Greetings!
I've installed FRED on Fedora 17 according to
http://fred.nic.cz/wiki/download
Now I can't obtain the admin interface. Where can the credentials for
demo access be found?
Thank you!
--
SY, Dmitry Belyavsky
In this post I'm describing the other apparent problem I found.
I'm upgrading a copy of our FRED 2.2 database (which we are using for production), and trying to upgrade it to 2.11.2, the last version. For that I typed this SQL script:
postgres@freddb:/root/fred-db-2.11.2/upgrades$ more 2-2-a-2-11.sql
\i 2_2_0-2_3_0.sql
\i 2_3_0-2_4_0.sql
\i 2_4_0-2_5_0-ddl.sql
\i 2_4_0-2_5_0-logger-ddl.sql
\i 2_4_0-2_5_0-dml.sql
\i 2_4_0-2_5_0-logger-dml.sql
\i 2.5.0-2.5.1-ddl.sql
\i 2.5.0-2.5.1-dml.sql
\i 2.5.1-2.6.0-ddl.sql
\i 2.5.1-2.6.0-logger-ddl.sql
\i 2.5.1-2.6.0-dml.sql
\i 2.5.1-2.6.0-logger-dml.sql
\i 2.6.0-2.7.0-ddl.sql
\i 2.6.0-2.7.0-dml.sql
\i 2.6.0-2.7.0-logger-dml.sql
\i 2.7.0-2.8.0-ddl.sql
\i 2.7.0-2.8.0-dml.sql
\i 2.8.0-2.8.1-ddl.sql
\i 2.8.0-2.8.1-dml.sql
\i 2.8.1-2.8.2-dml.sql
\i 2.8.1-2.9.0-01-prepare.sql
\i 2.8.1-2.9.0-02-changes-ddl.sql
\i 2.8.1-2.9.0-03-changes-dml.sql
\i 2.8.1-2.9.0-04-finish-ddl.sql
\i 2.9.0-2.10.0-ddl.sql
\i 2.9.0-2.10.0-dml.sql
\i 2.10.0-2.11.0-01-ddl.sql
\i 2.10.0-2.11.0-02-dml.sql
\i 2.10.0-2.11.0-03-ddl.sql
\i 2.11.0-2.11.1-dml.sql
\i 2.11.1-2.11.2-dml.sql
-------------------------------
This theoretically, upgrades the DB. But when I run fred-client using this upgraded database, this is when I run fred-client (after setting up fred-server and fred-pyfred):
-------------------------------
root@fredbeta:~# fred-client
Unsupported language code: 'es' in os.environ.LANG. Available codes are: cs, en. Set default to: 'en'.
FredClient 2.4.1
Type "help", "license" or "credits" for more information.
Using configuration from /usr/etc/fred/fred-client.conf
Connecting to 127.0.0.1, port 700 ...
ERROR: Login failed.
-------------------------------
The /var/log/fred.log relevant fragment gives me this:
[2012-Sep-06 10:36:19] [fred-server] [error] [logd-<60380061>/session-0/request-311805] -- Result failed: INSERT INTO request_data (request_time_
begin, request_service_id, request_monitoring, request_id, content, is_response) VALUES ('2012-09-06 16:36:19.858714', 3, 'f', 311805, E'<?xml version
="1.0" encoding="UTF-8" standalone="no"?>
<epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 e
pp-1.0.xsd"><command><login><clID>NIC-REG1</clID><pw>reg1.cr</pw><options><version>1.0</version><lang>en</lang></options><svcs><objURI>http://www.nic.
cz/xml/epp/contact-1.6</objURI><objURI>http://www.nic.cz/xml/epp/nsset-1.2</objURI><objURI>http://www.nic.cz/xml/epp/domain-1.4</objURI><objURI>http:/
/www.nic.cz/xml/epp/keyset-1.3</objURI><svcExtension><extURI>http://www.nic.cz/xml/epp/enumval-1.2</extURI></svcExtension></svcs></login><clTRID>bttz0
01#12-09-06at10:36:19</clTRID></command></epp>
', 'f') (ERROR: column "entry_time_begin" of relation "request_data_epp_12_09" does not exist <-------------------------
LINE 1: INSERT INTO request_data_epp_12_09(entry_time_begin, entry_s... <-----------------------------------
^
QUERY: INSERT INTO request_data_epp_12_09(entry_time_begin, entry_service, entry_monitoring, entry_id, content, is_response) VALUES ('2012-09-06 16:
36:19.858714', 3, 'f', 311805, '<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 e
pp-1.0.xsd"><command><login><clID>NIC-REG1</clID><pw>reg1.cr</pw><options><version>1.0</version><lang>en</lang></options><svcs><objURI>http://www.nic.
cz/xml/epp/contact-1.6</objURI><objURI>http://www.nic.cz/xml/epp/nsset-1.2</objURI><objURI>http://www.nic.cz/xml/epp/domain-1.4</objURI><objURI>http:/
/www.nic.cz/xml/epp/keyset-1.3</objURI><svcExtension><extURI>http://www.nic.cz/xml/epp/enumval-1.2</extURI></svcExtension></svcs></login><clTRID>bttz0
01#12-09-06at10:36:19</clTRID></command></epp>
', 'f')
CONTEXT: PL/pgSQL function "tr_request_data" line 18 at EXECUTE statement
---------------------------------------------------------------------
Now, if I drop the table request_data_epp_12_09 so it is newly created, and run fred-client again this is what I get:
---------------------------------------------------------------------
[2012-Sep-06 10:40:00] [fred-server] [error] [logd-<62621798>/session-0/request-311806] -- Result failed: INSERT INTO request_data (request_time_
begin, request_service_id, request_monitoring, request_id, content, is_response) VALUES ('2012-09-06 16:40:00.170266', 3, 'f', 311806, E'<?xml version
="1.0" encoding="UTF-8" standalone="no"?>
<epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 e
pp-1.0.xsd"><command><login><clID>NIC-REG1</clID><pw>reg1.cr</pw><options><version>1.0</version><lang>en</lang></options><svcs><objURI>http://www.nic.
cz/xml/epp/contact-1.6</objURI><objURI>http://www.nic.cz/xml/epp/nsset-1.2</objURI><objURI>http://www.nic.cz/xml/epp/domain-1.4</objURI><objURI>http:/
/www.nic.cz/xml/epp/keyset-1.3</objURI><svcExtension><extURI>http://www.nic.cz/xml/epp/enumval-1.2</extURI></svcExtension></svcs></login><clTRID>doej0
01#12-09-06at10:40:00</clTRID></command></epp>
', 'f') (ERROR: column "entry_time_begin" does not exist
CONTEXT: SQL statement "CREATE TABLE request_data_epp_12_09 (CHECK (entry_time_begin >= TIMESTAMP '2012-09-01 00:00:00' AND entry_time_begin < TIMEST
AMP '2012-10-01 00:00:00' AND entry_service = 3 AND entry_monitoring = 'f') ) INHERITS (request_data) "
PL/pgSQL function "create_tbl_request_data" line 27 at EXECUTE statement
SQL statement "SELECT create_tbl_request_data(entry_time_begin, entry_service, entry_monitoring)"
PL/pgSQL function "tr_request_data" line 23 at PERFORM
------------------------------------------------------
It seems that the upgrade scripts almost dotheir job, but I feel something got overlooked.
What do you think?.
Best regards.
--
Mario Guerra <mguerra(a)nic.cr>
I want to inform about a couple of possible bugs for FRED 2.11 (I tried to use TRAC, but it is not clear how to ccreate a new user):
1. fred-admin listing contacts
I did in a controlled environment a brand new FRED 2.11 installation. After running the orderedsql.sh script for installing the PostgreSQL initial environment I ran fred-admin for creating an initial registrar, a zone, and registered the zone with that registrar. After that, I created a contact. This is what I get:
a) fred-client
NIC-REG1(a)127.0.0.1> list_contacts
Number of records: 1
MGUERRA_AT_NIC.CR
NIC-REG1(a)127.0.0.1> info_contact MGUERRA_AT_NIC.CR
Contact ID: MGUERRA_AT_NIC.CR
Repository object ID: C0000000001-EPP
Created by: NIC-REG1
Designated registrar: NIC-REG1
Created on: 2012-09-04T18:18:51-06:00
Name: Mario Guerra
Street: AV. 12-14, Calle 25
City: San Jose
Postal code: 2060-1000
Country code: CR
Password for transfer: hPdgeOiT
Email: mguerra(a)nic.cr
Status: ok - Objekt is without restrictions
Disclose: voice
fax
email
vat
ident
notify_email
addr
b) fred-admin
root@fredbeta:~# fred-admin --contact_list
<objects>
</object>
Have you reproduced this problem?.
For the next possible bug, I'm posting another email.
Best regards.
--
Mario Guerra <mguerra(a)nic.cr>
Further to my previous email, I did the instalation of FRED from
packages of Lucid and did a lot of tweaking but seems alot of things
works but I was sad not to find a script like fred-server which i think
helps when starting the services unless the name is changed but i think
it helps especially when one wants to start services at once.
Hi,
I am having a problem with fred-pyfred on lucid when I start the
services all starts except fred-pyfred when i start via pyfredctl it
does not start, checking the logs I get the bellow errors....
fred-pyfred[1672]: segfault at 0 ip b71a57e3 sp bf8f3240 error 4 in
libomniORB4.so.1.4[b70ec000+17a000]
Now I decided to dig more and found out when I try to genzone I get the
'Segmentation Fault' error.
Can anyone help please.
--
b
Hi,
I am having a problem with fred-pyfred on lucid when I start the
services all starts except fred-pyfred when i start via pyfredctl it
does not start, checking the logs I get the bellow errors....
fred-pyfred[1672]: segfault at 0 ip b71a57e3 sp bf8f3240 error 4 in
libomniORB4.so.1.4[b70ec000+17a000]
Now I decided to dig more and found out when I try to genzone I get the
'Segmentation Fault' error.
Can anyone help please.
--
b
Hi,
CZ.NIC will host next ICANN meeting in Prague in June 24-29 this year -
http://prague44.icann.org/ and http://www.icannprague.cz/
I had an idea to do one day workshop for FRED prior to this meeting on
Sunday 24 if there will be some demand. Topics would cover:
- features, architecture, component description
- installation procedure
- basic configuration - adding zone, adding registrar,...
- place for questions.
The workshop would be in our offices where we have small educational
room for 20 people. Please let me know if you would like to participate
in this activity, we have five weeks to arrange it.
Regards,
Jaromir
--
Jaromir Talir
technicky reditel / Chief Technical Officer
-------------------------------------------
CZ.NIC, z.s.p.o. -- .cz domain registry
Americka 23, 120 00 Praha 2, Czech Republic
mailto:jaromir.talir@nic.cz http://nic.cz/
sip:jaromir.talir@nic.cz tel:+420.222745107
mob:+420.739632712 fax:+420.222745112
-------------------------------------------
Anyone tried to install the 2.11!?
I am getting sql/epp_login.sql: No such file or directory on the fred-db* package
fred-db-2.11.0 # make
./orderedsql.sh > structure.sql
cat: ./sql/epp_login.sql: No such file or directory
Regards,
A
As of today, 12 June, we are using our EPP module and fred-client certificates.They are signed by the same CA, in our case, our own.
These scripts can help you to do that:
CA creation (if you decide to have your own):
--------------------------------------------
#!/bin/bash
openssl genrsa -des3 -out nicca.key 4096
openssl req -new -x509 -days 1095 -key nicca.key -out nicca.crt -subj /C=<country>/L=<City>/O=<country>.NIC/OU=Registry/CN=localhost/
Certificate request and signing (the later is done by an external CA if you decide so):
#!/bin/bash
echo "Create CSR for $1"
openssl genrsa -des3 -out $1.key 4096
openssl req -new -key $1.key -out $1.csr -subj /C=<country>/ST=<province/state>/L=<Location>/O=<country>.NIC/OU=Registry/CN=localhost/emailAddress=<your email address>
echo "Sign certificate for $1" (you don't need this if you use an external CA)
openssl x509 -req -days 1095 -in $1.csr -CA nicca.crt -CAkey nicca.key -set_serial 01 -out $1.crt
echo "Generate key w/o passphrase"
openssl rsa -in $1.key -out $1.key.insecure
mv $1.key $1.key.secure
mv $1.key.insecure $1.key
The later script is used both for the EPP module and fred-client but create two independent certificates. Algo, for fred-client you need to modify the cert field in the registraracl table for the respective registrar so it states the FRED certificate fingerprint. Calculate that with this:
openssl x509 -md5 -noout -in NIC-REG1.crt -fingerprint | awk 'BEGIN {FS="="} {print $2}'
More details at http://www.guerra.co.cr/ (Certificate management using FRED).
Any comment is welcome.
--
Mario Guerra <mguerra(a)nic.cr>
Following this thread:
1. I setup an account in cacert.org for having certificates emitted with them. Then I generated a couple of certificates, one for the EPP Apache module and one for the client (which means that both certificates are different, not the same situation described in the README file in /usr/share/fred-mod-eppd/ssl/README. Now, I notice both certificates are emitted by the very same CA, cacert.org in this case. They work perfectly. So I have some questions:
a) What happens if nic.cr has its own certificates with, say, cacert.org and the clients using fred-client generate certificates using the same CA, but with their own usernames?. My guess is that it shouldn't be a problem, because the CA cert associated in the eppd module configuration is the same. That is, for the EPP module certificate nic.cr use a cacert.org user like, say, "nicrcr" and the client connecting with nic.cr use their own user, say, "client1".
b) What if nic.cr uses, say, cacert.org for the EPPD Apache module, but a client uses, Certplus, Thawte or Verising for signing their fred-client certificates?.
c) I have tried to use our own (test) CA following the procedure in http://www.tc.umn.edu/~brams006/selfsign.html, part 1B, but it does not work. I guess I have to include something and I'm not aware of it.
Thanks in advance.
--
Mario Guerra <mguerra(a)nic.cr>