Can't Create Another New VS

Am getting the following errors when trying to create a new VS ...

Creating administration group rti .. .. done Creating administration user rti .. .. failed to create administration user : useradmin::create_user failed : Failed to open /etc/shadow for writing : Bad file descriptor at /usr/libexec/webmin/web-lib-funcs.pl line 1360.

Failed to create virtual server : Critical feature Administration user was not properly created - Virtual server creation halted.

*** Only happened after server was rebooted, was fine before reboot ...***

Status: 
Active

Comments

Hmm, that's an unusual error, it doesn't seem to be able to write to your shadow file.

What is the output of these two commands:

ls -l /etc/shadow

mount

First command: -r-------- 1 root root 1881 Jan 28 17:03 /etc/shadow

Second command:

[doorway@NL-FLDI-00300 ~]$ mount /dev/mapper/VolGroup00-LogVol00 on / type ext3 (rw) proc on /proc type proc (rw) sysfs on /sys type sysfs (rw) devpts on /dev/pts type devpts (rw,gid=5,mode=620) /dev/mapper/VolGroup00-LogVol03 on /home type ext3 (rw,grpquota,usrquota) /dev/mapper/VolGroup00-LogVol07 on /tmp type ext3 (rw) /dev/mapper/VolGroup00-LogVol05 on /usr type ext3 (rw) /dev/mapper/VolGroup00-LogVol04 on /opt type ext3 (rw) /dev/mapper/VolGroup00-LogVol06 on /var type ext3 (rw) /dev/mapper/VolGroup00-LogVol02 on /var/log type ext3 (rw) /dev/sda1 on /boot type ext3 (rw) tmpfs on /dev/shm type tmpfs (rw) none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)

I don't see any glaring issues in your output above.

Would it be possible to log into your system to troubleshoot the issue?

If that's okay, could you either enable the Remote Support option in the Virtualmin Support module, or email your root login details to eric@virtualmin.com?

Thanks!

Sorry, I work for Disney and this implementation is behind a closed network in our lab, I have determined that we run TripWire and HIPS - and that HIPS is preventing /etc/shadow from being updated which is causing all kinds of other related issues.

Do you have a list of published products which can cause issues for you.... ? For example TripWire, A/V???

I was trying to demo that VirtualMin is an awesome tool to provide a self-service capability to our development teams... I had hoped I would not have to certify a new VM (VMWare) image ...

Would it be possible to have a conference call or WebEx with you to discuss the use of your tools to meet our needs here at Disney?

Any of these cause issues for you?

echo "cft_p2 - configuration tool part two" echo echo "Usage: cft_p2 [-B -O -T -C -H -h -p] " echo "-B Do not install BigFix " echo "-O Do not install Openview " echo "-T Do not install Tripwire " echo "-C Do not configure AD, root password, or yum repository " echo "-H Do not install Mcafee Intrusion Prevention System Client " echo "-h Print help options " echo "-p Prompt user to select which software is to be installed " echo echo "Example 1: Default action is to install all software packages." echo "cft_p2 /net/wl-flor-apninad/kickstart " echo echo "Example 2: Skip installing a single software package." echo "cft_p2 -B /net/wl-flor-apninad/kickstart " echo echo "Example 3: Skip installing several software packages." echo "cft_p2 -B -O -T -S /net/wl-flor-apninad/kickstart "

Well, any software that might interfere with Virtualmin's ability to change any config file, network setting, or restart services on the server could certainly cause issues. Virtualmin requires a lot of access to the system to be able to perform management of the system.

SELinux is a common example of software that can cause problems by interfering with Virtualmin. I'm not familiar with HIPS, but if an intrusion prevention system confuses Virtualmin with an intruder, and prevents access to the filesystem, that could certainly cause issues.

Regarding Tripwire -- that should just be a notification system for files that have changed; and if that's the case, if it doesn't prevent access to those files, it shouldn't cause any problems using that with Virtualmin.

With your most recent comment, it looks like your software is offering to install OpenView, Tripwire, and Mcafee Intrusion Prevention software.

I'm under the impression that OpenView is a monitoring solution, which should work fine. And Tripwire should be okay too, so long as it isn't setup to prevent access to files. The only concern I'd have is Mcafee Intrusion Prevention -- however, even with it, it may be possible to configure McAfee to ignore processes generated from within Virtualmin.