Troubleshoot Your Installation

Unable to open up UI

After your installation, if you are not able to bring up Login page and you see this kind of error in your browser, then it is likely due to Selinux setting.

Because we put our software in the /opt path, and Selinux policies does not allow to run web app from anything that it is not /var/www.

Since we don't want to change system policies on the customer servers, we set it just temporarily and give user a warning to change if he want permanent setting.

When this issue occurs, you will see the following error in nginx.log file:

2022/08/10 09:22:47 [crit] 14588#14588: *1 connect() to 127.0.0.1:8000 failed (13: Permission denied) while connecting to upstream, client: 178.223.69.167, server: localhost, request: "GET /api_dnl/v1/swagger.json HTTP/1.1", upstream: "http://127.0.0.1:8000/api_dnl/v1/swagger.json", host: "33.33.170.221"

The command you can use to check the Selinux policy is as follows:

You can use the getenforce command to see your SELINUX mode:

# getenforce
Enforcing

How to set your system to Permissive Mode

Use the following procedure to permanently change SELinux mode to permissive. When SELinux is running in permissive mode, SELinux policy is not enforced. The system remains operational and SELinux does not deny any operations but only logs AVC messages, which can be then used for troubleshooting, debugging, and SELinux policy improvements. Each AVC is logged only once in this case.

Prerequisites

  • The selinux-policy-targeted, libselinux-utils, and policycoreutils packages are installed on your system.

  • The selinux=0 or enforcing=0 kernel parameters are not used.

Procedure

  1. Open the /etc/selinux/config file in a text editor of your choice, for example:

    # vi /etc/selinux/config

  2. Configure the SELINUX=permissive option:

    # This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - No SELinux policy is loaded.
SELINUX=permissive
# SELINUXTYPE= can take one of these two values:
#       targeted - Targeted processes are protected,
#       mls - Multi Level Security protection.
SELINUXTYPE=targeted

  3. Restart the system:

    # reboot

Verification

After the system restarts, confirm that the getenforce command returns Permissive:

$ getenforce
Permissive

License Module Initialization Error

If you are seeing the following error in /opt/denovov6/dnl_softswitch/log/dnl_softswitch.log, you should reset your license IP here. 

Aug 21 23:26:18 194-233-170-221.ip.linodeusercontent.com dnl_softswitch[9387]: 2022-08-21 23:26:18 [ERROR] dnl_core.c:1760 Failed to initialize license module

Unable to open Web Portal

When you do "rpm update", the nginx config may get overwritten.

In this case, you can rerun the following command to reset the correct nginx config: 

yum install dnlv6-webbackend.noarch dnlv6-webui.x86_64

API is not responding due to Postgres is down

If API is no responding, then you may also want to check if Postgres is running:

# systemctl status postgresql.service
● postgresql.service - PostgreSQL 11 database server
   Loaded: loaded (/etc/systemd/system/postgresql.service; disabled; vendor preset: disabled)
   Active: active (running) since Fri 2022-09-30 02:26:21 UTC; 8s ago
  Process: 14612 ExecStartPre=/usr/pgsql-11/bin/postgresql-11-check-db-dir ${PGDATA} (code=exited, status=0/SUCCESS)
 Main PID: 14618 (postmaster)
   CGroup: /system.slice/postgresql.service
           ├─14618 /usr/pgsql-11/bin/postmaster -D /opt/pgsql/11/data/
           ├─14620 postgres: logger   
           ├─14631 postgres: checkpointer   
           ├─14632 postgres: background writer   
           ├─14633 postgres: walwriter   
           ├─14634 postgres: autovacuum launcher   
           ├─14635 postgres: stats collector   
           ├─14636 postgres: logical replication launcher   
           ├─14643 postgres: class4_user class4_dnl 127.0.0.1(41500) idle
           ├─14645 postgres: webbackend class4_dnl 127.0.0.1(41506) idle
           └─14648 postgres: class4_user class4_dnl 127.0.0.1(41510) idle

If it is showing down, then you can start with the following command. After you restart Postgresql, you can also restart dnl_api:

systemctl start postgresql.service
systemctl restart dnl_api_core
Previousdnl_web_helperNextSetup SSL on Web UI

Last updated