You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@qpid.apache.org by Zane Bitter <zb...@redhat.com> on 2011/09/16 15:23:12 UTC
Qpid cpp-client plugins not loaded with sudo
I have recently discovered the hard way that the SSL plugin does not get
loaded when the client is run using sudo, resulting in various error
messages about ssl being an invalid protocol. The plugin is loaded
correctly when run from a root shell started with su (or ssh).
This should be easily reproducible on Fedora 15 with the current
versions of qpid-cpp-client and qpid-cpp-client-ssl (0.10-2.fc15):
$ sudo qmf-tool amqp:ssl:localhost
Failed: RuntimeError - Invalid URL: amqp:ssl:localhost (qpid/Url.cpp:237)
Is this a known/intended effect?
thanks,
Zane.
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:users-subscribe@qpid.apache.org
Re: Qpid cpp-client plugins not loaded with sudo
Posted by Gordon Sim <gs...@redhat.com>.
On 09/16/2011 02:23 PM, Zane Bitter wrote:
> I have recently discovered the hard way that the SSL plugin does not get
> loaded when the client is run using sudo, resulting in various error
> messages about ssl being an invalid protocol. The plugin is loaded
> correctly when run from a root shell started with su (or ssh).
>
> This should be easily reproducible on Fedora 15 with the current
> versions of qpid-cpp-client and qpid-cpp-client-ssl (0.10-2.fc15):
>
> $ sudo qmf-tool amqp:ssl:localhost
> Failed: RuntimeError - Invalid URL: amqp:ssl:localhost (qpid/Url.cpp:237)
>
> Is this a known/intended effect?
My guess is that it is a result of running with a different environment
and either not having the necessary environment variables for SSL
configuration defined (in particular QPID_SSL_CERT_DB), or perhaps
having those defined in terms of paths that are interpreted differently
under a different user.
If you run e.g qpid-client-test with --log-enable info+ and see a
message like 'SSL connector not enabled, you must set QPID_SSL_CERT_DB
to enable it.' that would confirm it.
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:users-subscribe@qpid.apache.org