My Favorites

Close

Please to see your favorites.


Troubleshoot SMT Issues

This document (7004748) is provided subject to the disclaimer at the end of this document.

Environment

SUSE Linux Enterprise Server 11 Service Pack 1
SUSE Linux Enterprise Server 10 Service Pack 2
SUSE Linux Enterprise Server 10 Service Pack 3
Novell Subscription Management Tool 1.0
Novell Subscription Management Tool 1.1

Situation

SMT server not working correctly.  See the below for some standard troubleshooting tips.

Resolution

 

I.  Check the SMT Server 

  • Run 'rcsmt status'.  You should see the following:

    • If smt fails to startup because of MySQL access is damaged or corrupted, look at TID 7001726.

  • Check mirror credentials in Yast | SMT Configuration.  Hit the "Test" button and it should come back successful.

  • Check the following config files:

    • /etc/smt.conf:  Make sure the nccemail, url and MirrorTo variables are set correctly.

    • /etc/smt.d/nu_server.conf:  If you have changed the location of the SMT repository, make sure it is reflected here as well as in the MirrorTo variable of the smt.conf.  A good document to follow for making sure this is done correctly can be found here.

  • Make sure you have the catalogs mirrored you want your clients to have access to.

    • Run 'smt-catalogs -e' to enable catalogs.  The following enables the x86_64 Updates catalog for SLES10 SP2:

      • smt-catalogs -e SLES10-SP2-Updates sles-10-x86_64

    • Run 'smt-catalogs -o' to see what catalogs are currently mirrored.  If there are catalogs that you should have access to but don't, support can check entitlement and regenerate the mirror credentials to add new repositories for those entitlements.

 

II.  Failures on the client SMT setup

  • Running the clientSetup4SMT.sh script fails to complete.  There are 2 things accomplished in this step: 1) change the /etc/suseRegister.conf file to point to your SMT url instead of novell.com, and 2) Download the smt.crt certificate

    • Make sure the /srv/www/htdocs/smt.crt file exists on the SMT server.

    • Verify the validity dates of the CA and server certificates on the SMT server in Yast | CA Management.

    • If "Device Busy" messages come back, stop and start the novell-zmd service.

  • Running 'suse_register' fails with various error messages:

    • Execute curl command failed with '60':curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

      • This means the server certificate is no longer valid.  Check the dates as stated above.

    • If permission to download the repoindex.xml file is denied, check the owner of the main repository directory (/srv/www/htdocs/repo by default).  It should be wwwrun.  Also, if the repository is on an NSS volume, add the wwwrun user from eDirectory as a trustee to the repo directory.
    • See if port 443 is open on the SMT server.
      • Type in "lsof -i:443".  If nothing is returned, then port 443 is not open and listening.  You can try the same command with 80 to make sure apache is listening at all.  If Port 443 is not open, look at the  /etc/apache2/sysconfig.d/loadmodule.conf file.  It should include a line that looks like this:  LoadModule ssl_module        /usr/lib/apache2-worker/mod_ssl.so .  If that line is not there, go into Yast and see if port 443 is even enabled.  If not, add port 443 and restart apache and smt and check the port again.

        Also, check /etc/sysconfig/apache2 in the APACHE_MODULES section and verify that 'ssl' is listed as one of the modules being loaded, as well as verifying APACHE_SERVER_FLAGS="SSL".
    • Look at the /var/log/apache2/access_log and error_log for other information. 
  • Running suse_register succeeds, but there are no catalogs or the SMT server shows as "inactive"

    • Try running 'suse_register -r' instead.  If you are on SLES10 SP1, there is no -r switch with suse_register.  Instead, delete the /var/cache/SuseRegister/lastzmdconfig.cache file and run suse_register again.

    • Make sure you have the correct catalogs mirrored.

    • Restart the novell-zmd service.

    • Check the /etc/zmd/zmd.conf file.  If you are using a proxy in there, remove that and restart the novell-zmd service.

    • Run 'smt-list-registrations' on the SMT server.  Make sure this client is now listed.  If it is, try the following:

      • Using a web browser, hit http://dns_name.com/repo/repoindex.xml and it should ask for a username and password.  These are the deviceid and secret for any registered client found in their /etc/zmd directories.  You should then see xml tagged data for the different catalogs for that particularly registered client if it worked correctly.
III.  Problems on client after registering successfully
  • When running 'smt-client', all client statuses show as "Unknown"
    • SLES11+ are the only servers that have the ability to update the SMT server with a status.  Install the smt-client.rpm from the SMT install media.

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7004748
  • Creation Date:27-OCT-09
  • Modified Date:27-APR-12
    • SUSESubscription Management Tool
      SUSE Linux Enterprise Server

Did this document solve your problem? Provide Feedback