistered Authentication Agent - Stack Overflow 



  • 2.  Re: webfort fails to start when using systemd vs binary (linux)

    Broadcom Employee
    Posted Jan 26, 2018 02:08 PM

    Hi Drew, 

     

    It seems you were working for this issue with Namish in case 00943592 that has been resolved. 

     

    Thanks

    Awijit 



  • 3.  Re: webfort fails to start when using systemd vs binary (linux)

    Posted Jan 26, 2018 02:15 PM

    Hi Awijit,

     

    From a support perspective it is 'resolved.' From a community perspective, i would not count it as resolved. The resolution to the ticket was a workaround... we had systemd call an init.d script. As noted by red hat, that is 'old hat' way of doing things, and will eventually go away entirely: Overview of systemd for RHEL 7 - Red Hat Customer Portal 

     

    If anyone in the community has been able to get a native systemd unit file to work, that would be a big advantage to others!

     

    Thanks,

    Drew



  • 4.  RE: Re: webfort fails to start when using systemd vs binary (linux)
    Best Answer

    Posted Jul 26, 2019 11:47 AM
      |   view attached

    Hi Drew
    the same issue is present in CA Strong Authentication 9.1; but I've found a way to make it work in systemd.

    The "webfortserver" file is a shell script, which starts the arwfwatchdog process after some checking (env vars and so on); then puts it in background.

    I've built a systemd unit based on how the process is started and stopped by the above script; find it attached

    It's not perfect, the "stop" command is failing (the process stops with the message "operation successful"), but the process starts fine
    Feel free to use it as a starting point :)

    Regards
    Enrico B.


    Attachment(s)

    zip
    arcotwebfort.service.zip   553 B 1 version
    Original Message