This archive contains answers to questions sent to Unidata support through mid-2025. Note that the archive is no longer being updated. We provide the archive for reference; many of the answers presented here remain technically correct, even if somewhat outdated. For the most up-to-date information on the use of NSF Unidata software and data services, please consult the Software Documentation first.
Hi Jia, re: > Thank you for your the pretty detailed reply. No worries. re: > I really would like you to login our system to take a look at the > configurations. But it is pity that George Mason University firewall > will block the SSH connection coming from off-campus. Wow! That must make working from anywhere but on campus very difficult! re: > But I think we can set up a teleconference. and I can share my screen > to operate the server machine. You can instantly give me useful information. OK, that will work. re: > So can I have your available time? The best days/times for me this coming week will be Monday-Friday mornings and afternoons on Monday, Tuesday and Friday: 08:00 - 10:00 MST 12:00 - 16:00 MST on Tuesday and Friday; Monday I may have to be out of the office between 12:00 and 15:00 re: > According to your message. I did the following things: > 1) changed <pqact>/<datadir-path> into > <pqact><datadir-path>/home/ldm</datadir-path></pqact> Very good. Please remember that when you make a change to either ldmd.conf or registry.xml, you will need to stop and restart the LDM for the change to take effect. re: > 2) removed the default port:388 inside the file ldmd.conf. > REQUEST WMO ".*" idd.unidata.ucar.edu OK. Just so you know, this was not absolutely needed because outbound access to port 388 is the default. It does, however, help to clean-up your ldmd.conf file entries. re: > 3) made sure the whitespace exists in pqact.conf > WMO <tab>^([^H][A-Z])([A-Z][A-Z])([0-9][0-9]) (....) ([0-3][0-9])([0-2][0-9]) > <tab>FILE\2/\4/\6/\1\3.wmo Your attached pqact.conf file showed that there were tabs where needed. This does not resolve the fact that the output file pathname does not specify that the sub-directories that will be created should be under ~ldm/data. > 4) we have insured that the user running your LDM has write access to > the directory(ies) the FILE products store into. Very good. re: > 5) we have granted 'root' privilege into the bin/ldmd and bin/hupsyslog. > The below is the screen copy of the two programs's privileges Very good. re: > Questions: > (1) Regarding SELINUX ? I am not very clear about it. Can you tell me how to > check it is disabled or not Whether or not SELINUX is active on your machine depends on what OS you are running on the machine. RedHat OS variants (e.g., RHEL, CentOS, Fedora and others) have SELINUX setup by default, and the default configuration will prevent LDM from using the system logging daemon for its logging. So, if you are running a RedHat variant OS, check to see what the settings are in /etc/selinux/config. The default setup will look like: # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=enforcing # SELINUXTYPE= can take one of these two values: # targeted - Targeted processes are protected, # mls - Multi Level Security protection. SELINUXTYPE=targeted We recommend changing the SELINUX line to either: SELINUX=disabled or SELINUX=permissive The SELINUX 'permissive' setting will allow the LDM the use the system logging daemon (which will be rsyslogd on current RedHat variant versions of Linux), but the LDM log messages will also be written to the system /var/log/messages. The SELINUX 'disabled' setting will also allow the LDM to use the system logging daemon, but it should prevent duplicate LDM log messages from being written to /var/log/messages. We like this option best on our systems. Comment: - getting LDM logging working correctly is very important as it makes it much easier to troubleshoot other problems that might arise re: > (2) Regarding Log file , the log file you mentioned exists and is > owned by 'ldm' Excellent! re: > and has zero length. This shows that logging is not setup correctly. re: > I attached the file rsyslog.conf in this mail. you mentioned it is incorrect > probably. We have not received a attachment of rsyslog.conf in any email from you. re: > I tried to activate LDM , but it still shows some errors below. I don't see any messages (error or not) from your attempt(s) to start the LDM. Can you resend the messages you are seeing? Cheers, Tom -- **************************************************************************** Unidata User Support UCAR Unidata Program (303) 497-8642 P.O. Box 3000 address@hidden Boulder, CO 80307 ---------------------------------------------------------------------------- Unidata HomePage http://www.unidata.ucar.edu **************************************************************************** Ticket Details =================== Ticket ID: HFI-513438 Department: Support LDM Priority: Normal Status: Closed