Cannot get license to install after FreeBSD 11.2 Install

IT_Architect

Verified User
Joined
Feb 27, 2006
Messages
1,114
I'm setting up a new server. It is on the same IP as the old one, but a different OS version. I changed it in the license manager. I installed FreeBSD 11.1 on a new VM and everything went fine except the DNS, which I found out how to fix on my own by replacing the named.conf with one from an older install. During this time, FreeBSD 11.2 came out, so I decided to do a fresh install with that since I figured it would be better to do a clean install rather than an upgrade. The IP stayed the same, and matches the license. The install went great, but I have a license file issue now.
When I do a restart it shows:
# service directadmin restart
Stopping DirectAdmin: [ FAILED ]
Starting DirectAdmin: [ OK ]
The log shows:
2018:07:15-13:43:06: Unable to read the license file
I've tried the command line with and without the IP. The feedback is:
# ./getLicense.sh xxxxx xxxxx
shows:
--2018-07-15 14:31:16-- https://www.directadmin.com/cgi-bin/licenseupdate?lid=52463&uid=16785
Resolving www.directadmin.com (www.directadmin.com)... failed: Operation timed out.
wget: unable to resolve host address 'www.directadmin.com'
Error downloading the license file
Error determining IP via myip.directadmin.com
Trying license relay server...
--2018-07-15 14:31:26-- https://license.directadmin.com/licenseupdate.php?lid=52463&uid=16785
Resolving license.directadmin.com (license.directadmin.com)... failed: Operation timed out.
wget: unable to resolve host address 'license.directadmin.com'
Error downloading the license file from relay server as well.
Error determining IP via myip.directadmin.com
Other:
- I already tried the killall -9 directadmin
- I can ping the DA servers
- It could be because I renewed it on the 11.1 VM?
- The license takes 11.0, and 11.1, but perhaps not 11.2?
 
Hello,

You've got an issue with DNS resolving (recursive queries). It has nothing to do with DA license at all.

It's probably related to your changes of named.conf.
 
Hello,

You've got an issue with DNS resolving (recursive queries). It has nothing to do with DA license at all. It's probably related to your changes of named.conf.
The messages indicate that. However, the named.conf currently in place only has one modification from the standard FreeBSD install; I commented out the 127.0.0.1 line so that it could function as an authoritative DNS server for domains managed by DA. There is only one line added by DA at the bottom of this file, and that points to the zone for the server. (server.domain.com) The DNS resolves queries both locally from the server outbound, and inbound from a workstation across the Internet. (When I specify the IP of the server because the domain is currently in use and resolves to the old server)

What you say, in combination with the errors posted, has credence, because something else that is different is it takes a long time for the password prompt to appear in PuTTY when you login, which itself points to a DNS issue. When I tell SSH not to use DNS, the appearance of the password prompt becomes instant.

While awaiting any more thoughts you might have, I plan to copy all of the configs from the 11.1 install that I edited, to the 11.2 install, to see if it is something I did. Baring that, since I have snapshots every step of the way, I can roll forward or backward to any step along the way, back to "After OS install" if necessary, to determine when the slow SSH password started. However, as I recall, the slow SSH password prompt problem existed prior to the DA install, but I need to prove exactly where. The only thing different I can think of on the 11.2 install is I selected:
- Randomize PID
- Clean /tmp
- Disable Sendmail service.
However, I also reversed these manually to determine if it was part of the problem, but it didn't seem to be. For the named.conf on the 11.1, I used the one from 7.2, without the default domains, and it worked flawlessly. I tried the same file on the 11.2 server, and the DNS worked fine, both from the server, and from a workstation across the Internet, but I was still unable to fetch the license.

Thanks TONS! for scratching your head with me.
 
I copied the modified configs from the 11.1 server to the 11.2 server, and everything works. The salient files copied were:
/etc/hosts
/etc/rc.conf
/etc/resolv.conf
/etc/ssh/sshd_conf
/usr/local/etc/namedb/named.conf

named.db doesn't appear to be the problem because I tried the 7.2 conf both places and it worked on 11.1 and not 11.2, nor did the default conf with the 127.0.0.1 line commented out. Now the 7.2 version and default 11.2 with the 127.0.0.1 line commented both work. Also, the 11.1 didn't have the slow ssh password prompt and login while the 11.2 did. The only significant config differences that I see are in sshd_conf. It is very different between 11.1:
# $OpenBSD: sshd_config,v 1.98 2016/02/17 05:29:04 djm Exp $
# $FreeBSD: releng/11.1/crypto/openssh/sshd_config 311915 2017-01-11 05:56:40Z delphij $
and 11.2:
# $OpenBSD: sshd_config,v 1.101 2017/03/14 07:19:07 djm Exp $
# $FreeBSD: releng/11.2/crypto/openssh/sshd_config 323136 2017-09-02 23:39:51Z des $
in key areas regarding security. So to prove the problem was there, I put back the 11.2 version, but it worked perfectly now. That leaves /etc/hosts, /etc/rc.conf, and /etc/resolv.conf. When I look at them side-by-side they look the same. I even made sure they were all saved in the UNIX file format. I have no clue where the problem was, but the good news is others are not likely to encounter the slow ssh logins or have trouble getting a license from DA. The only problem they will have for certain is they will not be able to service DNS queries on network interfaces until they comment out the line with:
listen-on { 127.0.0.1; };

About the only thing remaining is to determine if the default domains have any significant value to a web server, and if not, comment them out so DirectAdmin's DNS Admin isn't such a mess.

Thanks!
 
Last edited:
Back
Top