AICCU on RHEL6.2
Shadow Hawkins on Wednesday, 16 October 2013 19:57:36
I am trying to user RHEL 6.2 under z/VM on an IBM z114 to act as a tunnel and IPv6 router for z/OS systems on the same z114. The entire z114 is a test environment.
IPv6 is working between Linux and z/OS with Linux running RADVD. The problem is getting AICCU installed. It needs syslog-ng which needs eventlog. I need to install these from source because I can't seem to find a s390x version. I manage to get both eventlog and syslog-ng installed, but AICCU still does not recognize syslog-ng as being there.
When installing from source, is there something else to do to make the AICCU source install recognize syslog-ng as being installed? YUM and RPM don't see them either.
AICCU on RHEL6.2
Jeroen Massar on Wednesday, 16 October 2013 20:01:10 It needs syslog-ng which needs eventlog.
Though AICCU can log to syslog, there is no requirement for that. It uses the syslog() call when not logging to file.
but AICCU still does not recognize syslog-ng as being there.
AICCU does not test these kind of things, it just calls syslog() and let the system handle it.
As such, it is likely a package management issue, what is the error you are getting?
AICCU on RHEL6.2
Shadow Hawkins on Wednesday, 16 October 2013 23:38:17
I don't doubt that it is probably a package management issue. I just don't know how to get around it. I'm a mainframe guy who got dragged into Unix about 10 years ago. I have to come to like Linux. I just need more experience with it.
To answer your question, here's what it does. It's a dependency check.
[root@rlnxu012 SPECS]# find / -name 'syslog-ng' 2>/dev/null
/sbin/syslog-ng
/usr/local/sbin/syslog-ng
/usr/local/include/syslog-ng
/usr/local/lib/syslog-ng
/home/dave/syslog-ng-3.4.2/syslog-ng
/home/dave/syslog-ng-3.4.2/syslog-ng/syslog-ng
/home/dave/syslog-ng-3.4.2/syslog-ng/.libs/syslog-ng
[root@rlnxu012 SPECS]# syslog-ng
[root@rlnxu012 SPECS]# rpmbuild -ba aiccu.spec
error: Failed build dependencies:
syslog-ng is needed by aiccu-20070115-8.4.s390x
AICCU on RHEL6.2
Jeroen Massar on Thursday, 17 October 2013 00:14:20 I'm a mainframe guy who got dragged into Unix about 10 years ago. I have to come to like Linux.
Linux Is Not UniX => Linux
More importantly though is that Red Hat is just one of the many distributions that uses the Linux Kernel. There is a lot more to Linux than Redhat.
It's a dependency check.
Quite likely. You might want to check the contents of that .spec file and maybe better cut&paste it between [ code ] ... [ /code ] so that others can have a peek at it.
The original aiccu supplied spec has only:
BuildRequires: gnutls-devel
Requires: iproute
Requires(post): chkconfig
Requires(preun): chkconfig, initscripts
Requires(postun): initscripts
Thus unless one of those depends on syslog, it should in theory not bother.
It seems btw that at:
http://rpm.pbone.net/index.php3/stat/26/dist/46/size/78211/name/aiccu-20070115-8.4.src.rpm
is for OpenSUSE which quite well be incompatible with the rest of the RedHat package ecosystem.
That .spec indeed has:
BuildRequires: gnutls-devel syslog-ng
Requires: iproute2
#Requires(post): chkconfig
#Requires(preun): chkconfig, initscripts
#Requires(postun): initscripts
You could just remove that special requirement (which is silly, as syslog() is a system call and not dependant on any kind of syslog daemon, syslog, syslog-ng or rsyslog all would do just fine to fulfil that role).
You might want to complain to the person who updated that package. Likely though it is just not for the system that you have.
But you also might just be better of building this package from source (the one that we distribute) or much more likely a much better idea if you have the cash to have a 390 in your network: upgrade the network to support IPv6 natively...
AICCU on RHEL6.2
Shadow Hawkins on Thursday, 17 October 2013 01:38:29
Native IPv6 was my first choice. I am inside a corporate network and I can't seem to interest our network guys to pursue IPv6 support. I need to test it on z/OS systems so this is the route I am taking.
Installing the source from your site seems like a good idea. Unfortunately, I can't seem to figure out how. I'm used to doing ./configure, make, etc. Or an src.rpm file. I exploded the source tar and came up with this.
[root@rlnxu012 aiccu]# ls
common debian doc freebsd gentoo Makefile netbsd openbsd rpm unix-console
Read thru the files in /doc, haven't figured out how to compile this.
I deleted the syslog-ng requirement from the other source and it seemed to install OK, but I can't find it anywhere, won't start.
I appreciate your help. I'm feeling pretty dumb about now.
AICCU on RHEL6.2
Jeroen Massar on Thursday, 17 October 2013 01:46:40 Read thru the files in /doc, haven't figured out how to compile this.
Just type "make" as the Makefile is already there.
it seemed to install OK, but I can't find it anywhere, won't start
rpm -ql aiccu
should list what files got installed by that package.
Either way, your best bet when you have found the binary (or just run it from the source dir) is to provide it with a aiccu.conf that has 'verbose true' and 'daemonize false' that way you can see easier what it complais about; if you do daemonize check /var/log/ for hints.
AICCU on RHEL6.2
Shadow Hawkins on Thursday, 17 October 2013 02:35:00
Looking much better. That was too easy.
[root@rlnxu012 etc]# aiccu test
sock_getline() : "200 SixXS TIC Service on nlhaa01.sixxs.net ready (http://www.sixxs.net)"
sock_printf() : "client TIC/draft-00 AICCU/2007.01.15-console-linux Linux/2.6.32-220.el6.s390x"
sock_getline() : "200 Client Identity accepted"
sock_printf() : "get unixtime"
sock_getline() : "200 1381976780"
sock_printf() : "starttls"
sock_getline() : "200 Go ahead, we are now talking securely"
TLS Handshake completed succesfully
sock_printf() : "username DGK9-XXXX"
sock_getline() : "200 DGK9-xxxx choose your authentication challenge please"
sock_printf() : "challenge md5"
sock_getline() : "200 22081abb4ed318bbf0e1c252ed267fb8"
sock_printf() : "authenticate md5 dc712e714a0fe8504270c33c6a3f8773"
sock_getline() : "200 Successfully logged in using md5 as DGK9-xxxx (David G)"
sock_printf() : "tunnel list"
sock_getline() : "201 Listing tunnels"
sock_getline() : "T133278 none heartbeat uschi03"
sock_getline() : "202 <tunnel_id> <ipv6_endpoint> <ipv4_endpoint> <pop_name>"
sock_printf() : "tunnel show T133278"
sock_getline() : "201 Showing tunnel information for T133278"
sock_getline() : "TunnelId: T133278"
sock_getline() : "Type: 6in4-heartbeat"
sock_getline() : "IPv6 Endpoint: "
sock_getline() : "IPv6 POP: "
sock_getline() : "IPv6 PrefixLength: 0"
sock_getline() : "Tunnel MTU: 1280"
sock_getline() : "Tunnel Name: My First Tunnel"
sock_getline() : "POP Id: uschi03"
sock_getline() : "IPv4 Endpoint: heartbeat"
sock_getline() : "IPv4 POP: 0.0.0.0"
sock_getline() : "UserState: disabled"
sock_getline() : "AdminState: requested"
sock_getline() : "202 Done"
Succesfully retrieved tunnel information for T133278
sock_printf() : "QUIT Something I can never have"
Tunnel Information for T133278:
POP Id : uschi03
IPv6 Local : /0
IPv6 Remote : /0
Tunnel Type : 6in4-heartbeat
Adminstate : requested
Userstate : disabled
Tunnel is not enabled (UserState: requested, AdminState: disabled)
I think this looks good so far. Waiting for my tunnel request to be granted.
Thanks for your patience with the mainframe guy.
AICCU on RHEL6.2
Jeroen Massar on Thursday, 17 October 2013 02:37:22 Waiting for my tunnel request to be granted.
From your log:
2013-10-17 02:20 DGK9-SIXXS Requested tunnel T133278 from heartbeat to PoP uschi03
2013-10-17 02:26 DGK9-SIXXS SixXS approved tunnel T133278 to heartbeat on PoP uschi03
As such, it should be there already.
AICCU on RHEL6.2
Shadow Hawkins on Saturday, 19 October 2013 15:57:18
All is well after much messing with Linux ip6tables and routing. My big problem was not noticing my assigned global /64 subnet is one digit different than my tunnel. Routing is much easier now. I thought it was interesting my attached servers use the link local address for a default gateway.
In the end, my s390x RHEL server is handling the tunnel and RADVD to the other Linux and z/OS systems. All of them have access to the global ipv6 world. I will work on enabling applications in z/OS and firewall rules in the Linux router.
If my network guys find out about this there could be trouble. I will have to lock it down.
Thanks for your help. This is a good base for learning and demonstrating IPv6.
Posting is only allowed when you are logged in. |