[SOLVED] ldap initialization fails sudoers error CentOS5

[zcsnewbie]

I am trying (literally for days) to install the open version of ZCS on a new install of CentOS5. I have Googled, Wikied and Forumed over and over. So now, I'm trying here, hoping someone will take pity on me...

Computer is totally naked on the Internet and has a static IP.
CentOS install seems to go fine.
I disable SELinux and Firewall.
I put my naked IP, FQDN including hostname, and nickname into /etc/hosts.
I do yum update.
Remove sendmail.
Install openssl097a, compat-libstdc++-296, compat-libstdc++-33, compat-db & libtool-ltdl.
I comment out "defaults requiretty" in /etc/sudoers.
I delete the line LANG="en_us.utf-8" in /etc/sysconfig/i18n.
I install fetchmail.
I'm using the open RHEL5 version of ZCS.
Download and unpack ZCS into /var/tmp OK.
./install.sh --platform-override

I have to change the domain from hostname. domainname.com to domainname.com or the DNS tests fail.

I have to use the menus to put in a password so it goes from UNSET to SET.

Things seemingly go OK until ldap tries to initialize. It times out. In the log files I get an error about sudoers is 0640 should be 0440.

I have searched /opt/zimbra/libexec/zmsetup.pl for sudoers, 0640 & 0440. None are present in the file. I have seen suggestions to edit the file regarding this.

I'm so close to getting this to work that I can taste it. I suspect something simple, but can't identify it. Any and all assistance will be greatly appreciated!

Log file follows:

Sun May 10 13:50:28 2009 Saving config in /opt/zimbra/config.23005...
Sun May 10 13:50:28 2009 done.
Sun May 10 13:50:30 2009 Operations logged to /tmp/zmsetup.05102009-135000.log
Sun May 10 13:50:30 2009 checking isEnabled zimbra-ldap
Sun May 10 13:50:30 2009 zimbra-ldap is enabled
Sun May 10 13:50:30 2009 Initializing ldap...
Sun May 10 13:50:30 2009 *** Running as zimbra user: /opt/zimbra/libexec/zmldapinit
sudo: /etc/sudoers is mode 0640, should be 0440
sudo: /etc/sudoers is mode 0640, should be 0440
sudo: /etc/sudoers is mode 0640, should be 0440
sudo: /etc/sudoers is mode 0640, should be 0440
sudo: /etc/sudoers is mode 0640, should be 0440
sudo: /etc/sudoers is mode 0640, should be 0440
sudo: /etc/sudoers is mode 0640, should be 0440
IO::Socket::INET: connect: No route to host at /opt/zimbra/libexec/zmldapinit line 160.
Sun May 10 13:51:13 2009 failed. (28928)
Sun May 10 13:51:13 2009

ERROR

Sun May 10 13:51:14 2009

Configuration failed

Sun May 10 13:51:14 2009 Please address the error and re-run /opt/zimbra/libexec/zmsetup.pl to
Sun May 10 13:51:14 2009 complete the configuration.
Sun May 10 13:51:14 2009
Errors have been logged to /tmp/zmsetup.05102009-135000.log

[uxbod]

Welcome to the forums

Have you tried just chmod'ing /etc/sudoers to what it is expecting ?

[mainframe]

We have similar problem with latest stable Zimbra and 64bit CentOS 5.3 - ldap initialization fails and its says only ERROR in the log - nothing more specific. Our /etc/sudoers is already 440 - so its not a file permission error.

Only failures we see in install log are SSL certs related:

Mon May 11 13:08:23 2009 Creating SSL certificate...
Mon May 11 13:08:23 2009 *** Running as root user: /opt/zimbra/bin/zmcertmgr createcrt self
** Creating /opt/zimbra/conf/zmssl.cnf...done
** Backup /opt/zimbra/ssl/zimbra to /opt/zimbra/ssl/zimbra.20090511130823
** Retrieving server config key zimbraSSLCertificate...failed.
** Retrieving server config key zimbraSSLPrivateKey...failed.
** Generating a server csr for download self
** Backup /opt/zimbra/ssl/zimbra to /opt/zimbra/ssl/zimbra.20090511130926
** Creating server cert request /opt/zimbra/ssl/zimbra/server/server.csr...done.
** Saving server config key zimbraSSLPrivateKey...failed.
** Signing cert request /opt/zimbra/ssl/zimbra/server/server.csr...done.
Mon May 11 13:09:57 2009 done.
Mon May 11 13:09:57 2009 Installing mailboxd SSL certificates...
Mon May 11 13:09:57 2009 *** Running as root user: /opt/zimbra/bin/zmcertmgr deploycrt self
** Saving server config key zimbraSSLCertificate...failed.
** Saving server config key zimbraSSLPrivateKey...failed.
** Installing mta certificate and key...done.
** Installing slapd certificate and key...done.
** Installing proxy certificate and key...done.
** Creating pkcs12 file /opt/zimbra/ssl/zimbra/jetty.pkcs12...done.
** Creating keystore file /opt/zimbra/mailboxd/etc/keystore...done.
** Installing CA to /opt/zimbra/conf/ca...done.
Mon May 11 13:11:01 2009 done.
Mon May 11 13:11:01 2009 checking isEnabled zimbra-ldap
Mon May 11 13:11:01 2009 zimbra-ldap is enabled
Mon May 11 13:11:01 2009 Initializing ldap...
Mon May 11 13:11:01 2009 *** Running as zimbra user: /opt/zimbra/libexec/zmldapinit
Initializing ldap...failed. (29440)
IO::Socket::INET: connect: timeout at /opt/zimbra/libexec/zmldapinit line 160.
Mon May 11 13:13:41 2009 failed. (29440)
Mon May 11 13:13:41 2009

ERROR

Mon May 11 13:13:41 2009

Configuration failed

[mainframe]

Ok solved our case - host A record was wrong - so zimbra.domain.com didnt resolv as zimbra machine IP.

[zcsnewbie]

Thanks for the advice, but I have no idea what chmod is or how to do it.

In my frustration, I started from scratch and reloaded CentOS and ZCS. Now the install initializes ldap and moves on.

New problem, the Documents fail to initialize.

Since it worked for ldap, I'm starting from scratch again...

I'll post when this install is "finished."

[mainframe]

Under chmod 440 it was ment that your /etc/sudoers file permissions were 640 but needed to be 440 - just do chmod 440 /etc/sudoers

[zcsnewbie]

I'm just a newbie, but is this possible? In order to place the # at the front of the line "Defaults requiretty" in /etc/sudoers, I first change the Permissions on the file for Root to Read/Write, then do the edit. Seems if I leave the Permissions Read/Write, I get the error with 0640/0440. If I change the Permission back to Read Only, then I don't get the error.