Apache EUE file not found
Users get a time-out on the dtagent61_n_7880.js script, looking in the logfile is says "file does not excist". How do I fix this error?
KR Henk Stobbe
Groningen
Hi Mark and others,
This is in line with our assumptions. Thanks for confirming. A new license with the correct agents will be delivered and installed shortly. Thanks for the support!
regards,
Sebastiaan
Dear Henk,
When the Web server agent has no license then it will not be instrumented to monitor the web requests and as such.it will also not perform any UEM injection and the dt javascript file will not be available. Therefore when a browser request from this the javascript file it can only receive a 404, because the file could not be found.
Normally this this would not occur, because if there is not injection then the browser will never send a request for the dt javascript file. However if I read the thread above correctly there are 2 web servers, with one that has a valid license and the other does not have a valid liccense. In other words one has UEM enabled and active and the other one has no UEM active. Further I believe it was mentioned that the sessions stickyness is not used, which means the next request could be handled by the other web server. If this is try then it could happen that a browser sends a request forth javascript to the web server that has no UEM.
Lets assume web server A has UEM enabled and web server B has UEM not enabled.
- Browser opens the home page of the website via the LB
- LB sends the request to Web Server A
- Web Server A provides a response (including a reference to the dt javascript)
- Browser reads the response and sends the request for the dt javascript to the LB
- Because the LB does not use stickyness it will send the request to Web Server B
- Web Server B does not have UEM enabled, therefore can not find the dt javascript. Only option is to provide a response as HTTP 404 Not Found.
There are only three options to solve this:
- Have UEM enabled on both Web Servers
- Have UEM disabled on both Web Servers
- Change the LB to use stickyness that the user session remains on the web servver it has first response of.
Kind regards,
Mark
Can anybody tell me what will happen if a webserver receives a request for the dtagent script, but the agent/module has no active license?
KR Henk Stobbe
Groningen
So, looking at my last reply, the error message is the same with or without the loadmodule line in http.conf...
I was focused only on the permissions issue since if SELinux were enabled, the usual file permissions would be misleading...
As to your 404 issue, could it be related to your other post? In other words, the 404 is returned from a Web Server that does not have UEM active?
Dave,
As a quick fix, web pages were taking 30 seconds to time-out, I removed the module line from the defect server. The problem did not go away, so I figured that request's from the other machine (still including the js) were getting served on the broken machine. To make this thread not to complicated, I opened a new thread with the EUE/LB.
Graeme's answer confirmed: have a non sticky LB, so in this case I had to turn off EUE also on working server.
KR Henk
But why dioes the module return a 404 (file not found) and writes:
[Wed Jul 29 09:17:23 2015] [error] [client 10.192.20.77] File does not exist: /usr/IBM/HTTPServer/htdocs/dtagent61_n_7880.js, referer:.....
A 403 is better I think. Now it looks like the module is not handling this url, and lets Apache do it default stuff
KR Henk
My understanding is while in permissive mode, everything should be allowed but audited, which allows for the use of "audit2allow" to create a module for when enforcing is turned on. If you need a module later, here is another post that has one that should help:
But since you are the original poster on that thread, you probably had already seen it!
HTH,
dave
Can below be a problem?
Unconfined domains (as well as confined domains) are subject to executable and writeable memory checks. By default, subjects running in an unconfined domain cannot allocate writeable memory and execute it,
KR Henk Stobbe
Is SELinux turned on by any chance on the one that is not working as expected?
Dave,
These are the system params on the not working one:
cat /etc/selinux/config
SELINUX=permissive
SELINUXTYPE=targeted
SETLOCALDEFS=0
KR Henk Stobbe
Kristof,
To make it more interesting, I have two web servers, the permissions are exactly the same. Still one works, and the other gives the file not found error on the script. The owner of the Dynatrace file tree is root/root n both systems. So the rights of the user running Apache must be the issue?
KR Henk
