Hello, can anyone kindly point me in the right direction in setting up dictd-server. I am experienced with Linux but new to Fedora and SELinux.
I have installed the package: dnf install dictd-service
Went through the docs: /usr/share/doc/dictd-server/INSTALL
Added a dictd config file: /etc/dictd.conf
Now, I'm a bit confused. There are several example config files in the doc directory, plus a folder of SELinux examples. I haven't allowed access in the dictd.conf file since I'm only going to run on a local machine.
When I attempt to start with systemctl: /bin/systemctl status dictd.service
I get the following error:
● dictd.service - Dictd Dictionary Server Daemon Loaded: loaded (/usr/lib/systemd/system/dictd.service; disabled; vendor preset: disabled) Active: failed (Result: exit-code) since Fri 2016-12-09 00:09:12 EST; 41s ago Process: 2493 ExecStart=/usr/sbin/dictd --listen-to 127.0.0.1 (code=exited, status=0/SUCCESS) Main PID: 2494 (code=exited, status=1/FAILURE)
Dec 09 00:09:12 localhost.localdomain systemd[1]: Starting Dictd Dictionary Server Daemon... Dec 09 00:09:12 localhost.localdomain systemd[1]: Started Dictd Dictionary Server Daemon. Dec 09 00:09:12 localhost.localdomain systemd[1]: dictd.service: Main process exited, code=exited, status=1/FAILURE Dec 09 00:09:12 localhost.localdomain systemd[1]: dictd.service: Unit entered failed state. Dec 09 00:09:12 localhost.localdomain systemd[1]: dictd.service: Failed with result 'exit-code'.
I looked through the internet for references, but I guess installing dictd-server on Fedora 25 is not a popular thing to do. Thanks!
On 12/09/16 13:23, stevefoley12723@gmail.com wrote:
Hello, can anyone kindly point me in the right direction in setting up dictd-server. I am experienced with Linux but new to Fedora and SELinux.
I have installed the package: dnf install dictd-service
Went through the docs: /usr/share/doc/dictd-server/INSTALL
Added a dictd config file: /etc/dictd.conf
Now, I'm a bit confused. There are several example config files in the doc directory, plus a folder of SELinux examples. I haven't allowed access in the dictd.conf file since I'm only going to run on a local machine.
When I attempt to start with systemctl: /bin/systemctl status dictd.service
I get the following error:
● dictd.service - Dictd Dictionary Server Daemon Loaded: loaded (/usr/lib/systemd/system/dictd.service; disabled; vendor preset: disabled) Active: failed (Result: exit-code) since Fri 2016-12-09 00:09:12 EST; 41s ago Process: 2493 ExecStart=/usr/sbin/dictd --listen-to 127.0.0.1 (code=exited, status=0/SUCCESS) Main PID: 2494 (code=exited, status=1/FAILURE)
Dec 09 00:09:12 localhost.localdomain systemd[1]: Starting Dictd Dictionary Server Daemon... Dec 09 00:09:12 localhost.localdomain systemd[1]: Started Dictd Dictionary Server Daemon. Dec 09 00:09:12 localhost.localdomain systemd[1]: dictd.service: Main process exited, code=exited, status=1/FAILURE Dec 09 00:09:12 localhost.localdomain systemd[1]: dictd.service: Unit entered failed state. Dec 09 00:09:12 localhost.localdomain systemd[1]: dictd.service: Failed with result 'exit-code'.
I looked through the internet for references, but I guess installing dictd-server on Fedora 25 is not a popular thing to do. Thanks!
Well, at this point all I can tell is I did this on an F25 VM that I have....
1. dnf install dictd-server 2. systemctl enable dictd 3. systemctl start dictd
And then....
[root@f25f ~]# systemctl status dictd ● dictd.service - Dictd Dictionary Server Daemon Loaded: loaded (/usr/lib/systemd/system/dictd.service; enabled; vendor preset: di Active: active (running) since Fri 2016-12-09 13:55:38 CST; 3s ago Process: 5453 ExecStart=/usr/sbin/dictd --listen-to 127.0.0.1 (code=exited, status Main PID: 5454 (dictd) Tasks: 1 (limit: 4915) CGroup: /system.slice/dictd.service └─5454 dictd 1.12.1: 0/0
Dec 09 13:55:38 f25f systemd[1]: Starting Dictd Dictionary Server Daemon... Dec 09 13:55:38 f25f systemd[1]: Started Dictd Dictionary Server Daemon.
This is without modification to the installed /etc/dictd.conf ..
And, FWIW...
[root@f25f ~]# telnet localhost 2628 Trying ::1... telnet: connect to address ::1: Connection refused Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 f25f dictd 1.12.1/rf on Linux 4.8.11-300.fc25.x86_64 <auth.mime> 1.5487.1481263254@f25f quit 221 bye [d/m/c = 0/0/0; 4.000r 0.000u 0.000s]
So, I'm guessing at this point there is something in your configuration file or something else you did to get the failure.
Thanks for the quick reply!
On Fri, Dec 9, 2016 at 1:01 AM, Ed Greshko ed.greshko@greshko.com wrote:
Well, at this point all I can tell is I did this on an F25 VM that I have....
- dnf install dictd-server
- systemctl enable dictd
- systemctl start dictd
This works for me. I didn't use systemctl to enable dictd, so maybe that was my problem before. Now I get the same output as you on systemctl status.
And, FWIW...
[root@f25f ~]# telnet localhost 2628 Trying ::1... telnet: connect to address ::1: Connection refused Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 f25f dictd 1.12.1/rf on Linux 4.8.11-300.fc25.x86_64 <auth.mime> 1.5487.1481263254@f25f quit 221 bye [d/m/c = 0/0/0; 4.000r 0.000u 0.000s]
Right now I'm still blocked trying to access both localhost and 127.0.0.1, but at least dictd is working.
So, I'm guessing at this point there is something in your configuration file or something else you did to get the failure.
I will check out the config file next. Thanks for your help! I'm still new to Fedora and have been hitting lots of gotchas where I don't know what to do, but then once you get the answers everything runs smoothly :-)
On Fri, Dec 9, 2016 at 6:04 AM, Patrick O'Callaghan pocallaghan@gmail.com wrote:
When I attempt to start with systemctl: /bin/systemctl status dictd.service
That says status, not start.
Sorry, that was a cut and paste mistake.
Well...I'm at a total loss here. Default install of dictd-server works great:
dnf install dictd-server systemctl enable dictd systemctl start dictd
"systemctl status dictd" shows it being active. But, when I edit the config file /etc/dictd.conf adding paths and restart, status show failed or dead. I changed owner and permissions on the dictionary files, but doesn't seem to help.
Somehow, I feel this all should be easier (I'm kind of missing Debian now).
/etc/dictd.conf below:
global { #syslog #syslog_facility daemon }
# Add database definitions here...
database gcide { data "/usr/local/share/dict/wn.dict.dz" index "/usr/local/share/dict/wn.index" }
# We stop the search here database_exit
# Add hidden database definitions here...
On 12/10/16 10:40, Steve Foley wrote:
On Fri, Dec 9, 2016 at 6:04 AM, Patrick O'Callaghan <pocallaghan@gmail.com mailto:pocallaghan@gmail.com> wrote:
> When I attempt to start with systemctl: > /bin/systemctl status dictd.service That says status, not start.Sorry, that was a cut and paste mistake.
Well...I'm at a total loss here. Default install of dictd-server works great:
dnf install dictd-server systemctl enable dictd systemctl start dictd
"systemctl status dictd" shows it being active. But, when I edit the config file /etc/dictd.conf adding paths and restart, status show failed or dead. I changed owner and permissions on the dictionary files, but doesn't seem to help.
Somehow, I feel this all should be easier (I'm kind of missing Debian now).
/etc/dictd.conf below:
global { #syslog #syslog_facility daemon }
# Add database definitions here...
database gcide { data "/usr/local/share/dict/wn.dict.dz http://wn.dict.dz" index "/usr/local/share/dict/wn.index" }
# We stop the search here database_exit
# Add hidden database definitions here...
To eliminate one thing do this, as root, prior to starting the server....
setenforce 0
This will make sure an selinux setting isn't causing your problem.
On 12/09/2016 06:40 PM, Steve Foley wrote:
Well...I'm at a total loss here. Default install of dictd-server works great:
dnf install dictd-server systemctl enable dictd systemctl start dictd
"systemctl status dictd" shows it being active. But, when I edit the config file /etc/dictd.conf adding paths and restart, status show failed or dead. I changed owner and permissions on the dictionary files, but doesn't seem to help.
Then that pretty clearly means that there's something wrong with what you're putting in the config file. Check the journal, check for selinux errors, etc. Given that it works when run as root, that would indicate a permission or an selinux issue. I just checked the selinux rules for it and it's only allowed to read files in /var/lib and /home, so where did you put the dict files you were adding?
On Fri, Dec 9, 2016 at 10:43 PM, Samuel Sieb samuel@sieb.net wrote:
Then that pretty clearly means that there's something wrong with what you're putting in the config file. Check the journal, check for selinux errors, etc. Given that it works when run as root, that would indicate a permission or an selinux issue. I just checked the selinux rules for it and it's only allowed to read files in /var/lib and /home, so where did you put the dict files you were adding?
Hi Samuel, you nailed it! I moved the dictionary files to /var/lib/dict/ and now everything works...thanks and also thanks everyone else for the help.
BTW, I just found this man page if anyone wants to know the ins and outs of dictd and selinux:
wait...I spoke too soon...rebooted and it doesn't work!
ah well, I'm watching videos about SELinux now...this might take all week.
On 12/10/16 13:31, stevefoley12723@gmail.com wrote:
wait...I spoke too soon...rebooted and it doesn't work!
ah well, I'm watching videos about SELinux now...this might take all week.
Like I said earlier....
try "setenforce 0" to verify the totality of the problem is selinux
Also, the files should go in /var/lib/dictd <---- the d at the end.
And after you put the files there you may have to restore their context.
restorecon -R /var/lib/dictd
And then make sure the files have context like so...
[root@f25f dictd]# pwd /var/lib/dictd
[root@f25f dictd]# ls -Z unconfined_u:object_r:dictd_var_lib_t:s0 x
On 12/09/2016 09:48 PM, Ed Greshko wrote:
Also, the files should go in /var/lib/dictd <---- the d at the end.
And after you put the files there you may have to restore their context.
restorecon -R /var/lib/dictd
And then make sure the files have context like so...
[root@f25f dictd]# pwd /var/lib/dictd
[root@f25f dictd]# ls -Z unconfined_u:object_r:dictd_var_lib_t:s0 x
Right, if the files were moved instead of copied, they will have the context of where they came from. The restorecon will fix that.
On 12/10/16 14:00, Samuel Sieb wrote:
Right, if the files were moved instead of copied, they will have the context of where they came from. The restorecon will fix that.
Two other things that should be mentioned.....
The actions of the "setenforce" command does not survive a reboot. The status of selinux is determined at boot time by a configuration file.
There may be a selinux issue but an AVC may not be logged as dontaudit (not logged) may be in effect. If you use "semodule -DB" then you will see it. You can use "semodule -B" to turn dontaudit on again.
-
Ed Greshko -
Patrick O'Callaghan -
Samuel Sieb -
Steve Foley