The LDAP server is running on another machine in the same LAN without any firewall.

As by your suggestion, I change the user and group from kamailio to root in the /etc/default/kamilio file. Now it works.

Why I can not run the kamailio as the user kamailio as the default installation set? (I install the kamilio from rpm and the user and group of kamailio are already created by the installation)

wuthout ldap.so, I can run the kamilio from the user kamailio normally when I run "service kamailio start" from root.





On Tue, Jun 21, 2011 at 12:07 PM, Daniel-Constantin Mierla <miconda@gmail.com> wrote:
Hello,

interesting, is the ldap server running on same server? Is the connection via local network?

When starting as service, kamailio is probably run under user kamailio. Any firewall in place or system restrictions for user 'kamailio'?

You can change the user/group for kamailio service in /etc/default/kamailio

Cheers,
Daniel


On 6/21/11 12:00 PM, laura testi wrote:
Hi Daniel,
thank you very much for your quick reply. Yes I can connect to ldap and make search from kamailio if I start the kamailio with command line in a terminal ("# kamctl start" or "#kamailio") as root.It fail to connect to ldap only when I start it as service from the boot or I run the command "service kamailio start".

Best Regards,
Peng



On Tue, Jun 21, 2011 at 11:48 AM, Daniel-Constantin Mierla <miconda@gmail.com> wrote:
Hello,

the first error I could spot related to ldap is:

Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8786]: ERROR: ldap [ldap_connect.c:166]: [sipaccounts]: ldap bind failed: Can't contact LDAP server

suggesting connectivity problem to ldap server. Is it running? Can you connect to ldap server from a terminal?

Cheers,
Daniel


On 6/21/11 11:39 AM, laura testi wrote:
Hi,
we try to use LDAP module in kamailio, first we try only load the ldap.so only to see if it can be loaded. When we start from the command line with either "kamctl start" or directly "kamilio", the kamailio is started normally with different children. When I try to start as service with "service kamailio start" or "/etc/init.d/kamailio start". It fails with the following error in the /var/log/messages:
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Jun 21 10:28:39 kamailio3p1 kamailio: INFO: <core> [tcp_main.c:4716]: init_tcp: using epoll_lt as the io watch method (auto detected)

Jun 21 10:28:39 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: usrloc [hslot.c:53]: locks array size 512

Jun 21 10:28:39 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: auth [auth_mod.c:312]: auth: qop set, but nonce-count (nc_enabled) support disabled

Jun 21 10:28:39 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: permissions [parse_config.c:251]: file not found: //etc/kamailio/permissions.allow

Jun 21 10:28:39 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: permissions [permissions.c:606]: default allow file (//etc/kamailio/permissions.allow) not found => empty rule set

Jun 21 10:28:39 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: permissions [parse_config.c:251]: file not found: //etc/kamailio/permissions.deny

Jun 21 10:28:39 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: permissions [permissions.c:615]: default deny file (//etc/kamailio/permissions.deny) not found => empty rule set

Jun 21 10:28:39 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: ldap [ldap_mod.c:246]: OpenLDAP - 20343

Jun 21 10:28:39 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_init.c:511]: tls: _init_tls_h:  compiled  with  openssl  version "OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008" (0x0090802f), kerberos support: on, compression: on

Jun 21 10:28:39 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_init.c:519]: tls: init_tls_h: installed openssl library version "OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008" (0x0090802f), kerberos support: on,  zlib compression: on  compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DKRB5_MIT -I/usr/kerberos/include -DL_ENDIAN -DTERMIO -Wall -DMD32_REG_T=int -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -Wa,--noexecstack -DOPENSSL_USE_NEW_FUNCTIONS -fno-strict-aliasing -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM

Jun 21 10:28:39 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_init.c:373]: tls: init_tls: disabling compression...

Jun 21 10:28:39 kamailio3p1 /usr/sbin/kamailio[8774]: WARNING: tls [tls_init.c:564]: tls: init_tls_h: openssl kerberos malloc bug detected,  kerberos support will be disabled...

Jun 21 10:28:39 kamailio3p1 /usr/sbin/kamailio[8774]: WARNING: tls [tls_init.c:587]: tls: openssl bug #1491 (crash/mem leaks on low memory) workaround enabled (on low memory tls operations will fail preemptively) with free memory thresholds 9961472 and 4980736 bytes

Jun 21 10:28:39 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: <core> [cfg/cfg_ctx.c:411]: INFO: cfg_set_now(): tls.low_mem_threshold1 has been changed to 9961472

Jun 21 10:28:39 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: <core> [cfg/cfg_ctx.c:411]: INFO: cfg_set_now(): tls.low_mem_threshold2 has been changed to 4980736

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: <core> [udp_server.c:178]: INFO: udp_init: SO_RCVBUF is initially 129024

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: <core> [udp_server.c:229]: INFO: udp_init: SO_RCVBUF is finally 262142

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: <core> [udp_server.c:178]: INFO: udp_init: SO_RCVBUF is initially 129024

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: <core> [udp_server.c:229]: INFO: udp_init: SO_RCVBUF is finally 262142

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:176]: TLSs<default>: tls_method=9

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:188]: TLSs<default>: certificate='//etc/kamailio/FBCIDS01V01.pem'

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:195]: TLSs<default>: ca_list='//etc/kamailio/tiglobalca.pem'

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:202]: TLSs<default>: crl='(null)'

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:206]: TLSs<default>: require_certificate=0

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:213]: TLSs<default>: cipher_list='(null)'

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:220]: TLSs<default>: private_key='//etc/kamailio/FBCIDS01V01KEY.pem'

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:224]: TLSs<default>: verify_certificate=0

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:227]: TLSs<default>: verify_depth=9

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:544]: TLSs<default>: No client certificate required and no checks performed

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:597]: tls: set_ssl_options: detected openssl version (90802f)  has the SSL_OP_TLS_BLOCK_PADDING bug, but compression  is disabled so no workaround is needed

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:176]: TLSc<default>: tls_method=9

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:188]: TLSc<default>: certificate='(null)'

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:195]: TLSc<default>: ca_list='(null)'

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:202]: TLSc<default>: crl='(null)'

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:206]: TLSc<default>: require_certificate=0

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:213]: TLSc<default>: cipher_list='(null)'

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:220]: TLSc<default>: private_key='(null)'

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:224]: TLSc<default>: verify_certificate=0

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:227]: TLSc<default>: verify_depth=9

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:547]: TLSc<default>: Server MAY present invalid certificate

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:597]: tls: set_ssl_options: detected openssl version (90802f)  has the SSL_OP_TLS_BLOCK_PADDING bug, but compression  is disabled so no workaround is needed

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:176]: TLSs<10.10.5.214:5061>: tls_method=12

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:188]: TLSs<10.10.5.214:5061>: certificate='//etc/kamailio/FBCIDS01V01.pem'

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:195]: TLSs<10.10.5.214:5061>: ca_list='//etc/kamailio/tiglobalca.pem'

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:202]: TLSs<10.10.5.214:5061>: crl='(null)'

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:206]: TLSs<10.10.5.214:5061>: require_certificate=0

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:213]: TLSs<10.10.5.214:5061>: cipher_list='(null)'

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:220]: TLSs<10.10.5.214:5061>: private_key='//etc/kamailio/FBCIDS01V01KEY.pem'

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:224]: TLSs<10.10.5.214:5061>: verify_certificate=0

Jun 21 10:28:40 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:227]: TLSs<10.10.5.214:5061>: verify_depth=9

Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:544]: TLSs<10.10.5.214:5061>: No client certificate required and no checks performed

Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: tls [tls_domain.c:597]: tls: set_ssl_options: detected openssl version (90802f)  has the SSL_OP_TLS_BLOCK_PADDING bug, but compression  is disabled so no workaround is needed

Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8786]: ERROR: ldap [ldap_connect.c:166]: [sipaccounts]: ldap bind failed: Can't contact LDAP server

Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8786]: ERROR: ldap [ldap_mod.c:182]: [sipaccounts]: failed to connect to LDAP host(s)

Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8786]: ERROR: <core> [sr_module.c:832]: init_mod_child(): Error while initializing module ldap (/usr/lib64/kamailio/modules_k/ldap.so)

Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8786]: ERROR: <core> [pt.c:337]: ERROR: fork_process(): init_child failed for  process 1, pid 8786, "udp receiver child=0 sock=127.0.0.1:5060"

Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8786]: : <core> [main.c:1546]: main_loop: Cannot fork

Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8788]: ERROR: ldap [ldap_connect.c:166]: [sipaccounts]: ldap bind failed: Can't contact LDAP server

Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8788]: ERROR: ldap [ldap_mod.c:182]: [sipaccounts]: failed to connect to LDAP host(s)

Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8788]: ERROR: <core> [sr_module.c:832]: init_mod_child(): Error while initializing module ldap (/usr/lib64/kamailio/modules_k/ldap.so)

Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8788]: ERROR: <core> [pt.c:337]: ERROR: fork_process(): init_child failed for  process 2, pid 8788, "udp receiver child=1 sock=127.0.0.1:5060"

Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8788]: : <core> [main.c:1546]: main_loop: Cannot fork

Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8774]: ALERT: <core> [main.c:738]: child process 8786 exited normally, status=255

Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8774]: ALERT: <core> [main.c:738]: child process 8788 exited normally, status=255

Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8774]: INFO: <core> [main.c:756]: INFO: terminating due to SIGCHLD

Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8801]: INFO: <core> [main.c:807]: INFO: signal 15 received

Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8799]: INFO: <core> [main.c:807]: INFO: signal 15 received

Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8797]: INFO: <core> [main.c:807]: INFO: signal 15 received

Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8795]: INFO: <core> [main.c:807]: INFO: signal 15 received

Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8793]: INFO: <core> [main.c:807]: INFO: signal 15 received

Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8790]: INFO: <core> [main.c:807]: INFO: signal 15 received

Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8812]: INFO: <core> [main.c:807]: INFO: signal 15 received

Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8808]: INFO: <core> [main.c:807]: INFO: signal 15 received

Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8810]: INFO: <core> [main.c:807]: INFO: signal 15 received

Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8814]: INFO: <core> [main.c:807]: INFO: signal 15 received

Jun 21 10:28:41 kamailio3p1 /usr/sbin/kamailio[8816]: INFO: <core> [main.c:807]: INFO: signal 15 received

...
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Without ldap.so loaded, we can start the kamailio as a service normally with "service kamailio start".
The platform running kamailio is: RHEL5.6_X64


Can you help us please? Because we want to start the kamailio as a service from the boot


Thanks a lot in advanced!


Best Regards,
Laura



_______________________________________________
sr-dev mailing list
sr-dev@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev

-- 
Daniel-Constantin Mierla -- http://www.asipto.com
http://linkedin.com/in/miconda -- http://twitter.com/miconda



_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users