Jun 25 23:45:18 XXXXX icingadirector[9279]: Started by systemd, notifying watchdog every 5s via /run/systemd/notify
Jun 25 23:45:18 XXXXX icingadirector[9279]: PHP Fatal error: Uncaught Error: Call to undefined function posix_getpid() in /usr/share/icingaweb2/modules/incubator/vendor/gipfl
Jun 25 23:45:18 XXXXX icingadirector[9279]: Stack trace:
Jun 25 23:45:18 XXXXX icingadirector[9279]: #0 /usr/share/icingaweb2/modules/director/library/Director/Daemon/BackgroundDaemon.php(74): gipfl\SystemD\NotifySystemD->setReady()
Jun 25 23:45:18 XXXXX icingadirector[9279]: #1 /usr/share/icingaweb2/modules/director/library/Director/Daemon/BackgroundDaemon.php(52): Icinga\Module\Director\Daemon\Backgroun
Jun 25 23:45:18 XXXXX icingadirector[9279]: #2 /usr/share/icingaweb2/modules/reactbundle/vendor/react/event-loop/src/Tick/FutureTickQueue.php(46): Icinga\Module\Director\Daemo
Jun 25 23:45:18 XXXXX icingadirector[9279]: #3 /usr/share/icingaweb2/modules/reactbundle/vendor/react/event-loop/src/StreamSelectLoop.php(181): React\EventLoop\Tick\FutureTick
Jun 25 23:45:18 XXXXX icingadirector[9279]: #4 /usr/share/icingaweb2/modules/director/library/Director/Daemon/BackgroundDaemon.php(55): React\EventLoop\StreamSelectLoop->run()
Jun 25 23:45:18 XXXXX icingadirector[9279]: #5 /usr/share/icingaweb2/modules/director/application/clicommands/DaemonCommand.php(24): Icinga\Module\Direc in /usr/share/icingawe
Jun 25 23:45:18 XXXXX icingadirector[9279]: Fatal error: Uncaught Error: Call to undefined function posix_getpid() in /usr/share/icingaweb2/modules/incubator/vendor/gipfl/syst
Jun 25 23:45:18 XXXXX icingadirector[9279]: Stack trace:
Jun 25 23:45:18 XXXXX icingadirector[9279]: #0 /usr/share/icingaweb2/modules/director/library/Director/Daemon/BackgroundDaemon.php(74): gipfl\SystemD\NotifySystemD->setReady()
Jun 25 23:45:18 XXXXX icingadirector[9279]: #1 /usr/share/icingaweb2/modules/director/library/Director/Daemon/BackgroundDaemon.php(52): Icinga\Module\Director\Daemon\Backgroun
Jun 25 23:45:18 XXXXX icingadirector[9279]: #2 /usr/share/icingaweb2/modules/reactbundle/vendor/react/event-loop/src/Tick/FutureTickQueue.php(46): Icinga\Module\Director\Daemo
Jun 25 23:45:18 XXXXX icingadirector[9279]: #3 /usr/share/icingaweb2/modules/reactbundle/vendor/react/event-loop/src/StreamSelectLoop.php(181): React\EventLoop\Tick\FutureTick
Jun 25 23:45:18 XXXXX icingadirector[9279]: #4 /usr/share/icingaweb2/modules/director/library/Director/Daemon/BackgroundDaemon.php(55): React\EventLoop\StreamSelectLoop->run()
Jun 25 23:45:18 XXXXX icingadirector[9279]: #5 /usr/share/icingaweb2/modules/director/application/clicommands/DaemonCommand.php(24): Icinga\Module\Direc in /usr/share/icingawe
Jun 25 23:45:18 XXXXX systemd[1]: icinga-director.service: main process exited, code=exited, status=255/n/a
Jun 25 23:45:18 XXXXX systemd[1]: Failed to start Icinga Director - Monitoring Configuration.
My version is the following
icinga2 - The Icinga 2 network monitoring daemon (version: 2.11.4-1)
Icinga Web 2 Version
2.8.0
Git commit
642ec11228c3be8d2abbdff6ef31da77e34f6c70
PHP Version
7.1.30
Git commit date
2020-06-08
I have tried to restart the service but nothing changed. I didn’t make any changes to the system itself since 2 days ago, as far as i understand that may affect this service.
I still cannot make it to work even if I have upgraded to php7.3
Even it seems that everything is working as expected I have also the following error which is may be related to the icinga director error:
Aug 04 16:02:28 frmon01 icingadirector[31383]: Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/doc" is not a symlinAug 04 16:02:28 frmon01 icingadirector[31383]: Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/monitoring" is not aAug 04 16:02:28 frmon01 icingadirector[31383]: Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/setup" is not a symlAug 04 16:02:28 frmon01 icingadirector[31383]: Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/audit" is not a symlAug 04 16:02:28 frmon01 icingadirector[31383]: Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/ipl" is not a symlinAug 04 16:02:28 frmon01 icingadirector[31383]: Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/incubator" is not a
Aug 04 16:02:28 frmon01 icingadirector[31383]: Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/reactbundle" is not
Aug 04 16:02:28 frmon01 icingadirector[31383]: Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/pdfexport" is not a
Aug 04 16:02:28 frmon01 icingadirector[31383]: Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/idoreports" is not aAug 04 16:02:28 frmon01 icingadirector[31383]: Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/reporting" is not a
Aug 04 16:02:28 frmon01 icingadirector[31383]: Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/graphite" is not a sAug 04 16:02:28 frmon01 icingadirector[31383]: Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/director" is not a sAug 04 16:02:28 frmon01 icingadirector[31383]: Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/trapdirector" is notAug 04 16:02:28 frmon01 icingadirector[31383]: Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/x509" is not a symliAug 04 16:02:28 frmon01 icingadirector[31383]: ERROR: There is no such module or command: 'director'
Aug 04 16:02:28 frmon01 icingadirector[31383]: Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/doc" is not a symlinAug 04 16:02:28 frmon01 icingadirector[31383]: Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/monitoring" is not aAug 04 16:02:28 frmon01 icingadirector[31383]: Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/setup" is not a symlAug 04 16:02:28 frmon01 icingadirector[31383]: Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/audit" is not a symlAug 04 16:02:28 frmon01 icingadirector[31383]: Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/ipl" is not a symlinAug 04 16:02:28 frmon01 icingadirector[31383]: Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/incubator" is not a
Aug 04 16:02:28 frmon01 icingadirector[31383]: Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/reactbundle" is not
Aug 04 16:02:28 frmon01 icingadirector[31383]: Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/pdfexport" is not a
Aug 04 16:02:28 frmon01 icingadirector[31383]: Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/idoreports" is not aAug 04 16:02:28 frmon01 icingadirector[31383]: Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/reporting" is not a
Aug 04 16:02:28 frmon01 icingadirector[31383]: Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/graphite" is not a sAug 04 16:02:28 frmon01 icingadirector[31383]: Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/director" is not a sAug 04 16:02:28 frmon01 icingadirector[31383]: Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/trapdirector" is notAug 04 16:02:28 frmon01 icingadirector[31383]: Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/x509" is not a symli
Any idea please I am getting frustrated with this and I dont have clear mind to fix it.
Generally it’s important to note that Icinga Web 2.8 with a RHEL/CentOS has dependencies on rh-php73-* and not rh-php71-*
This means that the addon modules that have additional dependencies (like php-posix) might not work anymore.
You should find this in the release notes of Icinga 2.8 as well.
rh-php71-php-soap would probably not help much, since SOAP is required for vSphereDB, but not for the director. And it would have to be PHP 7.3 and not 7.1
I think for your last issue here, it’s not a director problem but something with you Web module configuration.
Could you run a ls -l /etc/icingaweb2/enabledModules and a ls -ld /etc/icingaweb2/enabledModules, please?
Hm, let’s focus first issue for now:
With rpm -qa | grep php you should get the info which package has been installed in which version.
And then you can start sorting that out from there
Okay, those packages shouldn’t interfere with each other, from the looks of em.
The -process suffix was your original issue, if I recall correctly.
Okay, let’s find out under which user the services are running with: grep icinga /etc/passwd; grep icinga /etc/group
They need to be a member of the icingaweb2 group, else it won’t work.
If you could also post the unit file you used for the director that would be extra helpful
Hm, alright, then let’s try to run this manually as the icingadirector user:
su - icingadirector -s /bin/bash
icingacli director daemon run --debug --trace
And while you’re at it you could check if the icingadirector user can:
read the config at /etc/icingaweb2/modules/director/config.ini
see the symlinks at /etc/icingaweb2/enabledModules
and change into the directories like so: cd /etc/icingaweb2/enabledModules/director
If all that works out, then the issue might have something to do with SElinux… If that is the case, I’d need to go ask a colleague who knows more about that topic…
-bash-4.2$ icingacli director daemon run --debug --trace
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/doc" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/monitoring" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/setup" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/audit" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/ipl" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/incubator" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/reactbundle" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/pdfexport" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/idoreports" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/reporting" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/graphite" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/director" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/trapdirector" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/x509" is not a symlink
ERROR: There is no such module or command: 'director'
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/doc" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/monitoring" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/setup" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/audit" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/ipl" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/incubator" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/reactbundle" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/pdfexport" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/idoreports" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/reporting" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/graphite" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/director" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/trapdirector" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/x509" is not a symlink
USAGE: icingacli [module] <command> [action] [options]
So this should not be part of the problem as users are always unconfined if not explicitly some confinement is configured, so it would only deny very very rare cases which are highly insecure. But to remove them from the list to check please do two things.
First verify that the problem still exists even if SELinux is in permissive mode (can be changed simply by running setenforce 0 and verified by sestatus). If problem still exists it is not caused by SELinux, if not it is SELinux.
Second I want to have some SELinux specific information.
Hello sorry for the late answer but I was OOF for a couple of weeks. Thank you very much on trying to help me. Below you may find the output of the commands you asked for.
Hello I think you find it. Let me know how to change that specific permissions without braking something.
-bash-4.2$ icingacli director daemon run --debug --trace
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/doc" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/monitoring" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/setup" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/audit" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/ipl" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/incubator" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/reactbundle" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/pdfexport" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/idoreports" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/reporting" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/graphite" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/director" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/trapdirector" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/x509" is not a symlink
ERROR: There is no such module or command: 'director'
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/doc" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/monitoring" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/setup" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/audit" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/ipl" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/incubator" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/reactbundle" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/pdfexport" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/idoreports" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/reporting" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/graphite" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/director" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/trapdirector" is not a symlink
Found invalid module in enabledModule directory "/etc/icingaweb2/enabledModules": "/etc/icingaweb2/enabledModules/x509" is not a symlink
-bash-4.2$ ls /etc/icingaweb2/enabledModules
ls: cannot access /etc/icingaweb2/enabledModules/doc: Permission denied
ls: cannot access /etc/icingaweb2/enabledModules/monitoring: Permission denied
ls: cannot access /etc/icingaweb2/enabledModules/setup: Permission denied
ls: cannot access /etc/icingaweb2/enabledModules/audit: Permission denied
ls: cannot access /etc/icingaweb2/enabledModules/ipl: Permission denied
ls: cannot access /etc/icingaweb2/enabledModules/incubator: Permission denied
ls: cannot access /etc/icingaweb2/enabledModules/reactbundle: Permission denied
ls: cannot access /etc/icingaweb2/enabledModules/pdfexport: Permission denied
ls: cannot access /etc/icingaweb2/enabledModules/idoreports: Permission denied
ls: cannot access /etc/icingaweb2/enabledModules/reporting: Permission denied
ls: cannot access /etc/icingaweb2/enabledModules/graphite: Permission denied
ls: cannot access /etc/icingaweb2/enabledModules/director: Permission denied
ls: cannot access /etc/icingaweb2/enabledModules/trapdirector: Permission denied
ls: cannot access /etc/icingaweb2/enabledModules/x509: Permission denied
audit director doc graphite idoreports incubator ipl monitoring pdfexport reactbundle reporting setup trapdirector x509
-bash-4.2$ cd /etc/icingaweb2/enabledModules/director
-bash: cd: /etc/icingaweb2/enabledModules/director: Permission denied
This makes me wonder because it seams like something is broken on the system, which could explain any strange behaviour, but if SELinux works at least somehow it should have caused some more lines in the audit2allow output if it was blocking the file access.
But I thing I found it from the earlier output.
The capital S means there is no x behind it, can you please run chmod g+x /etc/icingaweb2/enabledModules to allow the group browsing the directory.