Sun Java Enterprise System 2005Q4 Installation Guide for UNIX

Common Agent Container Problems

This section addresses the following problems that might arise in relation to the common agent container shared component:

Port Number Conflicts

The common agent container inside Java ES occupies the following port numbers by default:

If your installation already reserves any of these port numbers, change the port numbers occupied by the common agent container as follows.

For further information on the common agent container cacaoadm command, see the cacaoadm man page. If you cannot see this man page at the command line, verify that your MANPATH is set correctly. Refer to MANPATH Setup.

Checking Port Numbering

ProcedureTo Verify Solaris Port

Steps
  1. As root, stop the common agent container management daemon:


    # /opt/SUNWcacao/bin/cacaoadm stop
  2. Change the port number using the following syntax:


    # /opt/SUNWcacao/bin/cacaoadm set-param param=value

    For example, to change the port occupied by the SNMP Adaptor from the default 10161 to 10165:


    # /opt/SUNWcacao/bin/cacaoadm set-param snmp-adaptor-port=10165
  3. Restart the common agent container management daemon:


    # /opt/SUNWcacao/bin/cacaoadm start

ProcedureTo Verify Linux Port

Steps
  1. As root, stop the common agent container management daemon:


    # /opt/sun/cacao/bin/cacaoadm stop
  2. Change the port number using the following syntax:


    # /opt/sun/cacao/bin/cacaoadm set-param param=value

    For example, to change the port occupied by the SNMP Adaptor from 10161 to 10165:


    # /opt/sun/cacao/bin/cacaoadm set-param snmp-adaptor-port=10165
  3. Restart the common agent container management daemon:


    # /opt/sun/cacao/bin/cacaoadm start

Compromised Security Around the Root Password

It might be necessary to regenerate security keys on a host running Java ES. For example, if there is a risk that a root password has been exposed or compromised, you should regenerate security keys. The keys used by the common agent container services are stored in the following locations:

Solaris OS: /etc/opt/SUNWcacao/securityLinux: /etc/opt/sun/cacao/security

Under normal operation, these keys can be left in their default configuration. If you need to regenerate the keys due to a possible key compromise, you can regenerate the security keys using the following procedure.

Security Key Problems

ProcedureTo Generate Keys for Solaris OS

Steps
  1. As root, stop the common agent container management daemon.


    # /opt/SUNWcacao/bin/cacaoadm stop
  2. Regenerate the security keys.


    # /opt/SUNWcacao/bin/cacaoadm create-keys --force
  3. Restart the common agent container management daemon.


    # /opt/SUNWcacao/bin/cacaoadm start

    Note –

    In the case of Sun Cluster software, you must propagate this change across all nodes in the cluster. For more information, see How to Finish a Rolling Upgrade to Sun Cluster 3.1 8/05 Software in Sun Cluster Software Installation Guide for Solaris OS.


ProcedureTo Generate Keys for Linux

Steps
  1. As root, stop the common agent container management daemon.


    # /opt/sun/cacao/bin/cacaoadm stop
  2. Regenerate the security keys.


    # /opt/sun/cacao/bin/cacaoadm create-keys --force
  3. Restart the common agent container management daemon.


    # /opt/sun/cacao/bin/cacaoadm start

    For more information on the cacaoadm(1M) command, see the cacaoadm man page.

Error Notification About Lock File

When you issue a cacaoadm subcommand, it is possible that another user issued a command at exactly the same time. However, only one cacaoadm subcommand can be run at a time.

On Solaris OS, the following error message is generated:

If cacaoadm daemon is running, it is busy executing another command.
Otherwise remove lock file /var/opt/SUNWcacao/run/lock

On Linux, the following error message is generated:

If cacaoadm daemon is running, it is busy executing another command.
Otherwise remove lock file /var/opt/sun/cacao/run/lock.

The first recommended action when you receive this notification message is to wait a few moments and retry.

If you receive the same notification message when you retry, then it is possible that a lock file has not been removed by the common agent container management daemon. This can happen in the case of a crash. The lock file prevents further cacaoadm subcommands from being run.

Remove the lock file from the location indicated in the error message.