[HCoop-Help] [HCoop-SysAdmin] Fwd: Cron <sastry at marsh> k5start -qtUf /etc/keytabs/user.daemon/sastry -- "/afs/hcoop.net/user/s/sa/sastry/.acme.sh"/acme.sh --cron --home "/afs/hcoop.net/user/s/sa/sastry/.acme.sh" > /dev/null
Clinton Ebadi
clinton at unknownlamer.org
Tue Apr 9 21:20:31 EDT 2019
Srikanth Sastry <sastry at hcoop.net> writes:
> I mean that I *think* this is the first time it has actually tried to renew the certs.
>
> It could be that my dav.sastry.name subdomain needs auth, which could be a reason the renew is not working. Let me try
> to fix that and see how that goes.
Hey,
It looks like you just need to grant your daemon user write permissions
to .acme.sh/ca, currently it lacks them so the mkdir will fail in an
unexpected way (despite existing already) and abort.
Let me know if it works after changing that.
>
>
> From: HCoop-Help <hcoop-help-bounces at lists.hcoop.net> on behalf of Srikanth Sastry <sastry at hcoop.net>
> Reply-To: HCoop member help list <hcoop-help at lists.hcoop.net>
> Date: Sunday, March 31, 2019 at 7:49 PM
> To: Clinton Ebadi <clinton at unknownlamer.org>
> Cc: <hcoop-help at hcoop.net>
> Subject: Re: [HCoop-Help] [HCoop-SysAdmin] Fwd: Cron <sastry at marsh> k5start -qtUf /etc/keytabs/user.daemon/sastry
> -- "/afs/hcoop.net/user/s/sa/sastry/.acme.sh"/acme.sh --cron --home "/afs/hcoop.net/user/s/sa/sastry/.acme.sh" > /dev/null
>
>
>
> Yes, I think so.
>
>
>
> On Sun, Mar 31, 2019 at 12:50 PM Clinton Ebadi <clinton at unknownlamer.org> wrote:
>
> Srikanth Sastry <sastry at hcoop.net> writes:
>
> > Hi,
> > I am seeing this error from the past two days. Any idea what changed?
>
> Hey,
>
> Is this the first time it's tried to actually renew the cert or any
> change from previous runs?
>
> I'm CCing hcoop-help (support questions like this should go there
> ideally).
>
> > Thanks!
> > ?srikanth
> >
> > ---------- Forwarded message ---------
> > From: <root at minsky.hcoop.net>
> > Date: Sat, Mar 30, 2019 at 1:09 AM
> > Subject: Cron <sastry at marsh> k5start -qtUf /etc/keytabs/user.daemon/sastry --
> > "/afs/hcoop.net/user/s/sa/sastry/.acme.sh"/acme.sh --cron --home "/afs/hcoop.net/user/s/sa/sastry/.acme.sh" >
> /dev/null
> > To: <sastry at minsky.hcoop.net>
> >
> > mkdir: cannot create directory ?/afs/hcoop.net/user/s/sa/sastry/.acme.sh/ca?: Permission denied
> > mkdir: cannot create directory ?/afs/hcoop.net/user/s/sa/sastry/.acme.sh/ca?: Permission denied
> > mkdir: cannot create directory ?/afs/hcoop.net/user/s/sa/sastry/.acme.sh/ca?: Permission denied
> > [Sat Mar 30 01:09:02 EDT 2019] Can not create path:
> > /afs/hcoop.net/user/s/sa/sastry/.acme.sh/ca/acme-v01.api.letsencrypt.org
> > chmod: cannot access '/afs/hcoop.net/user/s/sa/sastry/.acme.sh/ca/acme-v01.api.letsencrypt.org/account.key':
> Permission
> > denied
> > [Sat Mar 30 01:09:02 EDT 2019] Create account key error.
> > [Sat Mar 30 01:09:02 EDT 2019] Please add '--debug' or '--log' to check more details.
> > [Sat Mar 30 01:09:02 EDT 2019] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh
> > [Sat Mar 30 01:09:02 EDT 2019] Error renew dav.sastry.name.
> -----BEGIN PGP SIGNATURE----- iHUEAREIAB0WIQTxacO8l1GEP5SXQr4/WZqufEOp9AUCXKDv8wAKCRA/WZqufEOp
> 9KrtAP4o/KqCwhO0GiGXpswLisEcr3galOHDzHBgoINLeoHEIQD9ESxdKH3u9RII Ltt0bMxnUaiW5VQnRKCrdwA1p5+IHPA=
> =NmLH -----END PGP SIGNATURE-----
--
Mike: I WAS NOT MICROWAVED.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://lists.hcoop.net/pipermail/hcoop-help/attachments/20190409/be5f71a6/attachment.sig>
More information about the HCoop-Help
mailing list