Strange restart problem on Zimbra 8.8.5/Ubuntu16
Closed this issue ยท 13 comments
Hey,
I installed a fresh Zimbra 8.8.5 and this letsencrypt set. Using the git versions. Zimbra is working, and restart works fine.
Certificate is created, but the restart of zimbra does not work/finalise. Strangely enough, doing a manual zmcontrol restart right after the letsencrypt request, the restart is executed fine.
The error I am able to find is in zmwatch.out:
Can't locate Swatchdog/Actions.pm in @inc (you may need to install the Swatchdog::Actions module) (@inc contains: /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.22.1 /usr/local/share/perl/5.22.1 /usr/lib/x86_64-linux-gnu/perl5/5.22 /usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl/5.22 /usr/share/perl/5.22 /usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base .) at /opt/zimbra/data/tmp/.swatchdog_script.16404 line 29.
BEGIN failed--compilation aborted at /opt/zimbra/data/tmp/.swatchdog_script.16404 line 29.
The first per module reported 'missing' (in another error message was Date::Parse which I could solve with installing it:
root@mailer3:~# cpan install Date::Parse
Loading internal null logger. Install Log::Log4perl for logging messages
Reading '/root/.cpan/Metadata'
...
I am seeing the same..
Brand new install of CentOS 6.9 minimal with Zimbra 8.8.5.
I modified the /etc/cron.d/letsencrypt-zimbra file a little bit, hoping to work around the issue.. Also don't need this running every day taking down the server.
Hopefully this will help.
Thanks @online-stuff for the workaroud but it won't be probably acceptable solution for many, so I don't want to include it as recommended one at this time.
@mvhconsult do you run zmcontrol restart manually as root or zimbra user afterwards?
Had the same problem.
[root@zimbraserver letsencrypt-zimbra-perm-fix]# uname -a
Linux zimbraserver.local 2.6.32-504.8.1.el6.x86_64 #1 SMP Wed Jan 28 21:11:36 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
Zimbra 8.7.11 freshly installed.
Manual stop and start as zimbra user worked.
Maybe the problem is in restart? Because of some services not running it can't restart?
obtain-and-deploy-letsencrypt-cert.sh: error: Restarting zimbra failed.
[root@zimbraserver letsencrypt-zimbra-perm-fix]# su - zimbra
[zimbra@zimbraserver ~]$ zmcontrol status
Host asg.beevoip.it
amavis Running
antispam Running
antivirus Running
ldap Running
logger Stopped
**zmlogswatchctl is not running**
mailbox Running
memcached Running
mta Running
opendkim Running
proxy Running
service webapp Running
snmp Stopped
**zmswatch is not running.**
spell Running
stats Running
zimbra webapp Running
zimbraAdmin webapp Running
zimlet webapp Running
zmconfigd Running
[zimbra@zimbraserver ~]$ exit
Confirming the issue affects me as well. Ubuntu 16.04 and Zimbra 8.7.0GA
obtain-and-deploy-letsencrypt-cert.sh: info: start nginx
obtain-and-deploy-letsencrypt-cert.sh: info: assemble cert files
obtain-and-deploy-letsencrypt-cert.sh: info: test and deploy certificates
obtain-and-deploy-letsencrypt-cert.sh: info: restart zimbra
obtain-and-deploy-letsencrypt-cert.sh: error: Restarting zimbra failed.
root@mx01:/opt/letsencrypt-zimbra# cp configs/cron.conf /etc/cron.d/letsencrypt-zimbra
root@mx01:/opt/letsencrypt-zimbra# su - zimbra
zimbra@mx01:~$ zmcontrol status
Host mx01.mail.routh.io
amavis Running
antispam Running
antivirus Running
dnscache Running
ldap Running
logger Stopped
zmlogswatchctl is not running
mailbox Running
memcached Running
mta Running
opendkim Running
proxy Running
service webapp Running
snmp Stopped
zmswatch is not running.
spell Running
stats Running
zimbra webapp Running
zimbraAdmin webapp Running
zimlet webapp Running
zmconfigd Running
zimbra@mx01:~$ And zmcontrol stop; zmcontrol start (as the zimbra user of course) fixes it:
zimbra@mx01:~$ zmcontrol stop
Host mx01.mail.routh.io
Stopping zmconfigd...Done.
Stopping zimlet webapp...Done.
Stopping zimbraAdmin webapp...Done.
Stopping zimbra webapp...Done.
Stopping service webapp...Done.
Stopping stats...Done.
Stopping mta...Done.
Stopping spell...Done.
Stopping snmp...Done.
Stopping cbpolicyd...Done.
Stopping archiving...Done.
Stopping opendkim...Done.
Stopping amavis...Done.
Stopping antivirus...Done.
Stopping antispam...Done.
Stopping proxy...Done.
Stopping memcached...Done.
Stopping mailbox...Done.
Stopping logger...Done.
Stopping dnscache...Done.
Stopping ldap...Done.
zimbra@mx01:~$ zmcontrol start
Host mx01.mail.routh.io
Starting ldap...Done.
Starting zmconfigd...Done.
Starting dnscache...Done.
Starting logger...Done.
Starting mailbox...Done.
Starting memcached...Done.
Starting proxy...Done.
Starting amavis...Done.
Starting antispam...Done.
Starting antivirus...Done.
Starting opendkim...Done.
Starting snmp...Done.
Starting spell...Done.
Starting mta...Done.
Starting stats...Done.
Starting service webapp...Done.
Starting zimbra webapp...Done.
Starting zimbraAdmin webapp...Done.
Starting zimlet webapp...Done.
zimbra@mx01:~$I run the zmcontrol restart as zimbra user afterwards.
Well it's really confusing issue. I really don't understand why the same command works in interactive shell but keeps failing in the script.
I will take a look on it. Stay tuned ๐
Try setup cron as zimbra user.
root@mail:/opt/letsencrypt-zimbra# su zimbra
zimbra@mail:/opt/letsencrypt-zimbra$ crontab -e
Select an editor. To change later, run 'select-editor'.
- /bin/ed
- /bin/nano <---- easiest
- /usr/bin/vim.basic
- /usr/bin/vim.tiny
42 0 * * * /opt/letsencrypt-zimbra/obtain-and-deploy-letsencrypt-cert.sh -q
I see, maybe some differences in environment. I will focus on that
Maybe restarting it as root will help?
/etc/init.d/zmcontrol restart
I am sorry for the delay.
Finally I found that zmwatch missing modules is due to lack of PERLLIB env variable. So i set it before restarting the services.
Thank you all for the tips, specially @mvhconsult
Can anyone test the zmrestart branch please? Try to renew the cert with -f option. I.E.:
git fetch
git checkout zmwatch
sudo -Hu zimbra /opt/letsencrypt-zimbra/obtain-and-deploy-letsencrypt-cert.sh -vf
Tested the branch on a system, and restart seems fine now :) Good work.
Will test next week with auto renew, and try to remember to report here.
thank you for testing it. I will merge it. Feel free to reopen the issue if something is still wrong.