Hello,
At the last step of the setup web ic2, it appears to have access / write restriction :
Seems to probably be user / group privilege ?
Here is the last screen message which block to complete the setup :
Thanks for help :
Authentication configuration has been successfully written to: /etc/icingaweb2/authentication.ini
Account "icingadmin" has been successfully defined as initial administrator.
User Group Backend configuration has been successfully written to: /etc/icingaweb2/groups.ini
Unable to create user group "Administrators". An error occured:
ERROR: Zend_Db_Adapter_Exception in /usr/share/icinga-php/vendor/vendor/shardj/zf1-future/library/Zend/Db/Adapter/Pdo/Abstract.php:171 with message: SQLSTATE[HY000] [1044] Access denied for user 'icingadb'@'localhost' to database 'icingadb-web'
Resource configuration could not be written to: /etc/icingaweb2/resources.ini. An error occured:
ERROR: ErrorException in /usr/share/php/Icinga/File/Ini/IniWriter.php:99 with message: file_put_contents(/etc/icingaweb2/resources.ini): Failed to open stream: Permission denied
Resource configuration update failed: /etc/icingaweb2/resources.ini
ERROR: ErrorException in /usr/share/php/Icinga/File/Ini/IniWriter.php:99 with message: file_put_contents(/etc/icingaweb2/resources.ini): Failed to open stream: Permission denied
Module configuration update successful: /etc/icingaweb2/modules/icingab/config.ini
Commandtransport configuration update successful: /etc/icingaweb2/modules/icingadb/commandtransports.ini
Monitoring backend configuration has been successfully written to: /etc/icingaweb2/modules/monitoring/backends.ini
Resource configuration could not be udpated: /etc/icingaweb2/resources.ini. An error occured:
ERROR: ErrorException in /usr/share/php/Icinga/File/Ini/IniWriter.php:99 with message: file_put_contents(/etc/icingaweb2/resources.ini): Failed to open stream: Permission denied
Command transport configuration has been successfully created: /etc/icingaweb2/modules/monitoring/commandtransports.ini
Monitoring security configuration has been successfully created: /etc/icingaweb2/modules/monitoring/config.ini
Module "director" has been successfully enabled.
Module "doc" has been successfully enabled.
Module "icingadb" has been successfully enabled.
Module "incubator" has been successfully enabled.
Module "migrate" has been successfully enabled.
Module "monitoring" has been successfully enabled.
Module "translation" has been successfully enabled.
I just changed resources.ini (was root:icingaweb2 by apache:icingaweb2) and seems to resolve a part of the final problem.
ls -l /etc/icingaweb2/
total 24
-rw-rw----. 1 apache icingaweb2 57 Dec 4 09:56 authentication.ini
-rw-rw----. 1 apache icingaweb2 223 Dec 4 09:56 config.ini
drwxrws---. 2 root icingaweb2 118 Nov 29 15:47 enabledModules
-rw-rw----. 1 apache icingaweb2 57 Dec 4 09:56 groups.ini
drwxrws---. 4 root icingaweb2 40 Nov 29 15:47 modules
-rw-r--r--. 1 apache icingaweb2 447 Dec 4 09:56 resources.ini
-rw-rw----. 1 apache icingaweb2 82 Dec 4 09:56 roles.ini
-rw-rw----. 1 root icingaweb2 17 Nov 29 10:55 setup.token
Now the remaining error left is :
General configuration has been successfully written to: /etc/icingaweb2/config.ini
Authentication configuration has been successfully written to: /etc/icingaweb2/authentication.ini
Account "icingadmin" has been successfully defined as initial administrator.
User Group Backend configuration has been successfully written to: /etc/icingaweb2/groups.ini
Unable to create user group "Administrators". An error occured:
ERROR: Zend_Db_Adapter_Exception in /usr/share/icinga-php/vendor/vendor/shardj/zf1-future/library/Zend/Db/Adapter/Pdo/Abstract.php:171 with message: SQLSTATE[HY000] [1044] Access denied for user 'icingadb'@'localhost' to database 'icingadb-web'
Resource configuration has been successfully written to: /etc/icingaweb2/resources.ini
Resource configuration update successful: /etc/icingaweb2/resources.ini
Module configuration update successful: /etc/icingaweb2/modules/icingab/config.ini
Commandtransport configuration update successful: /etc/icingaweb2/modules/icingadb/commandtransports.ini
Monitoring backend configuration has been successfully written to: /etc/icingaweb2/modules/monitoring/backends.ini
Resource configuration has been successfully updated: /etc/icingaweb2/resources.ini
Command transport configuration has been successfully created: /etc/icingaweb2/modules/monitoring/commandtransports.ini
Monitoring security configuration has been successfully created: /etc/icingaweb2/modules/monitoring/config.ini
Module "director" has been successfully enabled.
Module "doc" has been successfully enabled.
Module "icingadb" has been successfully enabled.
Module "incubator" has been successfully enabled.
Module "migrate" has been successfully enabled.
Module "monitoring" has been successfully enabled.
Module "translation" has been successfully enabled.
Also, status of db reflect perhaps the issue :
systemctl status icingadb
× icingadb.service - Icinga DB
Loaded: loaded (/usr/lib/systemd/system/icingadb.service; enabled; preset: disabled)
Active: failed (Result: exit-code) since Wed 2024-12-04 10:00:41 CET; 7min ago
Duration: 5min 9ms
Process: 24886 ExecStart=/usr/sbin/icingadb --config /etc/icingadb/config.yml (code=exited, status=1/FAILURE)
Main PID: 24886 (code=exited, status=1/FAILURE)
CPU: 1.401s
Dec 04 09:58:23 lmonicp24.lx.finbel.intra icingadb[24886]: redis: Can't connect to Redis. Retrying
Dec 04 09:58:23 lmonicp24.lx.finbel.intra icingadb[24886]: redis: Can't connect to Redis. Retrying
Dec 04 09:58:23 lmonicp24.lx.finbel.intra icingadb[24886]: redis: Reconnected to Redis
Dec 04 09:58:23 lmonicp24.lx.finbel.intra icingadb[24886]: redis: Reconnected to Redis
Dec 04 09:58:41 lmonicp24.lx.finbel.intra icingadb[24886]: heartbeat: Waiting for Icinga heartbeat
Dec 04 09:59:41 lmonicp24.lx.finbel.intra icingadb[24886]: heartbeat: Waiting for Icinga heartbeat
Dec 04 10:00:41 lmonicp24.lx.finbel.intra icingadb[24886]: retry deadline exceeded
github.com/icinga/icingadb/pkg/icingadb.(*HA).controller
github.com/icinga/icingadb/pkg/icingadb/ha.go:163
runtime.goexit
runtime/asm_amd64.s:1695
HA aborted
github.com/icinga/icingadb/pkg/icingadb.(*HA).abort.func1
github.com/icinga/icingadb/pkg/icingadb/ha.go:131
sync.(*Once).doSlow
sync/once.go:74
sync.(*Once).Do
sync/once.go:65
github.com/icinga/icingadb/pkg/icingadb.(*HA).abort
github.com/icinga/icingadb/pkg/icingadb/ha.go:129
github.com/icinga/icingadb/pkg/icingadb.(*HA).controller
github.com/icinga/icingadb/pkg/icingadb/ha.go:163
runtime.goexit
runtime/asm_amd64.s:1695
HA exited with an error
main.run
github.com/icinga/icingadb/cmd/icingadb/main.go:335
main.main
github.com/icinga/icingadb/cmd/icingadb/main.go:37
runtime.main
runtime/proc.go:271
runtime.goexit
runtime/asm_amd64.s:1695
Dec 04 10:00:41 lmonicp24.lx.finbel.intra systemd[1]: icingadb.service: Main process exited, code=exited, status=1/FAILURE
Dec 04 10:00:41 lmonicp24.lx.finbel.intra systemd[1]: icingadb.service: Failed with result 'exit-code'.
Dec 04 10:00:41 lmonicp24.lx.finbel.intra systemd[1]: icingadb.service: Consumed 1.401s CPU time.
Also [selinux] is set to permissive from previous problem
apparently yes, all the previous steps gone trough… I checked and seems the right one…
otherwise how / from where / what can I verify… (for me this should be ok)…
what about icingadb-web / icingadb ?
[Access denied for user ‘icingadb’@‘localhost’ to database ‘icingadb-web’]
here what’s found in mysql : (no icingadb-web ! ) maybe not the problem
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| director |
| icinga |
| icingadb |
| information_schema |
| mysql |
| performance_schema |
| sys |
+--------------------+
7 rows in set (0.00 sec)
[edit]
Also if this can help ? (but I don’t think something related, I 'm not sure to understand all these db, but no pwd for icdb should not restrain access) :