One.zone.raftstatus result FAILURE [one.zone.raftstatus] User couldn't be authenticated, aborting call

Hello,

Trying the latest Medusa with MySQL

GUI works fine, downloading images from market works fine. Added localhost successfully.

Tried to instantiate Ubuntu LXD from market and it get in stuck in PROLOG phase.

It seems like authentication of serveradmin does not work?

sched.log:

https://pastebin.com/raw/jGKVZ3z0

oned.log:

https://pastebin.com/raw/LY5N7Fm0

hash in /var/lib/one/.one/
serveradmin:f8f2d76754b656e326b8ca99c1bb780d6372d2aa

is different from the hash in the user_pool table:
100oneadminserveradmin<[CDATA[4127bf79c34a2384eb1d936b674a8fe104501b5f]]><AUTH_DRIVER></AUTH_DRIVER>1<TOKEN_PASSWORD></TOKEN_PASSWORD>

! removed by hand for the forum

Is it correct?

If I change the hash in the database, I cannot login to GUI anymore.

Shall I change the hash in files to the:
4127bf79c34a2384eb1d936b674a8fe104501b5f
?

Tried to change hash in files, it does not help.

How to verify connection from scheduler to oned from command line manually?

CLI commands like

oneuser list
onevm list

work fine

Shall I do the same as:

Thank you kindly for your patience and assistance :-). I have updated the OpenNebula DB with hash of oneadmin new password and things got back to normal. Honestly I don’t know what happened, I have just inherited this ONE deployment.

???

cat one_auth
oneadmin:XXX

echo XXX | openssl sha1
(stdin)= a3e2b09a9908bc5e7c17b5fcdb50718db9f8891e

000oneadminoneadmin<[CDATA[36269af6e5468a375b1998ffcc55d24178673da0]]><AUTH_DRIVER></AUTH_DRIVER>1<TABLE_DEFAULT_PAGE_LENGTH></TABLE_DEFAULT_PAGE_LENGTH><TOKEN_PASSWORD></TOKEN_PASSWORD>

Why hashes are different?

Hi,

‘echo XXX’ appends an line termination character at the end
you should try with ‘echo -n XXX | openssl sha1’

Best Regards,
Anton Todorov

From you log files, it seems that the problem is just with the scheduler. The scheduler should be run as oneadmin with access to the oneadmin credentials.

Problem with scheduler was related to fireholl settigns strict even to localhost connections

About hashes, I will try once again, but if I remember correct later I tried bash -n too