Hi - hope someone can help with this, I’m looking at setting up an SMT (Subscription Management Tool) server to mirror SLES updates for our internal servers. I’ve installed SMT as an Add On Product and configured as per documentation. However the MySQL DB connection always fails even though I can connect to the MySQL server with the SMT credentials from the command line. Does anyone know why or have any clues as to what’s happening?
If I run any SMT command that requires a DB connection it just fails with:
smt ncc-sync
Downloading Product information
DBI connect(‘database=smt;host=localhost’,‘smt’,…) failed: Can’t connect to local MySQL server through socket ‘/var/lib/mysql/mysql.sock’ (13) at /usr/lib/perl5/vendor_perl/5.10.0/SMT/Utils.pm line 114
However if I try to connect to the MySQL server using the credentials from the smt.conf file it works…
mysql -hlocalhost -usmt -ppassword -S/var/lib/mysql/mysql.sock smt
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.5.30-log Source distribution
Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the current input statement.
Aha, a break through. The issue is that the smt user could not access the mysql socket file. When running from the command line in my example I was logged in as root. So switched to the smt user and tried again, bingo it failed. To be precise I could not chdir to /var/lib/mysql as the perms were 750 and owned by mysql:mysql. So have just done a chmod 755 on /var/lib/mysql and it’s all working now.
Seem to have hit another problem now in that the SMT server is running and currently syncing some files to make available. So in the meantime I’m trying to register a client with my SMT server. There are several ways to do this and I chose to use the clientSetup4SMT.sh script from the SMT server. The SMT server creates its own SSL certificate as communication between client and server is HTTPS. The cert itself is obviously not provided by a trusted CA yet the client just keeps failing telling me this, even though it prompts me to trust this and I do. Anyone any ideas?
…
…
Do you accept this certificate? [y/n] y
Client setup finished.
Start the registration now? [y/n] y
/usr/bin/suse_register -i -L /root/.suse_register.log
Refreshing service ‘nu_novell_com’.
All services have been refreshed.
There are no enabled repositories defined.
Use ‘zypper addrepo’ or ‘zypper modifyrepo’ commands to add or enable repositories.
ERROR: Peer certificate cannot be authenticated with known CA certificates: (60)
(2)
ERROR: Peer certificate cannot be authenticated with known CA certificates: (60)
(2)
Ah, again another break through - more by luck than judgement. For some unknown reason I ran this command - smt-report - which gives details on subscriptions at the bottom of the screen I noticed it stated that the SSL cert had expired or some such. Now I correctly assumed it was referring to the SMT server certificate, unfortunately I didn’t waste time checking the expiration date. But Google came up trumps and this handy guide provided the answer - http://www.novell.com/support/kb/doc.php?id=7006024
So after carrying out these steps and re-running the command above my first client has registered itself with my SMT server - you can confirm this either by running smt-list-registrations on the SMT server or looking at your repo’s listed via YAST.
I’m sure there’s going to be other issues, but at least I’m making progress. Bizarrely none of the official SMT docs / install / setup guides seem to cover any of the issues I’ve encountered on a fresh install.