|
-- Logs begin at Fri 2020-07-31 06:01:25 UTC, end at Fri 2020-07-31 06:21:23 UTC. --
|
|
Jul 31 06:02:52 server systemd[1]: Reloading.
|
|
Jul 31 06:02:52 server systemd[1]: Reloading.
|
|
Jul 31 06:02:52 server su[10940]: (to postgres) vagrant on none
|
|
Jul 31 06:02:52 server su[10940]: pam_systemd(su-l:session): Cannot create session: Already running in a session or user slice
|
|
Jul 31 06:02:52 server su[10940]: pam_unix(su-l:session): session opened for user postgres by (uid=0)
|
|
Jul 31 06:02:52 server su[10940]: pam_unix(su-l:session): session closed for user postgres
|
|
Jul 31 06:02:52 server cf-promises[11005]: CFEngine(common) Can't stat file '/var/rudder/cfengine-community/inputs/failsafe.cf' for parsing. (stat: No such file or directory)
|
|
Jul 31 06:02:53 server systemd[1]: Starting Rudder agent umbrella service...
|
|
Jul 31 06:02:53 server systemd[1]: Started Rudder agent umbrella service.
|
|
Jul 31 06:02:53 server cf-agent[11180]: CFEngine(agent) rudder No suitable server found
|
|
Jul 31 06:02:53 server cf-agent[11180]: CFEngine(agent) rudder No suitable server found
|
|
Jul 31 06:02:53 server cf-agent[11180]: CFEngine(agent) rudder R: Initial policies have been successfully downloaded from the policy server
|
|
Jul 31 06:02:53 server cf-agent[11225]: CFEngine(agent) rudder No suitable server found
|
|
Jul 31 06:02:53 server cf-agent[11225]: CFEngine(agent) rudder No suitable server found
|
|
Jul 31 06:02:53 server cf-agent[11225]: CFEngine(agent) rudder R: Initial policies have been successfully downloaded from the policy server
|
|
Jul 31 06:03:59 server systemd[2169]: Starting Mark boot as successful...
|
|
Jul 31 06:03:59 server systemd[2169]: Started Mark boot as successful.
|
|
Jul 31 06:04:19 server systemd[1]: Reloading.
|
|
Jul 31 06:04:19 server groupadd[11310]: group added to /etc/group: name=rudder, GID=985
|
|
Jul 31 06:04:19 server groupadd[11310]: group added to /etc/gshadow: name=rudder
|
|
Jul 31 06:04:19 server groupadd[11310]: new group: name=rudder, GID=985
|
|
Jul 31 06:04:20 server groupadd[11318]: group added to /etc/group: name=rudder-policy-reader, GID=984
|
|
Jul 31 06:04:20 server groupadd[11318]: group added to /etc/gshadow: name=rudder-policy-reader
|
|
Jul 31 06:04:20 server groupadd[11318]: new group: name=rudder-policy-reader, GID=984
|
|
Jul 31 06:04:20 server usermod[11324]: add 'apache' to group 'rudder-policy-reader'
|
|
Jul 31 06:04:20 server usermod[11324]: add 'apache' to shadow group 'rudder-policy-reader'
|
|
Jul 31 06:04:20 server useradd[11332]: new user: name=rudder-relayd, UID=989, GID=985, home=/var/rudder, shell=/bin/false
|
|
Jul 31 06:04:21 server useradd[11340]: new user: name=rudder, UID=988, GID=985, home=/var/rudder, shell=/bin/false
|
|
Jul 31 06:04:21 server systemd[1]: Reloading.
|
|
Jul 31 06:04:21 server systemd[1]: Reloading.
|
|
Jul 31 06:04:21 server systemd[1]: Started Rudder Relay Daemon.
|
|
Jul 31 06:04:21 server rudder-relayd[11426]: INFO relayd: Starting rudder-relayd 6.1.3-rc1-git202007302336
|
|
Jul 31 06:04:21 server rudder-relayd[11426]: INFO relayd: Read configuration from "/opt/rudder/etc/relayd/"
|
|
Jul 31 06:04:21 server systemd[1]: Starting One-time temporary TLS key generation for httpd.service...
|
|
Jul 31 06:04:21 server rudder-relayd[11426]: INFO relayd::data::node: Parsing nodes list from "/var/rudder/lib/relay/nodeslist.json"
|
|
Jul 31 06:04:21 server rudder-relayd[11426]: INFO relayd::data::node: Nodes list file does not exist, considering it as empty
|
|
Jul 31 06:04:21 server rudder-relayd[11426]: INFO relayd::api: Starting API on 127.0.0.1:3030
|
|
Jul 31 06:04:21 server rudder-relayd[11426]: INFO relayd: Skipping reporting as it is disabled
|
|
Jul 31 06:04:21 server rudder-relayd[11426]: INFO relayd: Skipping inventory as it is disabled
|
|
Jul 31 06:04:21 server rudder-relayd[11426]: INFO relayd: Server started
|
|
Jul 31 06:04:22 server systemd[1]: Started One-time temporary TLS key generation for httpd.service.
|
|
Jul 31 06:04:22 server systemd[1]: Starting The Apache HTTP Server...
|
|
Jul 31 06:04:22 server systemd[1]: Started The Apache HTTP Server.
|
|
Jul 31 06:04:22 server httpd[11438]: Server configured, listening on: port 443, port 80
|
|
Jul 31 06:04:40 server kernel: SELinux: Converting 2397 SID table entries...
|
|
Jul 31 06:04:41 server kernel: SELinux: policy capability network_peer_controls=1
|
|
Jul 31 06:04:41 server kernel: SELinux: policy capability open_perms=1
|
|
Jul 31 06:04:41 server kernel: SELinux: policy capability extended_socket_class=1
|
|
Jul 31 06:04:41 server kernel: SELinux: policy capability always_check_network=0
|
|
Jul 31 06:04:41 server kernel: SELinux: policy capability cgroup_seclabel=1
|
|
Jul 31 06:04:41 server kernel: SELinux: policy capability nnp_nosuid_transition=1
|
|
Jul 31 06:04:41 server dbus-daemon[892]: [system] Reloaded configuration
|
|
Jul 31 06:04:44 server kernel: SELinux: Converting 2404 SID table entries...
|
|
Jul 31 06:04:45 server kernel: SELinux: policy capability network_peer_controls=1
|
|
Jul 31 06:04:45 server kernel: SELinux: policy capability open_perms=1
|
|
Jul 31 06:04:45 server kernel: SELinux: policy capability extended_socket_class=1
|
|
Jul 31 06:04:45 server kernel: SELinux: policy capability always_check_network=0
|
|
Jul 31 06:04:45 server kernel: SELinux: policy capability cgroup_seclabel=1
|
|
Jul 31 06:04:45 server kernel: SELinux: policy capability nnp_nosuid_transition=1
|
|
Jul 31 06:04:45 server dbus-daemon[892]: [system] Reloaded configuration
|
|
Jul 31 06:04:46 server dbus-daemon[892]: [system] Reloaded configuration
|
|
Jul 31 06:04:46 server kernel: SELinux: Converting 2405 SID table entries...
|
|
Jul 31 06:04:48 server kernel: SELinux: policy capability network_peer_controls=1
|
|
Jul 31 06:04:48 server kernel: SELinux: policy capability open_perms=1
|
|
Jul 31 06:04:48 server kernel: SELinux: policy capability extended_socket_class=1
|
|
Jul 31 06:04:48 server kernel: SELinux: policy capability always_check_network=0
|
|
Jul 31 06:04:48 server kernel: SELinux: policy capability cgroup_seclabel=1
|
|
Jul 31 06:04:48 server kernel: SELinux: policy capability nnp_nosuid_transition=1
|
|
Jul 31 06:04:48 server dbus-daemon[892]: [system] Reloaded configuration
|
|
Jul 31 06:04:48 server setsebool[11684]: The allow_httpd_anon_write policy boolean was changed to 1 by root
|
|
Jul 31 06:04:53 server groupadd[11699]: group added to /etc/group: name=rudder-slapd, GID=983
|
|
Jul 31 06:04:53 server groupadd[11699]: group added to /etc/gshadow: name=rudder-slapd
|
|
Jul 31 06:04:53 server groupadd[11699]: new group: name=rudder-slapd, GID=983
|
|
Jul 31 06:04:53 server useradd[11706]: new user: name=rudder-slapd, UID=987, GID=983, home=/var/rudder/ldap, shell=/bin/false
|
|
Jul 31 06:04:54 server systemd[1]: Stopping The Apache HTTP Server...
|
|
Jul 31 06:04:55 server systemd[1]: Stopped The Apache HTTP Server.
|
|
Jul 31 06:04:55 server systemd[1]: Reloading.
|
|
Jul 31 06:04:55 server systemd[1]: Reloading.
|
|
Jul 31 06:04:55 server systemd[1]: Reloading.
|
|
Jul 31 06:04:55 server systemd[1]: Starting Rudder OpenLDAP Server Daemon...
|
|
Jul 31 06:04:55 server rudder-slapd[11801]: @(#) $OpenLDAP: slapd 2.4.47 (Jul 26 2020 03:43:45) $
|
|
root@centos-builder-8-64.labo.normation.com:/usr/src/rudder-packages/package/SOURCES/openldap-source/servers/slapd
|
|
Jul 31 06:04:55 server rudder-slapd[11802]: slapd starting
|
|
Jul 31 06:04:55 server systemd[1]: Started Rudder OpenLDAP Server Daemon.
|
|
Jul 31 06:04:56 server systemd[1]: Starting The Apache HTTP Server...
|
|
Jul 31 06:04:56 server httpd[11860]: Server configured, listening on: port 443, port 80
|
|
Jul 31 06:04:56 server systemd[1]: Started The Apache HTTP Server.
|
|
Jul 31 06:04:58 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@control@@rudder@@run@@0@@start@@0@@2020-07-31 06:04:58+00:00##root@#Start execution
|
|
Jul 31 06:04:58 server cf-agent[12139]: CFEngine(agent) rudder R: @@server-roles@@result_repaired@@server-roles@@server-roles-directive@@0@@Check logrotate configuration@@None@@2020-07-31 06:04:58+00:00##root@#The logrotate configuration has been repaired
|
|
Jul 31 06:04:59 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_info@@hasPolicyServer-root@@common-root@@00@@Check postgresql process@@postgresql@@2020-07-31 06:04:58+00:00##root@#Check if the service postgresql is started was correct
|
|
Jul 31 06:04:59 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_info@@hasPolicyServer-root@@common-root@@00@@Check postgresql process@@postgresql@@2020-07-31 06:04:58+00:00##root@#Ensure that service postgresql is running was correct
|
|
Jul 31 06:04:59 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_info@@hasPolicyServer-root@@common-root@@00@@Check postgresql process@@postgresql@@2020-07-31 06:04:58+00:00##root@#Check if service postgresql is started at boot was correct
|
|
Jul 31 06:04:59 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_info@@hasPolicyServer-root@@common-root@@00@@Check postgresql process@@postgresql@@2020-07-31 06:04:58+00:00##root@#Ensure service postgresql is started at boot was correct
|
|
Jul 31 06:04:59 server cf-agent[12139]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check postgresql process@@None@@2020-07-31 06:04:58+00:00##root@#postgresql service running was correct
|
|
Jul 31 06:04:59 server cf-agent[12139]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check postgresql boot script@@None@@2020-07-31 06:04:58+00:00##root@#postgresql service enabled was correct
|
|
Jul 31 06:04:59 server systemd[1]: Stopping Rudder OpenLDAP Server Daemon...
|
|
Jul 31 06:04:59 server rudder-slapd[11802]: daemon: shutdown requested and initiated.
|
|
Jul 31 06:04:59 server systemd[1]: Stopped Rudder OpenLDAP Server Daemon.
|
|
Jul 31 06:04:59 server rudder-slapd[11802]: slapd shutdown: waiting for 0 operations/tasks to finish
|
|
Jul 31 06:04:59 server systemd[1]: Starting Rudder OpenLDAP Server Daemon...
|
|
Jul 31 06:04:59 server rudder-slapd[11802]: slapd stopped.
|
|
Jul 31 06:04:59 server rudder-slapd[12489]: @(#) $OpenLDAP: slapd 2.4.47 (Jul 26 2020 03:43:45) $
|
|
root@centos-builder-8-64.labo.normation.com:/usr/src/rudder-packages/package/SOURCES/openldap-source/servers/slapd
|
|
Jul 31 06:04:59 server rudder-slapd[12490]: slapd starting
|
|
Jul 31 06:04:59 server systemd[1]: Started Rudder OpenLDAP Server Daemon.
|
|
Jul 31 06:04:59 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_repaired@@hasPolicyServer-root@@common-root@@00@@Check LDAP in rudder-webapp.properties@@rudder-slapd@@2020-07-31 06:04:58+00:00##root@#Run action restart on service rudder-slapd was repaired
|
|
Jul 31 06:04:59 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_repaired@@hasPolicyServer-root@@common-root@@00@@Check LDAP in rudder-webapp.properties@@rudder-slapd@@2020-07-31 06:04:58+00:00##root@#Restart service rudder_slapd if 'any' condition defined was repaired
|
|
Jul 31 06:04:59 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_repaired@@hasPolicyServer-root@@common-root@@00@@Check LDAP in rudder-webapp.properties@@rudder-slapd@@2020-07-31 06:04:58+00:00##root@#Restart service rudder-slapd was repaired
|
|
Jul 31 06:04:59 server cf-agent[12139]: CFEngine(agent) rudder R: @@server-roles@@result_repaired@@server-roles@@server-roles-directive@@0@@Check LDAP in rudder-webapp.properties@@None@@2020-07-31 06:04:58+00:00##root@#Web interface configuration files (checked LDAP password) was repaired
|
|
Jul 31 06:04:59 server cf-agent[12139]: CFEngine(agent) rudder R: @@server-roles@@result_repaired@@server-roles@@server-roles-directive@@0@@Check LDAP credentials@@None@@2020-07-31 06:04:58+00:00##root@#OpenLDAP configuration file (rootdn password) was repaired
|
|
Jul 31 06:04:59 server cf-agent[12139]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check LDAP credentials@@None@@2020-07-31 06:04:58+00:00##root@#rudder-slapd has been restarted
|
|
Jul 31 06:04:59 server cf-agent[12139]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check rudder-passwords.conf@@None@@2020-07-31 06:04:58+00:00##root@#Presence and permissions of Rudder password file was correct
|
|
Jul 31 06:04:59 server cf-agent[12139]: CFEngine(agent) rudder R: @@server-roles@@result_repaired@@server-roles@@server-roles-directive@@0@@Check pgpass file@@None@@2020-07-31 06:04:58+00:00##root@#Presence and permissions of pgsql password file was repaired
|
|
Jul 31 06:04:59 server cf-agent[12139]: CFEngine(agent) rudder R: @@server-roles@@result_repaired@@server-roles@@server-roles-directive@@0@@Check SQL in rudder-webapp.properties@@None@@2020-07-31 06:04:58+00:00##root@#Web interface configuration files (SQL password) was repaired
|
|
Jul 31 06:04:59 server cf-agent[12139]: CFEngine(agent) rudder R: @@server-roles@@result_repaired@@server-roles@@server-roles-directive@@0@@Check SQL credentials@@None@@2020-07-31 06:04:58+00:00##root@#PostgreSQL user account's password was repaired
|
|
Jul 31 06:04:59 server systemd[1]: Starting Jetty Web Application Server...
|
|
Jul 31 06:04:59 server rudder-jetty.sh[12497]: Setting umask to 0007
|
|
Jul 31 06:05:01 server CROND[12586]: (root) CMD (/opt/rudder/bin/rudder agent check -q >> /var/log/rudder/agent-check/check.log 2>&1)
|
|
Jul 31 06:05:01 server CROND[12587]: (root) CMD (/opt/rudder/bin/relay-cleanup >/dev/null)
|
|
Jul 31 06:05:29 server rudder-jetty.sh[12497]: Starting Jetty: . . . . . . OK Fri Jul 31 06:05:29 UTC 2020
|
|
Jul 31 06:05:29 server systemd[1]: Started Jetty Web Application Server.
|
|
Jul 31 06:05:30 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_repaired@@hasPolicyServer-root@@common-root@@00@@Check rudder-webapp.properties@@rudder-jetty@@2020-07-31 06:04:58+00:00##root@#Run action restart on service rudder-jetty was repaired
|
|
Jul 31 06:05:30 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_repaired@@hasPolicyServer-root@@common-root@@00@@Check rudder-webapp.properties@@rudder-jetty@@2020-07-31 06:04:58+00:00##root@#Restart service rudder_jetty if 'any' condition defined was repaired
|
|
Jul 31 06:05:30 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_repaired@@hasPolicyServer-root@@common-root@@00@@Check rudder-webapp.properties@@rudder-jetty@@2020-07-31 06:04:58+00:00##root@#Restart service rudder-jetty was repaired
|
|
Jul 31 06:05:30 server cf-agent[12139]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check rudder-passwords.conf@@None@@2020-07-31 06:04:58+00:00##root@#Jetty has been restarted
|
|
Jul 31 06:05:30 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_info@@hasPolicyServer-root@@common-root@@00@@Check relayd process@@rudder-relayd@@2020-07-31 06:04:58+00:00##root@#Check if the service rudder-relayd is started was correct
|
|
Jul 31 06:05:30 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_info@@hasPolicyServer-root@@common-root@@00@@Check relayd process@@rudder-relayd@@2020-07-31 06:04:58+00:00##root@#Ensure that service rudder-relayd is running was correct
|
|
Jul 31 06:05:31 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_info@@hasPolicyServer-root@@common-root@@00@@Check relayd process@@rudder-relayd@@2020-07-31 06:04:58+00:00##root@#Check if service rudder-relayd is started at boot was correct
|
|
Jul 31 06:05:31 server rudder-relayd[11426]: INFO relayd: Configuration reload requested
|
|
Jul 31 06:05:31 server rudder-relayd[11426]: INFO relayd::data::node: Parsing nodes list from "/var/rudder/lib/relay/nodeslist.json"
|
|
Jul 31 06:05:31 server rudder-relayd[11426]: INFO relayd::data::node: Nodes list file does not exist, considering it as empty
|
|
Jul 31 06:05:31 server rudder-relayd[11426]: INFO relayd::relay-api: 127.0.0.1:48508 "POST /rudder/relay-api/1/system/reload HTTP/1.1" 200 "-" "curl/7.61.1" 14.510087ms
|
|
Jul 31 06:05:31 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_info@@hasPolicyServer-root@@common-root@@00@@Check relayd process@@rudder-relayd@@2020-07-31 06:04:58+00:00##root@#Ensure service rudder-relayd is started at boot was correct
|
|
Jul 31 06:05:31 server cf-agent[12139]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check relayd process@@None@@2020-07-31 06:04:58+00:00##root@#relayd service running was correct
|
|
Jul 31 06:05:31 server cf-agent[12139]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check relayd boot script@@None@@2020-07-31 06:04:58+00:00##root@#relayd service enabled was correct
|
|
Jul 31 06:05:31 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_info@@hasPolicyServer-root@@common-root@@00@@Relayd service configuration@@/opt/rudder/etc/relayd@@2020-07-31 06:04:58+00:00##root@#Ensure permissions mode 640, owner root and group rudder on /opt/rudder/etc/relayd on type all with inf recursion level was correct
|
|
Jul 31 06:05:31 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_info@@hasPolicyServer-root@@common-root@@00@@Relayd service configuration@@/opt/rudder/etc/relayd@@2020-07-31 06:04:58+00:00##root@#Ensure permissions mode 640, owner root and group rudder on /opt/rudder/etc/relayd with ${recursion} recursion level was correct
|
|
Jul 31 06:05:31 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_repaired@@hasPolicyServer-root@@common-root@@00@@Relayd service configuration@@/opt/rudder/etc/relayd/main.conf@@2020-07-31 06:04:58+00:00##root@#Build file /opt/rudder/etc/relayd/main.conf from mustache type template /var/rudder/cfengine-community/inputs/server-roles/1.0/relayd.conf.tpl was repaired
|
|
Jul 31 06:05:31 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_repaired@@hasPolicyServer-root@@common-root@@00@@Relayd service configuration@@/opt/rudder/etc/relayd/main.conf@@2020-07-31 06:04:58+00:00##root@#Build file /opt/rudder/etc/relayd/main.conf from mustache template /var/rudder/cfengine-community/inputs/server-roles/1.0/relayd.conf.tpl was repaired
|
|
Jul 31 06:05:32 server systemd[1]: Stopping Rudder Relay Daemon...
|
|
Jul 31 06:05:32 server rudder-relayd[11426]: INFO relayd: Signal received: shutdown requested
|
|
Jul 31 06:05:32 server systemd[1]: Stopped Rudder Relay Daemon.
|
|
Jul 31 06:05:32 server systemd[1]: Started Rudder Relay Daemon.
|
|
Jul 31 06:05:32 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_repaired@@hasPolicyServer-root@@common-root@@00@@Relayd service configuration@@rudder-relayd@@2020-07-31 06:04:58+00:00##root@#Run action restart on service rudder-relayd was repaired
|
|
Jul 31 06:05:32 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_repaired@@hasPolicyServer-root@@common-root@@00@@Relayd service configuration@@rudder-relayd@@2020-07-31 06:04:58+00:00##root@#Restart service rudder_relayd if 'any' condition defined was repaired
|
|
Jul 31 06:05:32 server rudder-relayd[12821]: INFO relayd: Starting rudder-relayd 6.1.3-rc1-git202007302336
|
|
Jul 31 06:05:32 server rudder-relayd[12821]: INFO relayd: Read configuration from "/opt/rudder/etc/relayd/"
|
|
Jul 31 06:05:32 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_repaired@@hasPolicyServer-root@@common-root@@00@@Relayd service configuration@@rudder-relayd@@2020-07-31 06:04:58+00:00##root@#Restart service rudder-relayd was repaired
|
|
Jul 31 06:05:33 server cf-agent[12139]: CFEngine(agent) rudder R: @@server-roles@@result_repaired@@server-roles@@server-roles-directive@@0@@Relayd service configuration@@None@@2020-07-31 06:04:58+00:00##root@#rudder-relayd configration was repaired
|
|
Jul 31 06:05:33 server cf-agent[12139]: CFEngine(agent) rudder R: @@server-roles@@log_repaired@@server-roles@@server-roles-directive@@0@@Relayd service configuration@@None@@2020-07-31 06:04:58+00:00##root@#rudder-relayd service has been restarted
|
|
Jul 31 06:05:33 server dbus-daemon[892]: [system] Activating service name='org.fedoraproject.Setroubleshootd' requested by ':1.135' (uid=0 pid=855 comm="/usr/sbin/sedispatch " label="system_u:system_r:auditd_t:s0") (using servicehelper)
|
|
Jul 31 06:05:33 server systemd[1]: Reloading The Apache HTTP Server.
|
|
Jul 31 06:05:34 server rudder-relayd[12821]: INFO relayd::data::node: Parsing nodes list from "/var/rudder/lib/relay/nodeslist.json"
|
|
Jul 31 06:05:34 server rudder-relayd[12821]: INFO relayd::data::node: Nodes list file does not exist, considering it as empty
|
|
Jul 31 06:05:34 server rudder-relayd[12821]: WARN relayd::data::node: certificate for unknown node: root
|
|
Jul 31 06:05:34 server rudder-relayd[12821]: INFO relayd::api: Starting API on 127.0.0.1:3030
|
|
Jul 31 06:05:34 server rudder-relayd[12821]: INFO relayd::input::watch: Starting file watcher on "/var/rudder/reports/incoming"
|
|
Jul 31 06:05:34 server rudder-relayd[12821]: INFO relayd: Skipping inventory as it is disabled
|
|
Jul 31 06:05:34 server rudder-relayd[12821]: INFO relayd: Server started
|
|
Jul 31 06:05:35 server systemd[1]: Reloaded The Apache HTTP Server.
|
|
Jul 31 06:05:35 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_repaired@@hasPolicyServer-root@@common-root@@00@@Configure apache ACL & networks@@httpd@@2020-07-31 06:04:58+00:00##root@#Run action reload on service httpd was repaired
|
|
Jul 31 06:05:36 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_repaired@@hasPolicyServer-root@@common-root@@00@@Configure apache ACL & networks@@httpd@@2020-07-31 06:04:58+00:00##root@#Reload service httpd was repaired
|
|
Jul 31 06:05:36 server cf-agent[12139]: CFEngine(agent) rudder R: @@server-roles@@result_repaired@@server-roles@@server-roles-directive@@0@@Check allowed networks configuration@@None@@2020-07-31 06:04:58+00:00##root@#Allowed networks configuration has been repaired
|
|
Jul 31 06:05:36 server cf-agent[12139]: CFEngine(agent) rudder R: @@server-roles@@log_repaired@@server-roles@@server-roles-directive@@0@@Check allowed networks configuration@@None@@2020-07-31 06:04:58+00:00##root@#Apache has been reloaded successfully
|
|
Jul 31 06:05:36 server httpd[11860]: Server configured, listening on: port 443, port 80
|
|
Jul 31 06:05:36 server cf-agent[12139]: CFEngine(agent) rudder Q: "...n/htpasswd -b /": Updating password for user rudder
|
|
Jul 31 06:05:36 server cf-agent[12139]: CFEngine(agent) rudder R: @@server-roles@@result_repaired@@server-roles@@server-roles-directive@@0@@Check WebDAV properties@@None@@2020-07-31 06:04:58+00:00##root@#Rudder WebDAV properties was repaired
|
|
Jul 31 06:05:36 server cf-agent[12139]: CFEngine(agent) rudder R: @@server-roles@@result_repaired@@server-roles@@server-roles-directive@@0@@Check WebDAV credentials@@None@@2020-07-31 06:04:58+00:00##root@#Apache WebDAV user and password was repaired
|
|
Jul 31 06:05:37 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_info@@hasPolicyServer-root@@common-root@@00@@Check apache process@@httpd@@2020-07-31 06:04:58+00:00##root@#Check if the service httpd is started was correct
|
|
Jul 31 06:05:37 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_info@@hasPolicyServer-root@@common-root@@00@@Check apache process@@httpd@@2020-07-31 06:04:58+00:00##root@#Ensure that service httpd is running was correct
|
|
Jul 31 06:05:37 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_info@@hasPolicyServer-root@@common-root@@00@@Check apache process@@httpd@@2020-07-31 06:04:58+00:00##root@#Check if service httpd is started at boot was correct
|
|
Jul 31 06:05:37 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_info@@hasPolicyServer-root@@common-root@@00@@Check apache process@@httpd@@2020-07-31 06:04:58+00:00##root@#Ensure service httpd is started at boot was correct
|
|
Jul 31 06:05:37 server cf-agent[12139]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check apache process@@None@@2020-07-31 06:04:58+00:00##root@#apache service running was correct
|
|
Jul 31 06:05:37 server cf-agent[12139]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check apache boot script@@None@@2020-07-31 06:04:58+00:00##root@#apache service enabled was correct
|
|
Jul 31 06:05:38 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_info@@hasPolicyServer-root@@common-root@@00@@Check jetty process@@rudder-jetty@@2020-07-31 06:04:58+00:00##root@#Check if the service rudder-jetty is started was correct
|
|
Jul 31 06:05:38 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_info@@hasPolicyServer-root@@common-root@@00@@Check jetty process@@rudder-jetty@@2020-07-31 06:04:58+00:00##root@#Ensure that service rudder-jetty is running was correct
|
|
Jul 31 06:05:38 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_info@@hasPolicyServer-root@@common-root@@00@@Check jetty process@@rudder-jetty@@2020-07-31 06:04:58+00:00##root@#Check if service rudder-jetty is started at boot was correct
|
|
Jul 31 06:05:38 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_info@@hasPolicyServer-root@@common-root@@00@@Check jetty process@@rudder-jetty@@2020-07-31 06:04:58+00:00##root@#Ensure service rudder-jetty is started at boot was correct
|
|
Jul 31 06:05:38 server cf-agent[12139]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check jetty process@@None@@2020-07-31 06:04:58+00:00##root@#jetty service running was correct
|
|
Jul 31 06:05:38 server cf-agent[12139]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check jetty boot script@@None@@2020-07-31 06:04:58+00:00##root@#jetty service enabled was correct
|
|
Jul 31 06:05:38 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_repaired@@hasPolicyServer-root@@common-root@@00@@Check jetty process@@/var/rudder/cfengine-community/ppkeys/root-MD5=ae7892a0221ce7038ee569ac3102070b.pub@@2020-07-31 06:04:58+00:00##root@#Symlink /var/rudder/cfengine-community/ppkeys/root-MD5=ae7892a0221ce7038ee569ac3102070b.pub targeting /var/rudder/cfengine-community/ppkeys/localhost.pub was repaired
|
|
Jul 31 06:05:38 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_repaired@@hasPolicyServer-root@@common-root@@00@@Check jetty process@@/var/rudder/cfengine-community/ppkeys/root-MD5=ae7892a0221ce7038ee569ac3102070b.pub@@2020-07-31 06:04:58+00:00##root@#Symlink /var/rudder/cfengine-community/ppkeys/root-MD5=ae7892a0221ce7038ee569ac3102070b.pub targeting /var/rudder/cfengine-community/ppkeys/localhost.pub was repaired
|
|
Jul 31 06:05:38 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_repaired@@hasPolicyServer-root@@common-root@@00@@Check jetty process@@/var/rudder/cfengine-community/ppkeys/root-MD5=ae7892a0221ce7038ee569ac3102070b.pub@@2020-07-31 06:04:58+00:00##root@#Symlink /var/rudder/cfengine-community/ppkeys/root-MD5=ae7892a0221ce7038ee569ac3102070b.pub targeting /var/rudder/cfengine-community/ppkeys/localhost.pub (without overwrite) was repaired
|
|
Jul 31 06:05:38 server cf-agent[12139]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check configuration-repository folder@@None@@2020-07-31 06:04:58+00:00##root@#The /var/rudder/configuration-repository directory is present
|
|
Jul 31 06:05:38 server cf-agent[12139]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check configuration-repository GIT lock@@None@@2020-07-31 06:04:58+00:00##root@#The /var/rudder/configuration-repository git lock file is not present or not older than 5 minutes
|
|
Jul 31 06:05:38 server dbus-daemon[892]: [system] Successfully activated service 'org.fedoraproject.Setroubleshootd'
|
|
Jul 31 06:05:40 server setroubleshoot[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:05:40 server platform-python[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:05:40 server setroubleshoot[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:05:40 server platform-python[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:05:40 server setroubleshoot[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:05:40 server platform-python[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:05:40 server setroubleshoot[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:05:40 server platform-python[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:05:41 server setroubleshoot[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:05:41 server platform-python[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:05:41 server cf-agent[12139]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check rudder status@@None@@2020-07-31 06:04:58+00:00##root@#The http://localhost:8080/rudder/api/status web interface is running
|
|
Jul 31 06:05:41 server setroubleshoot[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:05:41 server platform-python[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:05:41 server setroubleshoot[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:05:41 server platform-python[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:05:41 server setroubleshoot[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:05:41 server platform-python[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:05:41 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_info@@hasPolicyServer-root@@common-root@@00@@Check slapd process@@rudder-slapd@@2020-07-31 06:04:58+00:00##root@#Check if the service rudder-slapd is started was correct
|
|
Jul 31 06:05:41 server setroubleshoot[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:05:41 server platform-python[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:05:41 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_info@@hasPolicyServer-root@@common-root@@00@@Check slapd process@@rudder-slapd@@2020-07-31 06:04:58+00:00##root@#Ensure that service rudder-slapd is running was correct
|
|
Jul 31 06:05:41 server setroubleshoot[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:05:41 server platform-python[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:05:41 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_info@@hasPolicyServer-root@@common-root@@00@@Check slapd process@@rudder-slapd@@2020-07-31 06:04:58+00:00##root@#Check if service rudder-slapd is started at boot was correct
|
|
Jul 31 06:05:41 server cf-agent[12139]: CFEngine(agent) rudder R: @@Common@@log_info@@hasPolicyServer-root@@common-root@@00@@Check slapd process@@rudder-slapd@@2020-07-31 06:04:58+00:00##root@#Ensure service rudder-slapd is started at boot was correct
|
|
Jul 31 06:05:41 server setroubleshoot[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:05:41 server platform-python[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:05:41 server cf-agent[12139]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check slapd process@@None@@2020-07-31 06:04:58+00:00##root@#slapd service running was correct
|
|
Jul 31 06:05:41 server cf-agent[12139]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check slapd boot script@@None@@2020-07-31 06:04:58+00:00##root@#slapd service enabled was correct
|
|
Jul 31 06:05:41 server setroubleshoot[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:05:41 server platform-python[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:05:41 server setroubleshoot[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:05:41 server platform-python[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:05:42 server setroubleshoot[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:05:42 server platform-python[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:05:42 server setroubleshoot[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:05:42 server platform-python[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:05:42 server setroubleshoot[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:05:42 server platform-python[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:05:42 server systemd[1]: Stopping Jetty Web Application Server...
|
|
Jul 31 06:05:43 server setroubleshoot[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:05:43 server platform-python[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:05:44 server rudder-relayd[12821]: INFO relayd: Configuration reload requested
|
|
Jul 31 06:05:44 server rudder-relayd[12821]: INFO relayd::data::node: Parsing nodes list from "/var/rudder/lib/relay/nodeslist.json"
|
|
Jul 31 06:05:44 server rudder-relayd[12821]: INFO relayd::relay-api: 127.0.0.1:48534 "POST /rudder/relay-api/1/system/reload HTTP/1.1" 200 "-" "curl/7.61.1" 4.75701ms
|
|
Jul 31 06:05:44 server rudder-jetty.sh[13214]: Stopping Jetty: OK
|
|
Jul 31 06:05:44 server systemd[1]: Stopped Jetty Web Application Server.
|
|
Jul 31 06:05:44 server setroubleshoot[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:05:44 server platform-python[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:05:44 server setroubleshoot[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:05:44 server platform-python[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:05:44 server setroubleshoot[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:05:44 server platform-python[12830]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:05:46 server systemd[1]: Starting Jetty Web Application Server...
|
|
Jul 31 06:05:46 server rudder-jetty.sh[14372]: Setting umask to 0007
|
|
Jul 31 06:06:09 server rudder-jetty.sh[14372]: Starting Jetty: . . . . OK Fri Jul 31 06:06:09 UTC 2020
|
|
Jul 31 06:06:09 server systemd[1]: Started Jetty Web Application Server.
|
|
Jul 31 06:06:09 server systemd[1]: Stopping The Apache HTTP Server...
|
|
Jul 31 06:06:11 server systemd[1]: Stopped The Apache HTTP Server.
|
|
Jul 31 06:06:11 server systemd[1]: Starting The Apache HTTP Server...
|
|
Jul 31 06:06:11 server systemd[1]: Started The Apache HTTP Server.
|
|
Jul 31 06:06:12 server httpd[14590]: Server configured, listening on: port 443, port 80
|
|
Jul 31 06:06:12 server rudder-relayd[12821]: INFO relayd: Configuration reload requested
|
|
Jul 31 06:06:12 server rudder-relayd[12821]: INFO relayd::data::node: Parsing nodes list from "/var/rudder/lib/relay/nodeslist.json"
|
|
Jul 31 06:06:12 server rudder-relayd[12821]: INFO relayd::relay-api: 127.0.0.1:48574 "POST /rudder/relay-api/1/system/reload HTTP/1.1" 200 "-" "curl/7.61.1" 67.102767ms
|
|
Jul 31 06:06:13 server su[14903]: (to postgres) vagrant on none
|
|
Jul 31 06:06:13 server su[14903]: pam_systemd(su-l:session): Cannot create session: Already running in a session or user slice
|
|
Jul 31 06:06:13 server su[14903]: pam_unix(su-l:session): session opened for user postgres by (uid=0)
|
|
Jul 31 06:06:14 server su[14903]: pam_unix(su-l:session): session closed for user postgres
|
|
Jul 31 06:06:18 server systemd[1]: Stopped Rudder agent umbrella service.
|
|
Jul 31 06:06:18 server rudder-relayd[12821]: INFO relayd: Configuration reload requested
|
|
Jul 31 06:06:18 server rudder-relayd[12821]: INFO relayd::data::node: Parsing nodes list from "/var/rudder/lib/relay/nodeslist.json"
|
|
Jul 31 06:06:18 server rudder-relayd[12821]: INFO relayd::relay-api: 127.0.0.1:48576 "POST /rudder/relay-api/1/system/reload HTTP/1.1" 200 "-" "curl/7.61.1" 567.875µs
|
|
Jul 31 06:06:19 server systemd[1]: Started CFEngine file server.
|
|
Jul 31 06:06:19 server systemd[1]: Starting Rudder agent umbrella service...
|
|
Jul 31 06:06:19 server systemd[1]: Started CFEngine Execution Scheduler.
|
|
Jul 31 06:06:19 server systemd[1]: Started Rudder agent umbrella service.
|
|
Jul 31 06:06:22 server cf-serverd[15229]: rudder info: Failed to canonicalise filename '/var/rudder/configuration-repository/ncf/50_techniques' (realpath: No such file or directory)
|
|
Jul 31 06:06:22 server cf-serverd[15229]: rudder info: Path does not exist, it's added as-is in access rules: /var/rudder/configuration-repository/ncf/50_techniques
|
|
Jul 31 06:06:22 server cf-serverd[15229]: rudder info: WARNING: this means that (not) having a trailing slash defines if it's (not) a directory!
|
|
Jul 31 06:06:22 server cf-serverd[15229]: rudder info: Failed to canonicalise filename '/var/rudder/share/root/' (realpath: No such file or directory)
|
|
Jul 31 06:06:22 server cf-serverd[15229]: rudder info: Path does not exist, it's added as-is in access rules: /var/rudder/share/root/
|
|
Jul 31 06:06:22 server cf-serverd[15229]: rudder info: WARNING: this means that (not) having a trailing slash defines if it's (not) a directory!
|
|
Jul 31 06:06:22 server cf-serverd[15229]: rudder info: Failed to canonicalise filename '/var/rudder/shared-files/root/' (realpath: No such file or directory)
|
|
Jul 31 06:06:22 server cf-serverd[15229]: rudder info: Path does not exist, it's added as-is in access rules: /var/rudder/shared-files/root/
|
|
Jul 31 06:06:22 server cf-serverd[15229]: rudder info: WARNING: this means that (not) having a trailing slash defines if it's (not) a directory!
|
|
Jul 31 06:06:22 server cf-serverd[15229]: CFEngine(server) rudder Failed to canonicalise filename '/var/rudder/configuration-repository/ncf/50_techniques' (realpath: No such file or directory)
|
|
Jul 31 06:06:22 server cf-serverd[15229]: CFEngine(server) rudder Path does not exist, it's added as-is in access rules: /var/rudder/configuration-repository/ncf/50_techniques
|
|
Jul 31 06:06:22 server cf-serverd[15229]: CFEngine(server) rudder WARNING: this means that (not) having a trailing slash defines if it's (not) a directory!
|
|
Jul 31 06:06:22 server cf-serverd[15229]: CFEngine(server) rudder Failed to canonicalise filename '/var/rudder/share/root/' (realpath: No such file or directory)
|
|
Jul 31 06:06:22 server cf-serverd[15229]: CFEngine(server) rudder Path does not exist, it's added as-is in access rules: /var/rudder/share/root/
|
|
Jul 31 06:06:22 server cf-serverd[15229]: CFEngine(server) rudder WARNING: this means that (not) having a trailing slash defines if it's (not) a directory!
|
|
Jul 31 06:06:22 server cf-serverd[15229]: CFEngine(server) rudder Failed to canonicalise filename '/var/rudder/shared-files/root/' (realpath: No such file or directory)
|
|
Jul 31 06:06:22 server cf-serverd[15229]: CFEngine(server) rudder Path does not exist, it's added as-is in access rules: /var/rudder/shared-files/root/
|
|
Jul 31 06:06:22 server cf-serverd[15229]: CFEngine(server) rudder WARNING: this means that (not) having a trailing slash defines if it's (not) a directory!
|
|
Jul 31 06:06:22 server cf-serverd[15229]: notice: Server is starting...
|
|
Jul 31 06:06:22 server cf-serverd[15229]: CFEngine(server) rudder Server is starting...
|
|
Jul 31 06:06:24 server cf-agent[15499]: CFEngine(agent) rudder Using command line specified bundlesequence
|
|
Jul 31 06:06:24 server cf-agent[15499]: CFEngine(agent) rudder R: @@Common@@result_repaired@@hasPolicyServer-root@@common-root@@0@@Compute inventory splay@@rudder_run_inventory@@2020-07-31 06:06:23+00:00##root@#Scheduling rudder_run_inventory was repaired
|
|
Jul 31 06:06:24 server cf-agent[15499]: CFEngine(agent) rudder Executing 'no timeout' ... '/usr/bin/curl --tlsv1.2 --location --insecure --silent --fail --proxy '' --output "/var/rudder/cfengine-community/rudder-server-uuid.txt" https://127.0.0.1/uuid'
|
|
Jul 31 06:06:24 server cf-agent[15499]: CFEngine(agent) rudder Completed execution of '/usr/bin/curl --tlsv1.2 --location --insecure --silent --fail --proxy '' --output "/var/rudder/cfengine-community/rudder-server-uuid.txt" https://127.0.0.1/uuid'
|
|
Jul 31 06:06:24 server cf-agent[15499]: CFEngine(agent) rudder Created directory '/var/rudder/tmp/inventory/.'
|
|
Jul 31 06:06:24 server cf-agent[15499]: CFEngine(agent) rudder Executing 'no timeout' ... '/opt/rudder/bin/run-inventory --local=/var/rudder/tmp/inventory/server-root.ocs'
|
|
Jul 31 06:06:25 server sshd[15751]: Connection closed by 127.0.0.1 port 48324 [preauth]
|
|
Jul 31 06:06:25 server sshd[15750]: Connection closed by 127.0.0.1 port 48322 [preauth]
|
|
Jul 31 06:06:25 server sshd[15752]: Connection closed by 127.0.0.1 port 48326 [preauth]
|
|
Jul 31 06:06:26 server cf-agent[15499]: CFEngine(agent) rudder Q: "...-inventory --lo": [info] FusionInventory instance: builtin - Perl instance: system
|
|
Q: "...-inventory --lo": [info] running task Inventory
|
|
Q: "...-inventory --lo": [info] Inventory saved in /var/rudder/tmp/inventory/server-root.ocs
|
|
Jul 31 06:06:26 server cf-agent[15499]: CFEngine(agent) rudder Last 3 quoted lines were generated by promiser '/opt/rudder/bin/run-inventory --local=/var/rudder/tmp/inventory/server-root.ocs'
|
|
Jul 31 06:06:26 server cf-agent[15499]: CFEngine(agent) rudder Completed execution of '/opt/rudder/bin/run-inventory --local=/var/rudder/tmp/inventory/server-root.ocs'
|
|
Jul 31 06:06:26 server cf-agent[15499]: CFEngine(agent) rudder R: @@Common@@control@@rudder@@run@@0@@start@@20200731-060609-23bf77bc@@2020-07-31 06:06:23+00:00##root@#Start execution
|
|
Jul 31 06:06:26 server cf-agent[15499]: CFEngine(agent) rudder Automatically promoting context scope for 'heartbeat_sent' to namespace visibility, due to persistence
|
|
Jul 31 06:06:26 server cf-agent[15499]: CFEngine(agent) rudder R: @@Inventory@@log_debug@@inventory-all@@inventory-all@@0@@inventory@@None@@2020-07-31 06:06:23+00:00##root@#Running inventory
|
|
Jul 31 06:06:26 server cf-agent[15499]: CFEngine(agent) rudder Copying from 'localhost:/var/rudder/tmp/inventory/server-root.ocs'
|
|
Jul 31 06:06:26 server cf-agent[15499]: CFEngine(agent) rudder Transforming '/opt/rudder/bin/rudder-sign "/var/rudder/inventories/server-root.ocs"'
|
|
Jul 31 06:06:26 server cf-agent[15499]: CFEngine(agent) rudder Transformer '/var/rudder/inventories/server-root.ocs' => '/opt/rudder/bin/rudder-sign "/var/rudder/inventories/server-root.ocs"' seemed to work ok
|
|
Jul 31 06:06:26 server cf-agent[15499]: CFEngine(agent) rudder Transforming '/opt/rudder/bin/rudder-sign "/var/rudder/inventories/server-root.ocs"'
|
|
Jul 31 06:06:26 server cf-agent[15499]: CFEngine(agent) rudder Transforming '/bin/gzip -fq /var/rudder/inventories/server-root.ocs'
|
|
Jul 31 06:06:26 server cf-agent[15499]: CFEngine(agent) rudder Transformer '/var/rudder/inventories/server-root.ocs' => '/bin/gzip -fq /var/rudder/inventories/server-root.ocs' seemed to work ok
|
|
Jul 31 06:06:26 server cf-agent[15499]: CFEngine(agent) rudder Transforming '/usr/bin/curl --tlsv1.2 --location --insecure --fail --silent --proxy '' --user rudder:a96ded5196820383ba72 --upload-file /var/rudder/inventories/server-root.ocs.sign https://127.0.0.1/inventory-updates/'
|
|
Jul 31 06:06:26 server cf-agent[15499]: CFEngine(agent) rudder Finished command related to promiser '/var/rudder/inventories/server-root.ocs.*' -- an error occurred, returned 22
|
|
Jul 31 06:06:26 server cf-agent[15499]: CFEngine(agent) rudder Automatically promoting context scope for 'cant_send_inventory' to namespace visibility, due to persistence
|
|
Jul 31 06:06:27 server cf-agent[15499]: CFEngine(agent) rudder Transformer '/var/rudder/inventories/server-root.ocs.sign' => '/usr/bin/curl --tlsv1.2 --location --insecure --fail --silent --proxy '' --user rudder:a96ded5196820383ba72 --upload-file /var/rudder/inventories/server-root.ocs.sign https://127.0.0.1/inventory-updates/' returned error
|
|
Jul 31 06:06:27 server cf-agent[15499]: CFEngine(agent) rudder Transforming '/usr/bin/curl --tlsv1.2 --location --insecure --fail --silent --proxy '' --user rudder:a96ded5196820383ba72 --upload-file /var/rudder/inventories/server-root.ocs.sign https://127.0.0.1/inventory-updates/'
|
|
Jul 31 06:06:27 server cf-agent[15499]: CFEngine(agent) rudder Transforming '/usr/bin/curl --tlsv1.2 --location --insecure --fail --silent --proxy '' --user rudder:a96ded5196820383ba72 --upload-file /var/rudder/inventories/server-root.ocs.gz https://127.0.0.1/inventory-updates/'
|
|
Jul 31 06:06:27 server cf-agent[15499]: CFEngine(agent) rudder Finished command related to promiser '/var/rudder/inventories/server-root.ocs.*' -- an error occurred, returned 22
|
|
Jul 31 06:06:27 server cf-agent[15499]: CFEngine(agent) rudder Automatically promoting context scope for 'cant_send_inventory' to namespace visibility, due to persistence
|
|
Jul 31 06:06:27 server cf-agent[15499]: CFEngine(agent) rudder Transformer '/var/rudder/inventories/server-root.ocs.gz' => '/usr/bin/curl --tlsv1.2 --location --insecure --fail --silent --proxy '' --user rudder:a96ded5196820383ba72 --upload-file /var/rudder/inventories/server-root.ocs.gz https://127.0.0.1/inventory-updates/' returned error
|
|
Jul 31 06:06:27 server cf-agent[15499]: CFEngine(agent) rudder Transforming '/usr/bin/curl --tlsv1.2 --location --insecure --fail --silent --proxy '' --user rudder:a96ded5196820383ba72 --upload-file /var/rudder/inventories/server-root.ocs.gz https://127.0.0.1/inventory-updates/'
|
|
Jul 31 06:06:27 server cf-agent[15499]: CFEngine(agent) rudder Transforming '/bin/cp /var/rudder/inventories/server-root.ocs.sign /var/rudder/inventories/accepted-nodes-updates'
|
|
Jul 31 06:06:27 server cf-agent[15499]: CFEngine(agent) rudder Automatically promoting context scope for 'inventory_sent' to namespace visibility, due to persistence
|
|
Jul 31 06:06:27 server cf-agent[15499]: CFEngine(agent) rudder Transformer '/var/rudder/inventories/server-root.ocs.sign' => '/bin/cp /var/rudder/inventories/server-root.ocs.sign /var/rudder/inventories/accepted-nodes-updates' seemed to work ok
|
|
Jul 31 06:06:27 server cf-agent[15499]: CFEngine(agent) rudder Transforming '/bin/cp /var/rudder/inventories/server-root.ocs.sign /var/rudder/inventories/accepted-nodes-updates'
|
|
Jul 31 06:06:27 server cf-agent[15499]: CFEngine(agent) rudder Transforming '/bin/cp /var/rudder/inventories/server-root.ocs.gz /var/rudder/inventories/accepted-nodes-updates'
|
|
Jul 31 06:06:27 server cf-agent[15499]: CFEngine(agent) rudder Automatically promoting context scope for 'inventory_sent' to namespace visibility, due to persistence
|
|
Jul 31 06:06:27 server cf-agent[15499]: CFEngine(agent) rudder Transformer '/var/rudder/inventories/server-root.ocs.gz' => '/bin/cp /var/rudder/inventories/server-root.ocs.gz /var/rudder/inventories/accepted-nodes-updates' seemed to work ok
|
|
Jul 31 06:06:27 server cf-agent[15499]: CFEngine(agent) rudder Transforming '/bin/cp /var/rudder/inventories/server-root.ocs.gz /var/rudder/inventories/accepted-nodes-updates'
|
|
Jul 31 06:06:27 server cf-agent[15499]: CFEngine(agent) rudder Transforming '/bin/rm -f /var/rudder/inventories/server-root.ocs.sign'
|
|
Jul 31 06:06:27 server cf-agent[15499]: CFEngine(agent) rudder Transformer '/var/rudder/inventories/server-root.ocs.sign' => '/bin/rm -f /var/rudder/inventories/server-root.ocs.sign' seemed to work ok
|
|
Jul 31 06:06:27 server cf-agent[15499]: CFEngine(agent) rudder Transforming '/bin/rm -f /var/rudder/inventories/server-root.ocs.gz'
|
|
Jul 31 06:06:27 server cf-agent[15499]: CFEngine(agent) rudder Transformer '/var/rudder/inventories/server-root.ocs.gz' => '/bin/rm -f /var/rudder/inventories/server-root.ocs.gz' seemed to work ok
|
|
Jul 31 06:06:27 server cf-agent[15499]: CFEngine(agent) rudder Created file '/var/rudder/tmp/inventory_sent', mode 0600
|
|
Jul 31 06:06:27 server cf-agent[15499]: CFEngine(agent) rudder Touched (updated time stamps) for path '/var/rudder/tmp/inventory_sent'
|
|
Jul 31 06:06:27 server cf-agent[15499]: CFEngine(agent) rudder R: @@Inventory@@result_success@@inventory-all@@inventory-all@@0@@inventory@@None@@2020-07-31 06:06:23+00:00##root@#The inventory has been successfully sent
|
|
Jul 31 06:06:27 server cf-agent[15499]: CFEngine(agent) rudder Method 'sendInventory' failed in some repairs
|
|
Jul 31 06:06:27 server cf-agent[15499]: CFEngine(agent) rudder Deleted file '/opt/rudder/etc/force_inventory'
|
|
Jul 31 06:06:27 server cf-agent[15499]: CFEngine(agent) rudder R: @@Inventory@@log_info@@inventory-all@@inventory-all@@0@@inventory@@None@@2020-07-31 06:06:23+00:00##root@#An inventory was already sent less than 8 hours ago
|
|
Jul 31 06:06:27 server cf-agent[15499]: CFEngine(agent) rudder Method 'doInventory_always' failed in some repairs
|
|
Jul 31 06:06:48 server cf-serverd[15229]: notice: Rereading policy file '/var/rudder/cfengine-community/inputs/promises.cf'
|
|
Jul 31 06:06:48 server cf-serverd[15229]: CFEngine(server) rudder Rereading policy file '/var/rudder/cfengine-community/inputs/promises.cf'
|
|
Jul 31 06:06:49 server kernel: SELinux: Converting 2422 SID table entries...
|
|
Jul 31 06:06:51 server kernel: SELinux: policy capability network_peer_controls=1
|
|
Jul 31 06:06:51 server kernel: SELinux: policy capability open_perms=1
|
|
Jul 31 06:06:51 server kernel: SELinux: policy capability extended_socket_class=1
|
|
Jul 31 06:06:51 server kernel: SELinux: policy capability always_check_network=0
|
|
Jul 31 06:06:51 server kernel: SELinux: policy capability cgroup_seclabel=1
|
|
Jul 31 06:06:51 server kernel: SELinux: policy capability nnp_nosuid_transition=1
|
|
Jul 31 06:06:51 server dbus-daemon[892]: [system] Reloaded configuration
|
|
Jul 31 06:06:52 server cf-serverd[15229]: rudder info: Failed to canonicalise filename '/var/rudder/configuration-repository/ncf/50_techniques' (realpath: No such file or directory)
|
|
Jul 31 06:06:52 server cf-serverd[15229]: rudder info: Path does not exist, it's added as-is in access rules: /var/rudder/configuration-repository/ncf/50_techniques
|
|
Jul 31 06:06:52 server cf-serverd[15229]: rudder info: WARNING: this means that (not) having a trailing slash defines if it's (not) a directory!
|
|
Jul 31 06:06:52 server cf-serverd[15229]: rudder info: Failed to canonicalise filename '/var/rudder/share/root/' (realpath: No such file or directory)
|
|
Jul 31 06:06:52 server cf-serverd[15229]: rudder info: Path does not exist, it's added as-is in access rules: /var/rudder/share/root/
|
|
Jul 31 06:06:52 server cf-serverd[15229]: rudder info: WARNING: this means that (not) having a trailing slash defines if it's (not) a directory!
|
|
Jul 31 06:06:52 server cf-serverd[15229]: rudder info: Failed to canonicalise filename '/var/rudder/shared-files/root/' (realpath: No such file or directory)
|
|
Jul 31 06:06:52 server cf-serverd[15229]: rudder info: Path does not exist, it's added as-is in access rules: /var/rudder/shared-files/root/
|
|
Jul 31 06:06:52 server cf-serverd[15229]: rudder info: WARNING: this means that (not) having a trailing slash defines if it's (not) a directory!
|
|
Jul 31 06:06:52 server cf-serverd[15229]: CFEngine(server) rudder Failed to canonicalise filename '/var/rudder/configuration-repository/ncf/50_techniques' (realpath: No such file or directory)
|
|
Jul 31 06:06:52 server cf-serverd[15229]: CFEngine(server) rudder Path does not exist, it's added as-is in access rules: /var/rudder/configuration-repository/ncf/50_techniques
|
|
Jul 31 06:06:52 server cf-serverd[15229]: CFEngine(server) rudder WARNING: this means that (not) having a trailing slash defines if it's (not) a directory!
|
|
Jul 31 06:06:52 server cf-serverd[15229]: CFEngine(server) rudder Failed to canonicalise filename '/var/rudder/share/root/' (realpath: No such file or directory)
|
|
Jul 31 06:06:52 server cf-serverd[15229]: CFEngine(server) rudder Path does not exist, it's added as-is in access rules: /var/rudder/share/root/
|
|
Jul 31 06:06:52 server cf-serverd[15229]: CFEngine(server) rudder WARNING: this means that (not) having a trailing slash defines if it's (not) a directory!
|
|
Jul 31 06:06:52 server cf-serverd[15229]: CFEngine(server) rudder Failed to canonicalise filename '/var/rudder/shared-files/root/' (realpath: No such file or directory)
|
|
Jul 31 06:06:52 server cf-serverd[15229]: CFEngine(server) rudder Path does not exist, it's added as-is in access rules: /var/rudder/shared-files/root/
|
|
Jul 31 06:06:52 server cf-serverd[15229]: CFEngine(server) rudder WARNING: this means that (not) having a trailing slash defines if it's (not) a directory!
|
|
Jul 31 06:06:52 server systemd[1]: Reloading.
|
|
Jul 31 06:06:52 server systemd[1]: Reloading.
|
|
Jul 31 06:06:52 server systemd[1]: Stopping System Logging Service...
|
|
Jul 31 06:06:53 server rsyslogd[2694]: [origin software="rsyslogd" swVersion="8.37.0-13.el8" x-pid="2694" x-info="http://www.rsyslog.com"] exiting on signal 15.
|
|
Jul 31 06:06:53 server systemd[1]: Stopped System Logging Service.
|
|
Jul 31 06:06:53 server systemd[1]: Starting System Logging Service...
|
|
Jul 31 06:06:53 server rsyslogd[16016]: [origin software="rsyslogd" swVersion="8.1911.0-3.el8" x-pid="16016" x-info="https://www.rsyslog.com"] start
|
|
Jul 31 06:06:53 server systemd[1]: Started System Logging Service.
|
|
Jul 31 06:06:53 server rsyslogd[16016]: imjournal: journal files changed, reloading... [v8.1911.0-3.el8 try https://www.rsyslog.com/e/0 ]
|
|
Jul 31 06:06:53 server systemd[1]: Stopping The Apache HTTP Server...
|
|
Jul 31 06:06:53 server systemd[1]: Started /usr/bin/systemctl start man-db-cache-update.
|
|
Jul 31 06:06:53 server systemd[1]: Starting man-db-cache-update.service...
|
|
Jul 31 06:06:53 server systemd[1]: Reloading.
|
|
Jul 31 06:06:53 server systemd-tmpfiles[16054]: [/usr/lib/tmpfiles.d/mdadm.conf:1] Line references path below legacy directory /var/run/, updating /var/run/mdadm → /run/mdadm; please update the tmpfiles.d/ drop-in file accordingly.
|
|
Jul 31 06:06:53 server systemd-tmpfiles[16054]: [/usr/lib/tmpfiles.d/pesign.conf:1] Line references path below legacy directory /var/run/, updating /var/run/pesign → /run/pesign; please update the tmpfiles.d/ drop-in file accordingly.
|
|
Jul 31 06:06:53 server systemd-tmpfiles[16054]: [/usr/lib/tmpfiles.d/postgresql.conf:1] Line references path below legacy directory /var/run/, updating /var/run/postgresql → /run/postgresql; please update the tmpfiles.d/ drop-in file accordingly.
|
|
Jul 31 06:06:54 server systemd[1]: Stopped The Apache HTTP Server.
|
|
Jul 31 06:06:54 server systemd[1]: Starting The Apache HTTP Server...
|
|
Jul 31 06:06:54 server systemd[1]: Started The Apache HTTP Server.
|
|
Jul 31 06:06:54 server httpd[16266]: Server configured, listening on: port 443, port 80
|
|
Jul 31 06:06:55 server systemd[1]: Started man-db-cache-update.service.
|
|
Jul 31 06:06:56 server systemd[1]: Stopping Jetty Web Application Server...
|
|
Jul 31 06:06:57 server rudder-jetty.sh[17568]: Stopping Jetty: OK
|
|
Jul 31 06:06:57 server systemd[1]: Stopped Jetty Web Application Server.
|
|
Jul 31 06:06:57 server systemd[1]: Starting Jetty Web Application Server...
|
|
Jul 31 06:06:57 server rudder-jetty.sh[17638]: Setting umask to 0007
|
|
Jul 31 06:07:19 server rudder-jetty.sh[17638]: Starting Jetty: . . . . OK Fri Jul 31 06:07:19 UTC 2020
|
|
Jul 31 06:07:19 server systemd[1]: Started Jetty Web Application Server.
|
|
Jul 31 06:07:25 server sudo[6100]: pam_unix(sudo:session): session closed for user root
|
|
Jul 31 06:07:25 server sshd[2165]: pam_unix(sshd:session): session closed for user vagrant
|
|
Jul 31 06:07:25 server systemd-logind[943]: Session 3 logged out. Waiting for processes to exit.
|
|
Jul 31 06:07:25 server systemd-logind[943]: Removed session 3.
|
|
Jul 31 06:07:25 server systemd[1]: user-runtime-dir@1000.service: Unit not needed anymore. Stopping.
|
|
Jul 31 06:07:25 server systemd[1]: Stopping User Manager for UID 1000...
|
|
Jul 31 06:07:25 server systemd[2169]: Stopped target Default.
|
|
Jul 31 06:07:25 server systemd[2169]: Stopped target Basic System.
|
|
Jul 31 06:07:25 server systemd[2169]: Stopped target Sockets.
|
|
Jul 31 06:07:25 server systemd[2169]: Closed D-Bus User Message Bus Socket.
|
|
Jul 31 06:07:25 server systemd[2169]: Stopped target Timers.
|
|
Jul 31 06:07:25 server systemd[2169]: Stopped Mark boot as successful after the user session has run 2 minutes.
|
|
Jul 31 06:07:25 server systemd[2169]: Stopped target Paths.
|
|
Jul 31 06:07:25 server systemd[2169]: Reached target Shutdown.
|
|
Jul 31 06:07:25 server systemd[2169]: Starting Exit the Session...
|
|
Jul 31 06:07:25 server systemd[2169]: selinux: avc: received setenforce notice (enforcing=1)
|
|
Jul 31 06:07:25 server systemd[2169]: selinux: avc: received policyload notice (seqno=2)
|
|
Jul 31 06:07:25 server systemd[2169]: selinux: avc: received policyload notice (seqno=3)
|
|
Jul 31 06:07:25 server systemd[2169]: selinux: avc: received policyload notice (seqno=4)
|
|
Jul 31 06:07:25 server systemd[2169]: selinux: avc: received policyload notice (seqno=5)
|
|
Jul 31 06:07:25 server systemd[2169]: selinux: avc: received policyload notice (seqno=6)
|
|
Jul 31 06:07:25 server systemd[1]: user-runtime-dir@1000.service: Unit not needed anymore. Stopping.
|
|
Jul 31 06:07:25 server systemd[1]: Stopped User Manager for UID 1000.
|
|
Jul 31 06:07:25 server systemd[1]: user-runtime-dir@1000.service: Unit not needed anymore. Stopping.
|
|
Jul 31 06:07:25 server systemd[1]: Removed slice User Slice of UID 1000.
|
|
Jul 31 06:07:25 server systemd[1]: Stopping /run/user/1000 mount wrapper...
|
|
Jul 31 06:07:25 server systemd[1]: Stopped /run/user/1000 mount wrapper.
|
|
Jul 31 06:10:01 server CROND[18148]: (root) CMD (/opt/rudder/bin/relay-cleanup >/dev/null)
|
|
Jul 31 06:10:01 server CROND[18147]: (root) CMD (/opt/rudder/bin/rudder agent check -q >> /var/log/rudder/agent-check/check.log 2>&1)
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@Common@@control@@rudder@@run@@0@@start@@20200731-060609-23bf77bc@@2020-07-31 06:10:27+00:00##root@#Start execution
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Automatically promoting context scope for 'heartbeat_sent' to namespace visibility, due to persistence
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Copying from 'localhost:/var/rudder/ncf/common/10_ncf_internals/modules/packages/apt_get'
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder The file '' has already been moved to the repository once. Multiple update will cause loss of backup.
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/modules/packages/apt_get' had permission 0600, changed it to 0700
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Copying from 'localhost:/var/rudder/ncf/common/10_ncf_internals/modules/packages/freebsd_ports'
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder The file '' has already been moved to the repository once. Multiple update will cause loss of backup.
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/modules/packages/freebsd_ports' had permission 0600, changed it to 0700
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Copying from 'localhost:/var/rudder/ncf/common/10_ncf_internals/modules/packages/nimclient'
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder The file '' has already been moved to the repository once. Multiple update will cause loss of backup.
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/modules/packages/nimclient' had permission 0600, changed it to 0700
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Copying from 'localhost:/var/rudder/ncf/common/10_ncf_internals/modules/packages/pkg'
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder The file '' has already been moved to the repository once. Multiple update will cause loss of backup.
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/modules/packages/pkg' had permission 0600, changed it to 0700
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Copying from 'localhost:/var/rudder/ncf/common/10_ncf_internals/modules/packages/pkgsrc'
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder The file '' has already been moved to the repository once. Multiple update will cause loss of backup.
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/modules/packages/pkgsrc' had permission 0600, changed it to 0700
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Copying from 'localhost:/var/rudder/ncf/common/10_ncf_internals/modules/packages/slackpkg'
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder The file '' has already been moved to the repository once. Multiple update will cause loss of backup.
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/modules/packages/slackpkg' had permission 0600, changed it to 0700
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Copying from 'localhost:/var/rudder/ncf/common/10_ncf_internals/modules/packages/snap'
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder The file '' has already been moved to the repository once. Multiple update will cause loss of backup.
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/modules/packages/snap' had permission 0600, changed it to 0700
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Copying from 'localhost:/var/rudder/ncf/common/10_ncf_internals/modules/packages/yum'
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder The file '' has already been moved to the repository once. Multiple update will cause loss of backup.
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/modules/packages/yum' had permission 0600, changed it to 0700
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Copying from 'localhost:/var/rudder/ncf/common/10_ncf_internals/modules/packages/zypper'
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder The file '' has already been moved to the repository once. Multiple update will cause loss of backup.
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/modules/packages/zypper' had permission 0600, changed it to 0700
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Copying from 'localhost:/var/rudder/ncf/common/10_ncf_internals/modules/packages/zypper_pattern'
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder The file '' has already been moved to the repository once. Multiple update will cause loss of backup.
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/modules/packages/zypper_pattern' had permission 0600, changed it to 0700
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Copying from 'localhost:/var/rudder/ncf/common/10_ncf_internals/modules/templates/datastate.json.tpl'
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder The file '' has already been moved to the repository once. Multiple update will cause loss of backup.
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/modules/templates/datastate.json.tpl' had permission 0600, changed it to 0700
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Copying from 'localhost:/var/rudder/ncf/common/10_ncf_internals/modules/templates/jinja2-templating.py'
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder The file '' has already been moved to the repository once. Multiple update will cause loss of backup.
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/modules/templates/jinja2-templating.py' had permission 0600, changed it to 0700
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: [INFO] Starting CFEngine 3.15.1 on host server.rudder.local (centos_8 x86_64)
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@Common@@result_repaired@@hasPolicyServer-root@@common-root@@0@@ncf Initialization@@None@@2020-07-31 06:10:27+00:00##root@#Configuration library initialization was repaired
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@Common@@log_repaired@@hasPolicyServer-root@@common-root@@0@@Update@@None@@2020-07-31 06:10:27+00:00##root@#Common configuration library updated
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@Common@@log_repaired@@hasPolicyServer-root@@common-root@@0@@Update@@None@@2020-07-31 06:10:27+00:00##root@#Local configuration library updated
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@Common@@result_repaired@@hasPolicyServer-root@@common-root@@0@@Update@@None@@2020-07-31 06:10:27+00:00##root@#Policy or configuration library were updated
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/modified-files' had permission 0755, changed it to 0700
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/distributePolicy/rsyslog.conf/rudder-rsyslog-relay.conf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/distributePolicy/rsyslog.conf/rudder-rsyslog-root.conf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/distributePolicy/rsyslog.conf' had permission 0750, changed it to 0700
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/distributePolicy/1.0/nodeslist.json' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/distributePolicy/1.0/nodescerts.pem' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/distributePolicy/1.0/common.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/distributePolicy/1.0/rsyslogConf.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/distributePolicy/1.0/propagatePromises.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/distributePolicy/1.0/apache-acl.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/distributePolicy/1.0' had permission 0750, changed it to 0700
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/distributePolicy' had permission 0770, changed it to 0700
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/rudder-promises-generated' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/rudder_promises_generated' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0/rudder-parameters.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0/cf-serverd.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0/rudder-groups.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0/common.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0/check-rsyslog-version' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0/site.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0/reporting-http.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0/hooks.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0/environment-variables.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0/monitoring.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0/properties.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0/restart-services.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0/update.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0/cron-setup.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0/internal-security.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0' had permission 0750, changed it to 0700
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/cron/rudder-agent-community-cron' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/cron' had permission 0750, changed it to 0700
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common' had permission 0770, changed it to 0700
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/inventory/1.0/test-inventory.pl' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/inventory/1.0/fusionAgent.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/inventory/1.0' had permission 0750, changed it to 0700
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/inventory' had permission 0770, changed it to 0700
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/run_interval' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/rudder-vars.json' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/rudder-directives.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/failsafe.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/rudder-server-roles.conf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/rudder-system-directives.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/clientlist/clientlist.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/clientlist' had permission 0750, changed it to 0700
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/promises.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0/common.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0/network-check.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0/logrotate-check.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0/relayd.conf.tpl' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0/relayd.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0/compress-ldap-backups.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0/password-check.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0/metrics-reporting.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0/integrity-check.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0/component-check.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0/servers-by-role.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0/alive-check.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0/service-check.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0/compress-webapp-log.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0/technique-reload.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0' had permission 0750, changed it to 0700
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/logrotate.conf/rudder' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/logrotate.conf' had permission 0750, changed it to 0700
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles' had permission 0770, changed it to 0700
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/rudder-directives.csv' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/rudder.json' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/properties.d/properties.json' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/properties.d' had permission 0750, changed it to 0700
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/rudder-parameters.json' had permission 0640, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs' had permission 0750, changed it to 0700
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@Common@@result_repaired@@hasPolicyServer-root@@common-root@@0@@Security parameters@@None@@2020-07-31 06:10:27+00:00##root@#Some internal security parameters were adjusted
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Moved '/etc/cron.d/rudder-agent_1596175826_Fri_Jul_31_06_10_28_2020.cf-before-edit' to repository location '/var/rudder/modified-files/_etc_cron_d_rudder_agent_1596175826_Fri_Jul_31_06_10_28_2020_cf_before_edit'
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Updated rendering of '/etc/cron.d/rudder-agent' from mustache template '/var/rudder/cfengine-community/inputs/common/cron/rudder-agent-community-cron'
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Edit file '/etc/cron.d/rudder-agent'
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@Common@@result_success@@hasPolicyServer-root@@common-root@@0@@CRON Daemon@@None@@2020-07-31 06:10:27+00:00##root@#Cron daemon status was correct
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Executing 'no timeout' ... '/usr/bin/curl --tlsv1.2 --location --insecure --fail --silent --proxy '' --user rudder:a96ded5196820383ba72 --upload-file /var/rudder/reports/ready/2020-07-31T06:06:21+00:00@root.log.gz https://127.0.0.1/reports/'
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Finished command related to promiser '/usr/bin/curl --tlsv1.2 --location --insecure --fail --silent --proxy '' --user rudder:a96ded5196820383ba72 --upload-file /var/rudder/reports/ready/2020-07-31T06:06:21+00:00@root.log.gz https://127.0.0.1/reports/' -- an error occurred, returned 22
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Completed execution of '/usr/bin/curl --tlsv1.2 --location --insecure --fail --silent --proxy '' --user rudder:a96ded5196820383ba72 --upload-file /var/rudder/reports/ready/2020-07-31T06:06:21+00:00@root.log.gz https://127.0.0.1/reports/'
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@Common@@log_warn@@hasPolicyServer-root@@common-root@@0@@Log system for reports@@None@@2020-07-31 06:10:27+00:00##root@#Could not send report /var/rudder/reports/ready/2020-07-31T06:06:21+00:00@root.log.gz
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Method 'send_rudder_report' failed in some repairs
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@Common@@result_error@@hasPolicyServer-root@@common-root@@0@@Log system for reports@@None@@2020-07-31 06:10:27+00:00##root@#Reports forwarding to policy server could not be repaired
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Method 'send_rudder_reports' failed in some repairs
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Method 'configure_rudder_reporting_system' failed in some repairs
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@Common@@log_info@@hasPolicyServer-root@@common-root@@0@@None@@/var/rudder/tmp/rudder_monitoring.csv@@2020-07-31 06:10:27+00:00##root@#Remove file /var/rudder/tmp/rudder_monitoring.csv was correct
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Created file '/usr/share/ncf/tree/ncf_hash_file', mode 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Edit file '/usr/share/ncf/tree/ncf_hash_file'
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Created file '/var/rudder/configuration-repository/ncf/ncf_hash_file', mode 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Edit file '/var/rudder/configuration-repository/ncf/ncf_hash_file'
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@DistributePolicy@@result_na@@root-DP@@root-distributePolicy@@0@@Synchronize resources@@None@@2020-07-31 06:10:27+00:00##root@#Nothing needs to be updated
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@DistributePolicy@@result_na@@root-DP@@root-distributePolicy@@0@@Synchronize policies@@None@@2020-07-31 06:10:27+00:00##root@#Rudder server does not need to synchronize its policies
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@DistributePolicy@@result_na@@root-DP@@root-distributePolicy@@0@@Synchronize files@@None@@2020-07-31 06:10:27+00:00##root@#Rudder server does not need to synchronize its shared files
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@DistributePolicy@@result_success@@root-DP@@root-distributePolicy@@0@@Send inventories to Rudder server@@None@@2020-07-31 06:10:27+00:00##root@#No inventory to send
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/opt/rudder/etc/ssl/ca.cert' had permission 0644, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Object '/var/rudder/lib/ssl//nodescerts.pem' had permission 0644, changed it to 0600
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Moved '/var/rudder/lib/ssl//nodescerts.pem_1596175826_Fri_Jul_31_06_10_28_2020.cfsaved' to repository location '/var/rudder/modified-files/_var_rudder_lib_ssl__nodescerts_pem_1596175826_Fri_Jul_31_06_10_28_2020_cfsaved'
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Updated '/var/rudder/lib/ssl//nodescerts.pem' from source '/opt/rudder/etc/ssl/rudder.crt' on 'localhost'
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@DistributePolicy@@result_repaired@@root-DP@@root-distributePolicy@@0@@Configure apache ACL@@None@@2020-07-31 06:10:27+00:00##root@#Apache ACLs have been repaired
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check logrotate configuration@@None@@2020-07-31 06:10:27+00:00##root@#The logrotate configuration is correct
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: [INFO] Executing is-active on postgresql using the systemctl method
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check postgresql process@@postgresql@@2020-07-31 06:10:27+00:00##root@#Check if the service postgresql is started was correct
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check postgresql process@@postgresql@@2020-07-31 06:10:27+00:00##root@#Ensure that service postgresql is running was correct
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: [INFO] Executing is-enabled on postgresql using the systemctl method
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check postgresql process@@postgresql@@2020-07-31 06:10:27+00:00##root@#Check if service postgresql is started at boot was correct
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check postgresql process@@postgresql@@2020-07-31 06:10:27+00:00##root@#Ensure service postgresql is started at boot was correct
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check postgresql process@@None@@2020-07-31 06:10:27+00:00##root@#postgresql service running was correct
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check postgresql boot script@@None@@2020-07-31 06:10:27+00:00##root@#postgresql service enabled was correct
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check LDAP in rudder-webapp.properties@@None@@2020-07-31 06:10:27+00:00##root@#Web interface configuration files (checked LDAP password) was correct
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check LDAP credentials@@None@@2020-07-31 06:10:27+00:00##root@#OpenLDAP configuration file (rootdn password) was correct
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check rudder-passwords.conf@@None@@2020-07-31 06:10:27+00:00##root@#Presence and permissions of Rudder password file was correct
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check pgpass file@@None@@2020-07-31 06:10:27+00:00##root@#Presence and permissions of pgsql password file was correct
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check SQL in rudder-webapp.properties@@None@@2020-07-31 06:10:27+00:00##root@#Web interface configuration files (SQL password) was correct
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check SQL credentials@@None@@2020-07-31 06:10:27+00:00##root@#PostgreSQL user account's already correct.
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: [INFO] Executing is-active on rudder-relayd using the systemctl method
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check relayd process@@rudder-relayd@@2020-07-31 06:10:27+00:00##root@#Check if the service rudder-relayd is started was correct
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check relayd process@@rudder-relayd@@2020-07-31 06:10:27+00:00##root@#Ensure that service rudder-relayd is running was correct
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: [INFO] Executing is-enabled on rudder-relayd using the systemctl method
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check relayd process@@rudder-relayd@@2020-07-31 06:10:27+00:00##root@#Check if service rudder-relayd is started at boot was correct
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check relayd process@@rudder-relayd@@2020-07-31 06:10:27+00:00##root@#Ensure service rudder-relayd is started at boot was correct
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check relayd process@@None@@2020-07-31 06:10:27+00:00##root@#relayd service running was correct
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check relayd boot script@@None@@2020-07-31 06:10:27+00:00##root@#relayd service enabled was correct
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Relayd service configuration@@/opt/rudder/etc/relayd@@2020-07-31 06:10:27+00:00##root@#Ensure permissions mode 640, owner root and group rudder on /opt/rudder/etc/relayd on type all with inf recursion level was correct
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Relayd service configuration@@/opt/rudder/etc/relayd@@2020-07-31 06:10:27+00:00##root@#Ensure permissions mode 640, owner root and group rudder on /opt/rudder/etc/relayd with ${recursion} recursion level was correct
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Moved '/opt/rudder/etc/relayd/main.conf_1596175826_Fri_Jul_31_06_10_28_2020.cf-before-edit' to repository location '/var/rudder/modified-files/_opt_rudder_etc_relayd_main_conf_1596175826_Fri_Jul_31_06_10_28_2020_cf_before_edit'
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Updated rendering of '/opt/rudder/etc/relayd/main.conf' from mustache template '/var/rudder/cfengine-community/inputs/server-roles/1.0/relayd.conf.tpl'
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Edit file '/opt/rudder/etc/relayd/main.conf'
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_repaired@@server-roles@@server-roles-directive@@0@@Relayd service configuration@@/opt/rudder/etc/relayd/main.conf@@2020-07-31 06:10:27+00:00##root@#Build file /opt/rudder/etc/relayd/main.conf from mustache type template /var/rudder/cfengine-community/inputs/server-roles/1.0/relayd.conf.tpl was repaired
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_repaired@@server-roles@@server-roles-directive@@0@@Relayd service configuration@@/opt/rudder/etc/relayd/main.conf@@2020-07-31 06:10:27+00:00##root@#Build file /opt/rudder/etc/relayd/main.conf from mustache template /var/rudder/cfengine-community/inputs/server-roles/1.0/relayd.conf.tpl was repaired
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Executing 'no timeout' ... '/bin/systemctl --no-ask-password reset-failed rudder-relayd.service'
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Completed execution of '/bin/systemctl --no-ask-password reset-failed rudder-relayd.service'
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Executing 'no timeout' ... '/bin/systemctl --no-ask-password restart rudder-relayd.service'
|
|
Jul 31 06:10:28 server systemd[1]: Stopping Rudder Relay Daemon...
|
|
Jul 31 06:10:28 server rudder-relayd[12821]: INFO relayd: Signal received: shutdown requested
|
|
Jul 31 06:10:28 server systemd[1]: Stopped Rudder Relay Daemon.
|
|
Jul 31 06:10:28 server systemd[1]: Started Rudder Relay Daemon.
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Completed execution of '/bin/systemctl --no-ask-password restart rudder-relayd.service'
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: [INFO] Executing restart on rudder-relayd using the systemctl method
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_repaired@@server-roles@@server-roles-directive@@0@@Relayd service configuration@@rudder-relayd@@2020-07-31 06:10:27+00:00##root@#Run action restart on service rudder-relayd was repaired
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_repaired@@server-roles@@server-roles-directive@@0@@Relayd service configuration@@rudder-relayd@@2020-07-31 06:10:27+00:00##root@#Restart service rudder_relayd if 'any' condition defined was repaired
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_repaired@@server-roles@@server-roles-directive@@0@@Relayd service configuration@@rudder-relayd@@2020-07-31 06:10:27+00:00##root@#Restart service rudder-relayd was repaired
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@result_repaired@@server-roles@@server-roles-directive@@0@@Relayd service configuration@@None@@2020-07-31 06:10:27+00:00##root@#rudder-relayd configration was repaired
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_repaired@@server-roles@@server-roles-directive@@0@@Relayd service configuration@@None@@2020-07-31 06:10:27+00:00##root@#rudder-relayd service has been restarted
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Moved '/opt/rudder/etc/rudder-networks-24.conf_1596175826_Fri_Jul_31_06_10_28_2020.cf-before-edit' to repository location '/var/rudder/modified-files/_opt_rudder_etc_rudder_networks_24_conf_1596175826_Fri_Jul_31_06_10_28_2020_cf_before_edit'
|
|
Jul 31 06:10:28 server cf-agent[18364]: CFEngine(agent) rudder Edit file '/opt/rudder/etc/rudder-networks-24.conf'
|
|
Jul 31 06:10:29 server cf-agent[18364]: CFEngine(agent) rudder Executing 'no timeout' ... '/bin/systemctl --no-ask-password reload httpd.service'
|
|
Jul 31 06:10:29 server systemd[1]: Reloading The Apache HTTP Server.
|
|
Jul 31 06:10:29 server rudder-relayd[18620]: INFO relayd: Starting rudder-relayd 6.1.3-rc1-git202007302336
|
|
Jul 31 06:10:29 server rudder-relayd[18620]: INFO relayd: Read configuration from "/opt/rudder/etc/relayd/"
|
|
Jul 31 06:10:29 server dbus-daemon[892]: [system] Activating service name='org.fedoraproject.Setroubleshootd' requested by ':1.135' (uid=0 pid=855 comm="/usr/sbin/sedispatch " label="system_u:system_r:auditd_t:s0") (using servicehelper)
|
|
Jul 31 06:10:29 server systemd[1]: Reloaded The Apache HTTP Server.
|
|
Jul 31 06:10:29 server cf-agent[18364]: CFEngine(agent) rudder Completed execution of '/bin/systemctl --no-ask-password reload httpd.service'
|
|
Jul 31 06:10:29 server cf-agent[18364]: CFEngine(agent) rudder R: [INFO] Executing reload on httpd using the systemctl method
|
|
Jul 31 06:10:29 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_repaired@@server-roles@@server-roles-directive@@0@@Configure apache ACL & networks@@httpd@@2020-07-31 06:10:27+00:00##root@#Run action reload on service httpd was repaired
|
|
Jul 31 06:10:29 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_repaired@@server-roles@@server-roles-directive@@0@@Configure apache ACL & networks@@httpd@@2020-07-31 06:10:27+00:00##root@#Reload service httpd was repaired
|
|
Jul 31 06:10:29 server httpd[16266]: Server configured, listening on: port 443, port 80
|
|
Jul 31 06:10:29 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@result_repaired@@server-roles@@server-roles-directive@@0@@Check allowed networks configuration@@None@@2020-07-31 06:10:27+00:00##root@#Allowed networks configuration has been repaired
|
|
Jul 31 06:10:29 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_repaired@@server-roles@@server-roles-directive@@0@@Check allowed networks configuration@@None@@2020-07-31 06:10:27+00:00##root@#Apache has been reloaded successfully
|
|
Jul 31 06:10:29 server cf-agent[18364]: CFEngine(agent) rudder R: @@DistributePolicy@@log_repaired@@root-DP@@root-distributePolicy@@0@@Configure apache ACL@@None@@2020-07-31 06:10:27+00:00##root@#Apache has been reloaded successfully
|
|
Jul 31 06:10:29 server cf-agent[18364]: CFEngine(agent) rudder Executing 'no timeout' ... '/usr/bin/htpasswd -b /opt/rudder/etc/htpasswd-webdav rudder a96ded5196820383ba72'
|
|
Jul 31 06:10:29 server cf-agent[18364]: CFEngine(agent) rudder Q: "...n/htpasswd -b /": Updating password for user rudder
|
|
Jul 31 06:10:29 server cf-agent[18364]: CFEngine(agent) rudder Last 1 quoted lines were generated by promiser '/usr/bin/htpasswd -b /opt/rudder/etc/htpasswd-webdav rudder a96ded5196820383ba72'
|
|
Jul 31 06:10:29 server cf-agent[18364]: CFEngine(agent) rudder Completed execution of '/usr/bin/htpasswd -b /opt/rudder/etc/htpasswd-webdav rudder a96ded5196820383ba72'
|
|
Jul 31 06:10:29 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check WebDAV properties@@None@@2020-07-31 06:10:27+00:00##root@#Rudder WebDAV properties was correct
|
|
Jul 31 06:10:29 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@result_repaired@@server-roles@@server-roles-directive@@0@@Check WebDAV credentials@@None@@2020-07-31 06:10:27+00:00##root@#Apache WebDAV user and password was repaired
|
|
Jul 31 06:10:29 server cf-agent[18364]: CFEngine(agent) rudder R: [INFO] Executing is-active on httpd using the systemctl method
|
|
Jul 31 06:10:29 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check apache process@@httpd@@2020-07-31 06:10:27+00:00##root@#Check if the service httpd is started was correct
|
|
Jul 31 06:10:29 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check apache process@@httpd@@2020-07-31 06:10:27+00:00##root@#Ensure that service httpd is running was correct
|
|
Jul 31 06:10:29 server cf-agent[18364]: CFEngine(agent) rudder R: [INFO] Executing is-enabled on httpd using the systemctl method
|
|
Jul 31 06:10:29 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check apache process@@httpd@@2020-07-31 06:10:27+00:00##root@#Check if service httpd is started at boot was correct
|
|
Jul 31 06:10:29 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check apache process@@httpd@@2020-07-31 06:10:27+00:00##root@#Ensure service httpd is started at boot was correct
|
|
Jul 31 06:10:29 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check apache process@@None@@2020-07-31 06:10:27+00:00##root@#apache service running was correct
|
|
Jul 31 06:10:29 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check apache boot script@@None@@2020-07-31 06:10:27+00:00##root@#apache service enabled was correct
|
|
Jul 31 06:10:29 server rudder-relayd[18620]: INFO relayd::data::node: Parsing nodes list from "/var/rudder/lib/relay/nodeslist.json"
|
|
Jul 31 06:10:29 server rudder-relayd[18620]: INFO relayd::api: Starting API on 127.0.0.1:3030
|
|
Jul 31 06:10:29 server rudder-relayd[18620]: INFO relayd::input::watch: Starting file watcher on "/var/rudder/reports/incoming"
|
|
Jul 31 06:10:29 server rudder-relayd[18620]: INFO relayd: Skipping inventory as it is disabled
|
|
Jul 31 06:10:29 server rudder-relayd[18620]: INFO relayd: Server started
|
|
Jul 31 06:10:29 server cf-agent[18364]: CFEngine(agent) rudder R: [INFO] Executing is-active on rudder-jetty using the systemctl method
|
|
Jul 31 06:10:29 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check jetty process@@rudder-jetty@@2020-07-31 06:10:27+00:00##root@#Check if the service rudder-jetty is started was correct
|
|
Jul 31 06:10:29 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check jetty process@@rudder-jetty@@2020-07-31 06:10:27+00:00##root@#Ensure that service rudder-jetty is running was correct
|
|
Jul 31 06:10:29 server cf-agent[18364]: CFEngine(agent) rudder R: [INFO] Executing is-enabled on rudder-jetty using the systemctl method
|
|
Jul 31 06:10:29 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check jetty process@@rudder-jetty@@2020-07-31 06:10:27+00:00##root@#Check if service rudder-jetty is started at boot was correct
|
|
Jul 31 06:10:29 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check jetty process@@rudder-jetty@@2020-07-31 06:10:27+00:00##root@#Ensure service rudder-jetty is started at boot was correct
|
|
Jul 31 06:10:30 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check jetty process@@None@@2020-07-31 06:10:27+00:00##root@#jetty service running was correct
|
|
Jul 31 06:10:30 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check jetty boot script@@None@@2020-07-31 06:10:27+00:00##root@#jetty service enabled was correct
|
|
Jul 31 06:10:30 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check jetty process@@/var/rudder/cfengine-community/ppkeys/root-MD5=ae7892a0221ce7038ee569ac3102070b.pub@@2020-07-31 06:10:27+00:00##root@#Symlink /var/rudder/cfengine-community/ppkeys/root-MD5=ae7892a0221ce7038ee569ac3102070b.pub targeting /var/rudder/cfengine-community/ppkeys/localhost.pub was correct
|
|
Jul 31 06:10:30 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check jetty process@@/var/rudder/cfengine-community/ppkeys/root-MD5=ae7892a0221ce7038ee569ac3102070b.pub@@2020-07-31 06:10:27+00:00##root@#Symlink /var/rudder/cfengine-community/ppkeys/root-MD5=ae7892a0221ce7038ee569ac3102070b.pub targeting /var/rudder/cfengine-community/ppkeys/localhost.pub was correct
|
|
Jul 31 06:10:30 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check jetty process@@/var/rudder/cfengine-community/ppkeys/root-MD5=ae7892a0221ce7038ee569ac3102070b.pub@@2020-07-31 06:10:27+00:00##root@#Symlink /var/rudder/cfengine-community/ppkeys/root-MD5=ae7892a0221ce7038ee569ac3102070b.pub targeting /var/rudder/cfengine-community/ppkeys/localhost.pub (without overwrite) was correct
|
|
Jul 31 06:10:30 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check configuration-repository folder@@None@@2020-07-31 06:10:27+00:00##root@#The /var/rudder/configuration-repository directory is present
|
|
Jul 31 06:10:30 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check configuration-repository GIT lock@@None@@2020-07-31 06:10:27+00:00##root@#The /var/rudder/configuration-repository git lock file is not present or not older than 5 minutes
|
|
Jul 31 06:10:30 server cf-agent[18364]: CFEngine(agent) rudder Executing 'no timeout' ... '/usr/bin/curl --proxy '' --max-time 240 -s http://localhost:8080/rudder/api/status |/bin/grep -q OK'
|
|
Jul 31 06:10:30 server cf-agent[18364]: CFEngine(agent) rudder Automatically promoting context scope for 'site_ok' to namespace visibility, due to persistence
|
|
Jul 31 06:10:30 server cf-agent[18364]: CFEngine(agent) rudder Completed execution of '/usr/bin/curl --proxy '' --max-time 240 -s http://localhost:8080/rudder/api/status |/bin/grep -q OK'
|
|
Jul 31 06:10:30 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check rudder status@@None@@2020-07-31 06:10:27+00:00##root@#The http://localhost:8080/rudder/api/status web interface is running
|
|
Jul 31 06:10:30 server cf-agent[18364]: CFEngine(agent) rudder R: [INFO] Executing is-active on rudder-slapd using the systemctl method
|
|
Jul 31 06:10:30 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check slapd process@@rudder-slapd@@2020-07-31 06:10:27+00:00##root@#Check if the service rudder-slapd is started was correct
|
|
Jul 31 06:10:30 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check slapd process@@rudder-slapd@@2020-07-31 06:10:27+00:00##root@#Ensure that service rudder-slapd is running was correct
|
|
Jul 31 06:10:30 server cf-agent[18364]: CFEngine(agent) rudder R: [INFO] Executing is-enabled on rudder-slapd using the systemctl method
|
|
Jul 31 06:10:30 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check slapd process@@rudder-slapd@@2020-07-31 06:10:27+00:00##root@#Check if service rudder-slapd is started at boot was correct
|
|
Jul 31 06:10:30 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check slapd process@@rudder-slapd@@2020-07-31 06:10:27+00:00##root@#Ensure service rudder-slapd is started at boot was correct
|
|
Jul 31 06:10:30 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check slapd process@@None@@2020-07-31 06:10:27+00:00##root@#slapd service running was correct
|
|
Jul 31 06:10:30 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check slapd boot script@@None@@2020-07-31 06:10:27+00:00##root@#slapd service enabled was correct
|
|
Jul 31 06:10:30 server cf-agent[18364]: CFEngine(agent) rudder R: @@server-roles@@result_na@@server-roles@@server-roles-directive@@0@@Send metrics to rudder-project@@None@@2020-07-31 06:10:27+00:00##root@#Sending metrics to rudder-project.org is not enabled. Skipping.
|
|
Jul 31 06:10:30 server cf-agent[18364]: CFEngine(agent) rudder R: @@inventory@@log_info@@inventory-all@@inventory-all@@0@@Compute inventory splay@@rudder_run_inventory@@2020-07-31 06:10:27+00:00##root@#Scheduling rudder_run_inventory was correct
|
|
Jul 31 06:10:30 server cf-agent[18364]: CFEngine(agent) rudder R: @@Inventory@@log_info@@inventory-all@@inventory-all@@0@@inventory@@None@@2020-07-31 06:10:27+00:00##root@#An inventory was already sent less than 8 hours ago
|
|
Jul 31 06:10:30 server cf-agent[18364]: CFEngine(agent) rudder R: @@Inventory@@result_success@@inventory-all@@inventory-all@@0@@inventory@@None@@2020-07-31 06:10:27+00:00##root@#Next inventory scheduled between 00:00 and 06:00
|
|
Jul 31 06:10:30 server cf-agent[18364]: CFEngine(agent) rudder R: @@Common@@result_na@@hasPolicyServer-root@@common-root@@0@@Monitoring@@None@@2020-07-31 06:10:27+00:00##root@#No Rudder monitoring information to share with the server
|
|
Jul 31 06:10:30 server cf-agent[18364]: CFEngine(agent) rudder R: @@Common@@control@@rudder@@run@@0@@end@@20200731-060609-23bf77bc@@2020-07-31 06:10:27+00:00##root@#End execution
|
|
Jul 31 06:10:30 server dbus-daemon[892]: [system] Successfully activated service 'org.fedoraproject.Setroubleshootd'
|
|
Jul 31 06:10:31 server setroubleshoot[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:10:31 server setroubleshoot[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:10:31 server platform-python[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:10:31 server platform-python[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:10:31 server setroubleshoot[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:10:31 server platform-python[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:10:31 server setroubleshoot[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:10:31 server platform-python[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:10:31 server setroubleshoot[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:10:31 server platform-python[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:10:31 server setroubleshoot[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:10:31 server platform-python[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:10:31 server setroubleshoot[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:10:31 server platform-python[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:10:31 server setroubleshoot[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:10:31 server platform-python[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:10:31 server setroubleshoot[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:10:31 server platform-python[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:10:32 server setroubleshoot[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:10:32 server platform-python[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:10:32 server setroubleshoot[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:10:32 server platform-python[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:10:32 server setroubleshoot[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:10:32 server platform-python[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:10:32 server setroubleshoot[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:10:32 server platform-python[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:10:32 server setroubleshoot[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:10:32 server platform-python[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:10:32 server setroubleshoot[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:10:32 server platform-python[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:10:32 server setroubleshoot[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:10:32 server platform-python[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:10:32 server setroubleshoot[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:10:32 server platform-python[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:10:32 server setroubleshoot[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:10:32 server platform-python[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:10:34 server setroubleshoot[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:10:34 server platform-python[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:10:39 server rudder-relayd[18620]: INFO relayd::relay-api: 127.0.0.1:48708 "POST /rudder/relay-api/1/remote-run/nodes/root HTTP/1.1" 200 "-" "rudder/remote run query for node root" 9.475805ms
|
|
Jul 31 06:10:39 server sudo[19030]: rudder-relayd : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/opt/rudder/bin/rudder remote run server.rudder.local
|
|
Jul 31 06:10:39 server systemd[1]: Created slice User Slice of UID 0.
|
|
Jul 31 06:10:39 server systemd[1]: Started /run/user/0 mount wrapper.
|
|
Jul 31 06:10:39 server systemd[1]: Starting User Manager for UID 0...
|
|
Jul 31 06:10:39 server systemd[1]: Started Session c1 of user root.
|
|
Jul 31 06:10:40 server setroubleshoot[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:10:40 server systemd[19100]: pam_unix(systemd-user:session): session opened for user root by (uid=0)
|
|
Jul 31 06:10:40 server platform-python[18641]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:10:40 server systemd[19100]: Reached target Paths.
|
|
Jul 31 06:10:40 server systemd[19100]: Reached target Timers.
|
|
Jul 31 06:10:40 server systemd[19100]: Starting D-Bus User Message Bus Socket.
|
|
Jul 31 06:10:40 server systemd[19100]: Listening on D-Bus User Message Bus Socket.
|
|
Jul 31 06:10:40 server systemd[19100]: Reached target Sockets.
|
|
Jul 31 06:10:40 server systemd[19100]: Reached target Basic System.
|
|
Jul 31 06:10:40 server systemd[19100]: Reached target Default.
|
|
Jul 31 06:10:40 server systemd[19100]: Startup finished in 101ms.
|
|
Jul 31 06:10:40 server systemd[1]: Started User Manager for UID 0.
|
|
Jul 31 06:10:40 server sudo[19030]: pam_unix(sudo:session): session opened for user root by (uid=0)
|
|
Jul 31 06:10:41 server cf-runagent[19203]: CFEngine(runagent) rudder ........................................................................
|
|
Jul 31 06:10:41 server cf-runagent[19203]: CFEngine(runagent) rudder Hailing server.rudder.local : 5309
|
|
Jul 31 06:10:41 server cf-runagent[19203]: CFEngine(runagent) rudder ........................................................................
|
|
Jul 31 06:10:41 server cf-serverd[15229]: rudder info: 192.168.24.2> Accepting connection
|
|
Jul 31 06:10:41 server cf-serverd[15229]: CFEngine(server) rudder 192.168.24.2> Accepting connection
|
|
Jul 31 06:10:41 server cf-serverd[15229]: rudder info: 192.168.24.2> cf-serverd executing cfruncommand: /opt/rudder/bin/rudder agent run -uR -D info
|
|
Jul 31 06:10:41 server cf-serverd[15229]: CFEngine(server) rudder 192.168.24.2> cf-serverd executing cfruncommand: /opt/rudder/bin/rudder agent run -uR -D info
|
|
Jul 31 06:10:44 server cf-agent[19411]: CFEngine(agent) rudder R: @@Common@@control@@rudder@@run@@0@@start@@20200731-060609-23bf77bc@@2020-07-31 06:10:43+00:00##root@#Start execution
|
|
Jul 31 06:10:44 server cf-agent[19411]: CFEngine(agent) rudder Automatically promoting context scope for 'heartbeat_sent' to namespace visibility, due to persistence
|
|
Jul 31 06:10:44 server cf-agent[19411]: CFEngine(agent) rudder R: [INFO] Starting CFEngine 3.15.1 on host server.rudder.local (centos_8 x86_64)
|
|
Jul 31 06:10:44 server cf-agent[19411]: CFEngine(agent) rudder R: @@Common@@result_success@@hasPolicyServer-root@@common-root@@0@@ncf Initialization@@None@@2020-07-31 06:10:43+00:00##root@#Configuration library initialization was correct
|
|
Jul 31 06:10:44 server cf-agent[19411]: CFEngine(agent) rudder R: @@Common@@log_repaired@@hasPolicyServer-root@@common-root@@0@@Update@@None@@2020-07-31 06:10:43+00:00##root@#Common configuration library updated
|
|
Jul 31 06:10:44 server cf-agent[19411]: CFEngine(agent) rudder R: @@Common@@log_repaired@@hasPolicyServer-root@@common-root@@0@@Update@@None@@2020-07-31 06:10:43+00:00##root@#Local configuration library updated
|
|
Jul 31 06:10:44 server cf-agent[19411]: CFEngine(agent) rudder R: @@Common@@result_repaired@@hasPolicyServer-root@@common-root@@0@@Update@@None@@2020-07-31 06:10:43+00:00##root@#Policy or configuration library were updated
|
|
Jul 31 06:10:44 server cf-agent[19411]: CFEngine(agent) rudder R: @@Common@@result_success@@hasPolicyServer-root@@common-root@@0@@Security parameters@@None@@2020-07-31 06:10:43+00:00##root@#The internal environment security is acceptable
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@Common@@result_success@@hasPolicyServer-root@@common-root@@0@@CRON Daemon@@None@@2020-07-31 06:10:43+00:00##root@#Cron daemon status was correct
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder Executing 'no timeout' ... '/usr/bin/curl --tlsv1.2 --location --insecure --fail --silent --proxy '' --user rudder:a96ded5196820383ba72 --upload-file /var/rudder/reports/ready/2020-07-31T06:06:21+00:00@root.log.gz https://127.0.0.1/reports/'
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder Q: "...r/bin/curl --tl": <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
|
|
Q: "...r/bin/curl --tl": <html><head>
|
|
Q: "...r/bin/curl --tl": <title>201 Created</title>
|
|
Q: "...r/bin/curl --tl": </head><body>
|
|
Q: "...r/bin/curl --tl": <h1>Created</h1>
|
|
Q: "...r/bin/curl --tl": <p>Resource /reports/2020-07-31T06%3A06%3A21%2B00%3A00%40root.log.gz has been created.</p>
|
|
Q: "...r/bin/curl --tl": </body></html>
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder Last 7 quoted lines were generated by promiser '/usr/bin/curl --tlsv1.2 --location --insecure --fail --silent --proxy '' --user rudder:a96ded5196820383ba72 --upload-file /var/rudder/reports/ready/2020-07-31T06:06:21+00:00@root.log.gz https://127.0.0.1/reports/'
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder Completed execution of '/usr/bin/curl --tlsv1.2 --location --insecure --fail --silent --proxy '' --user rudder:a96ded5196820383ba72 --upload-file /var/rudder/reports/ready/2020-07-31T06:06:21+00:00@root.log.gz https://127.0.0.1/reports/'
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder Deleted file '/var/rudder/reports/ready/2020-07-31T06:06:21+00:00@root.log.gz'
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@Common@@result_repaired@@hasPolicyServer-root@@common-root@@0@@Log system for reports@@None@@2020-07-31 06:10:43+00:00##root@#Reports forwarding to policy server was repaired
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@Common@@log_info@@hasPolicyServer-root@@common-root@@0@@None@@/var/rudder/tmp/rudder_monitoring.csv@@2020-07-31 06:10:43+00:00##root@#Remove file /var/rudder/tmp/rudder_monitoring.csv was correct
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@DistributePolicy@@result_na@@root-DP@@root-distributePolicy@@0@@Synchronize resources@@None@@2020-07-31 06:10:43+00:00##root@#Nothing needs to be updated
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@DistributePolicy@@result_na@@root-DP@@root-distributePolicy@@0@@Synchronize policies@@None@@2020-07-31 06:10:43+00:00##root@#Rudder server does not need to synchronize its policies
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@DistributePolicy@@result_na@@root-DP@@root-distributePolicy@@0@@Synchronize files@@None@@2020-07-31 06:10:43+00:00##root@#Rudder server does not need to synchronize its shared files
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@DistributePolicy@@result_success@@root-DP@@root-distributePolicy@@0@@Send inventories to Rudder server@@None@@2020-07-31 06:10:43+00:00##root@#No inventory to send
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@DistributePolicy@@result_success@@root-DP@@root-distributePolicy@@0@@Configure apache ACL@@None@@2020-07-31 06:10:43+00:00##root@#Apache ACLs are correct
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check logrotate configuration@@None@@2020-07-31 06:10:43+00:00##root@#The logrotate configuration is correct
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: [INFO] Executing is-active on postgresql using the systemctl method
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check postgresql process@@postgresql@@2020-07-31 06:10:43+00:00##root@#Check if the service postgresql is started was correct
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check postgresql process@@postgresql@@2020-07-31 06:10:43+00:00##root@#Ensure that service postgresql is running was correct
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: [INFO] Executing is-enabled on postgresql using the systemctl method
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check postgresql process@@postgresql@@2020-07-31 06:10:43+00:00##root@#Check if service postgresql is started at boot was correct
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check postgresql process@@postgresql@@2020-07-31 06:10:43+00:00##root@#Ensure service postgresql is started at boot was correct
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check postgresql process@@None@@2020-07-31 06:10:43+00:00##root@#postgresql service running was correct
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check postgresql boot script@@None@@2020-07-31 06:10:43+00:00##root@#postgresql service enabled was correct
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check LDAP in rudder-webapp.properties@@None@@2020-07-31 06:10:43+00:00##root@#Web interface configuration files (checked LDAP password) was correct
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check LDAP credentials@@None@@2020-07-31 06:10:43+00:00##root@#OpenLDAP configuration file (rootdn password) was correct
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check rudder-passwords.conf@@None@@2020-07-31 06:10:43+00:00##root@#Presence and permissions of Rudder password file was correct
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check pgpass file@@None@@2020-07-31 06:10:43+00:00##root@#Presence and permissions of pgsql password file was correct
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check SQL in rudder-webapp.properties@@None@@2020-07-31 06:10:43+00:00##root@#Web interface configuration files (SQL password) was correct
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check SQL credentials@@None@@2020-07-31 06:10:43+00:00##root@#PostgreSQL user account's already correct.
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: [INFO] Executing is-active on rudder-relayd using the systemctl method
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check relayd process@@rudder-relayd@@2020-07-31 06:10:43+00:00##root@#Check if the service rudder-relayd is started was correct
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check relayd process@@rudder-relayd@@2020-07-31 06:10:43+00:00##root@#Ensure that service rudder-relayd is running was correct
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: [INFO] Executing is-enabled on rudder-relayd using the systemctl method
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check relayd process@@rudder-relayd@@2020-07-31 06:10:43+00:00##root@#Check if service rudder-relayd is started at boot was correct
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check relayd process@@rudder-relayd@@2020-07-31 06:10:43+00:00##root@#Ensure service rudder-relayd is started at boot was correct
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check relayd process@@None@@2020-07-31 06:10:43+00:00##root@#relayd service running was correct
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check relayd boot script@@None@@2020-07-31 06:10:43+00:00##root@#relayd service enabled was correct
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Relayd service configuration@@/opt/rudder/etc/relayd@@2020-07-31 06:10:43+00:00##root@#Ensure permissions mode 640, owner root and group rudder on /opt/rudder/etc/relayd on type all with inf recursion level was correct
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Relayd service configuration@@/opt/rudder/etc/relayd@@2020-07-31 06:10:43+00:00##root@#Ensure permissions mode 640, owner root and group rudder on /opt/rudder/etc/relayd with ${recursion} recursion level was correct
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Relayd service configuration@@/opt/rudder/etc/relayd/main.conf@@2020-07-31 06:10:43+00:00##root@#Build file /opt/rudder/etc/relayd/main.conf from mustache type template /var/rudder/cfengine-community/inputs/server-roles/1.0/relayd.conf.tpl was correct
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Relayd service configuration@@/opt/rudder/etc/relayd/main.conf@@2020-07-31 06:10:43+00:00##root@#Build file /opt/rudder/etc/relayd/main.conf from mustache template /var/rudder/cfengine-community/inputs/server-roles/1.0/relayd.conf.tpl was correct
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Relayd service configuration@@None@@2020-07-31 06:10:43+00:00##root@#rudder-relayd configration was correct
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check allowed networks configuration@@None@@2020-07-31 06:10:43+00:00##root@#Allowed networks configuration is correct
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check WebDAV properties@@None@@2020-07-31 06:10:43+00:00##root@#Rudder WebDAV properties was correct
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check WebDAV credentials@@None@@2020-07-31 06:10:43+00:00##root@#Apache WebDAV user and password are OK
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: [INFO] Executing is-active on httpd using the systemctl method
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check apache process@@httpd@@2020-07-31 06:10:43+00:00##root@#Check if the service httpd is started was correct
|
|
Jul 31 06:10:45 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check apache process@@httpd@@2020-07-31 06:10:43+00:00##root@#Ensure that service httpd is running was correct
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: [INFO] Executing is-enabled on httpd using the systemctl method
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check apache process@@httpd@@2020-07-31 06:10:43+00:00##root@#Check if service httpd is started at boot was correct
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check apache process@@httpd@@2020-07-31 06:10:43+00:00##root@#Ensure service httpd is started at boot was correct
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check apache process@@None@@2020-07-31 06:10:43+00:00##root@#apache service running was correct
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check apache boot script@@None@@2020-07-31 06:10:43+00:00##root@#apache service enabled was correct
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: [INFO] Executing is-active on rudder-jetty using the systemctl method
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check jetty process@@rudder-jetty@@2020-07-31 06:10:43+00:00##root@#Check if the service rudder-jetty is started was correct
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check jetty process@@rudder-jetty@@2020-07-31 06:10:43+00:00##root@#Ensure that service rudder-jetty is running was correct
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: [INFO] Executing is-enabled on rudder-jetty using the systemctl method
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check jetty process@@rudder-jetty@@2020-07-31 06:10:43+00:00##root@#Check if service rudder-jetty is started at boot was correct
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check jetty process@@rudder-jetty@@2020-07-31 06:10:43+00:00##root@#Ensure service rudder-jetty is started at boot was correct
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check jetty process@@None@@2020-07-31 06:10:43+00:00##root@#jetty service running was correct
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check jetty boot script@@None@@2020-07-31 06:10:43+00:00##root@#jetty service enabled was correct
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check jetty process@@/var/rudder/cfengine-community/ppkeys/root-MD5=ae7892a0221ce7038ee569ac3102070b.pub@@2020-07-31 06:10:43+00:00##root@#Symlink /var/rudder/cfengine-community/ppkeys/root-MD5=ae7892a0221ce7038ee569ac3102070b.pub targeting /var/rudder/cfengine-community/ppkeys/localhost.pub was correct
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check jetty process@@/var/rudder/cfengine-community/ppkeys/root-MD5=ae7892a0221ce7038ee569ac3102070b.pub@@2020-07-31 06:10:43+00:00##root@#Symlink /var/rudder/cfengine-community/ppkeys/root-MD5=ae7892a0221ce7038ee569ac3102070b.pub targeting /var/rudder/cfengine-community/ppkeys/localhost.pub was correct
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check jetty process@@/var/rudder/cfengine-community/ppkeys/root-MD5=ae7892a0221ce7038ee569ac3102070b.pub@@2020-07-31 06:10:43+00:00##root@#Symlink /var/rudder/cfengine-community/ppkeys/root-MD5=ae7892a0221ce7038ee569ac3102070b.pub targeting /var/rudder/cfengine-community/ppkeys/localhost.pub (without overwrite) was correct
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check configuration-repository folder@@None@@2020-07-31 06:10:43+00:00##root@#The /var/rudder/configuration-repository directory is present
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check configuration-repository GIT lock@@None@@2020-07-31 06:10:43+00:00##root@#The /var/rudder/configuration-repository git lock file is not present or not older than 5 minutes
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder Executing 'no timeout' ... '/usr/bin/curl --proxy '' --max-time 240 -s http://localhost:8080/rudder/api/status |/bin/grep -q OK'
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder Automatically promoting context scope for 'site_ok' to namespace visibility, due to persistence
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder Completed execution of '/usr/bin/curl --proxy '' --max-time 240 -s http://localhost:8080/rudder/api/status |/bin/grep -q OK'
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check rudder status@@None@@2020-07-31 06:10:43+00:00##root@#The http://localhost:8080/rudder/api/status web interface is running
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: [INFO] Executing is-active on rudder-slapd using the systemctl method
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check slapd process@@rudder-slapd@@2020-07-31 06:10:43+00:00##root@#Check if the service rudder-slapd is started was correct
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check slapd process@@rudder-slapd@@2020-07-31 06:10:43+00:00##root@#Ensure that service rudder-slapd is running was correct
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: [INFO] Executing is-enabled on rudder-slapd using the systemctl method
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check slapd process@@rudder-slapd@@2020-07-31 06:10:43+00:00##root@#Check if service rudder-slapd is started at boot was correct
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check slapd process@@rudder-slapd@@2020-07-31 06:10:43+00:00##root@#Ensure service rudder-slapd is started at boot was correct
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check slapd process@@None@@2020-07-31 06:10:43+00:00##root@#slapd service running was correct
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check slapd boot script@@None@@2020-07-31 06:10:43+00:00##root@#slapd service enabled was correct
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: @@server-roles@@result_na@@server-roles@@server-roles-directive@@0@@Send metrics to rudder-project@@None@@2020-07-31 06:10:43+00:00##root@#Sending metrics to rudder-project.org is not enabled. Skipping.
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: @@inventory@@log_info@@inventory-all@@inventory-all@@0@@Compute inventory splay@@rudder_run_inventory@@2020-07-31 06:10:43+00:00##root@#Scheduling rudder_run_inventory was correct
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: @@Inventory@@log_info@@inventory-all@@inventory-all@@0@@inventory@@None@@2020-07-31 06:10:43+00:00##root@#An inventory was already sent less than 8 hours ago
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: @@Inventory@@result_success@@inventory-all@@inventory-all@@0@@inventory@@None@@2020-07-31 06:10:43+00:00##root@#Next inventory scheduled between 00:00 and 06:00
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: @@Common@@result_na@@hasPolicyServer-root@@common-root@@0@@Monitoring@@None@@2020-07-31 06:10:43+00:00##root@#No Rudder monitoring information to share with the server
|
|
Jul 31 06:10:46 server cf-agent[19411]: CFEngine(agent) rudder R: @@Common@@control@@rudder@@run@@0@@end@@20200731-060609-23bf77bc@@2020-07-31 06:10:43+00:00##root@#End execution
|
|
Jul 31 06:10:46 server cf-serverd[15229]: rudder info: 192.168.24.2> Closing connection, terminating thread
|
|
Jul 31 06:10:46 server cf-serverd[15229]: CFEngine(server) rudder 192.168.24.2> Closing connection, terminating thread
|
|
Jul 31 06:10:46 server sudo[19030]: pam_unix(sudo:session): session closed for user root
|
|
Jul 31 06:10:46 server systemd[1]: user-runtime-dir@0.service: Unit not needed anymore. Stopping.
|
|
Jul 31 06:10:46 server systemd[1]: Stopping User Manager for UID 0...
|
|
Jul 31 06:10:46 server systemd[19100]: Stopped target Default.
|
|
Jul 31 06:10:46 server systemd[19100]: Stopped target Basic System.
|
|
Jul 31 06:10:46 server systemd[19100]: Stopped target Paths.
|
|
Jul 31 06:10:46 server systemd[19100]: Stopped target Timers.
|
|
Jul 31 06:10:46 server systemd[19100]: Stopped target Sockets.
|
|
Jul 31 06:10:46 server systemd[19100]: Closed D-Bus User Message Bus Socket.
|
|
Jul 31 06:10:46 server systemd[19100]: Reached target Shutdown.
|
|
Jul 31 06:10:46 server systemd[19100]: Starting Exit the Session...
|
|
Jul 31 06:10:46 server systemd[1]: user@0.service: Killing process 19846 (systemctl) with signal SIGKILL.
|
|
Jul 31 06:10:46 server systemd[1]: user-runtime-dir@0.service: Unit not needed anymore. Stopping.
|
|
Jul 31 06:10:46 server systemd[1]: Stopped User Manager for UID 0.
|
|
Jul 31 06:10:46 server systemd[1]: user-runtime-dir@0.service: Unit not needed anymore. Stopping.
|
|
Jul 31 06:10:46 server systemd[1]: Removed slice User Slice of UID 0.
|
|
Jul 31 06:10:46 server systemd[1]: Stopping /run/user/0 mount wrapper...
|
|
Jul 31 06:10:46 server systemd[1]: Stopped /run/user/0 mount wrapper.
|
|
Jul 31 06:10:53 server sshd[19856]: Accepted publickey for vagrant from 10.0.2.2 port 35942 ssh2: RSA SHA256:R5O0kSWh5xwsIYVHiUOhuYmoyjAB8B1ocqHJBtWu7IA
|
|
Jul 31 06:10:53 server systemd[1]: Started /run/user/1000 mount wrapper.
|
|
Jul 31 06:10:53 server systemd[1]: Created slice User Slice of UID 1000.
|
|
Jul 31 06:10:53 server systemd[1]: Starting User Manager for UID 1000...
|
|
Jul 31 06:10:53 server systemd[1]: Started Session 6 of user vagrant.
|
|
Jul 31 06:10:53 server systemd-logind[943]: New session 6 of user vagrant.
|
|
Jul 31 06:10:53 server systemd[19860]: pam_unix(systemd-user:session): session opened for user vagrant by (uid=0)
|
|
Jul 31 06:10:53 server systemd[19860]: Started Mark boot as successful after the user session has run 2 minutes.
|
|
Jul 31 06:10:53 server systemd[19860]: Reached target Paths.
|
|
Jul 31 06:10:53 server systemd[19860]: Reached target Timers.
|
|
Jul 31 06:10:53 server systemd[19860]: Starting D-Bus User Message Bus Socket.
|
|
Jul 31 06:10:53 server systemd[19860]: Listening on D-Bus User Message Bus Socket.
|
|
Jul 31 06:10:53 server systemd[19860]: Reached target Sockets.
|
|
Jul 31 06:10:53 server systemd[19860]: Reached target Basic System.
|
|
Jul 31 06:10:53 server systemd[19860]: Reached target Default.
|
|
Jul 31 06:10:53 server systemd[19860]: Startup finished in 49ms.
|
|
Jul 31 06:10:53 server systemd[1]: Started User Manager for UID 1000.
|
|
Jul 31 06:10:53 server sshd[19856]: pam_unix(sshd:session): session opened for user vagrant by (uid=0)
|
|
Jul 31 06:10:55 server sudo[19898]: vagrant : TTY=pts/0 ; PWD=/home/vagrant ; USER=root ; COMMAND=/bin/su
|
|
Jul 31 06:10:55 server sudo[19898]: pam_systemd(sudo:session): Cannot create session: Already running in a session or user slice
|
|
Jul 31 06:10:55 server sudo[19898]: pam_unix(sudo:session): session opened for user root by vagrant(uid=0)
|
|
Jul 31 06:10:55 server su[19900]: (to root) vagrant on pts/0
|
|
Jul 31 06:10:55 server su[19900]: pam_systemd(su:session): Cannot create session: Already running in a session or user slice
|
|
Jul 31 06:10:55 server su[19900]: pam_unix(su:session): session opened for user root by vagrant(uid=0)
|
|
Jul 31 06:11:01 server crond[950]: (*system*) RELOAD (/etc/cron.d/rudder-agent)
|
|
Jul 31 06:11:10 server su[19951]: (to postgres) root on none
|
|
Jul 31 06:11:10 server systemd[1]: Started /run/user/26 mount wrapper.
|
|
Jul 31 06:11:10 server systemd[1]: Created slice User Slice of UID 26.
|
|
Jul 31 06:11:10 server systemd[1]: Starting User Manager for UID 26...
|
|
Jul 31 06:11:10 server systemd[1]: Started Session c2 of user postgres.
|
|
Jul 31 06:11:10 server systemd[19953]: pam_unix(systemd-user:session): session opened for user postgres by (uid=0)
|
|
Jul 31 06:11:10 server systemd[19953]: Reached target Paths.
|
|
Jul 31 06:11:10 server systemd[19953]: Starting D-Bus User Message Bus Socket.
|
|
Jul 31 06:11:10 server systemd[19953]: Reached target Timers.
|
|
Jul 31 06:11:10 server systemd[19953]: Listening on D-Bus User Message Bus Socket.
|
|
Jul 31 06:11:10 server systemd[19953]: Reached target Sockets.
|
|
Jul 31 06:11:10 server systemd[19953]: Reached target Basic System.
|
|
Jul 31 06:11:10 server systemd[19953]: Reached target Default.
|
|
Jul 31 06:11:10 server systemd[19953]: Startup finished in 30ms.
|
|
Jul 31 06:11:10 server systemd[1]: Started User Manager for UID 26.
|
|
Jul 31 06:11:10 server su[19951]: pam_unix(su-l:session): session opened for user postgres by (uid=0)
|
|
Jul 31 06:11:10 server su[19951]: pam_unix(su-l:session): session closed for user postgres
|
|
Jul 31 06:11:10 server systemd[1]: user-runtime-dir@26.service: Unit not needed anymore. Stopping.
|
|
Jul 31 06:11:10 server systemd[1]: Stopping User Manager for UID 26...
|
|
Jul 31 06:11:10 server systemd[19953]: Stopped target Default.
|
|
Jul 31 06:11:10 server systemd[19953]: Stopped target Basic System.
|
|
Jul 31 06:11:10 server systemd[19953]: Stopped target Timers.
|
|
Jul 31 06:11:10 server systemd[19953]: Stopped target Sockets.
|
|
Jul 31 06:11:10 server systemd[19953]: Closed D-Bus User Message Bus Socket.
|
|
Jul 31 06:11:10 server systemd[19953]: Stopped target Paths.
|
|
Jul 31 06:11:10 server systemd[19953]: Reached target Shutdown.
|
|
Jul 31 06:11:10 server systemd[19953]: Starting Exit the Session...
|
|
Jul 31 06:11:10 server systemd[19957]: pam_unix(systemd-user:session): session closed for user postgres
|
|
Jul 31 06:11:10 server systemd[1]: user@26.service: Killing process 19999 (systemctl) with signal SIGKILL.
|
|
Jul 31 06:11:10 server systemd[1]: user-runtime-dir@26.service: Unit not needed anymore. Stopping.
|
|
Jul 31 06:11:10 server systemd[1]: Stopped User Manager for UID 26.
|
|
Jul 31 06:11:10 server systemd[1]: user-runtime-dir@26.service: Unit not needed anymore. Stopping.
|
|
Jul 31 06:11:10 server systemd[1]: Removed slice User Slice of UID 26.
|
|
Jul 31 06:11:10 server systemd[1]: Stopping /run/user/26 mount wrapper...
|
|
Jul 31 06:11:10 server systemd[1]: Stopped /run/user/26 mount wrapper.
|
|
Jul 31 06:11:30 server systemd[1]: Starting dnf makecache...
|
|
Jul 31 06:11:32 server dnf[20105]: Failed determining last makecache time.
|
|
Jul 31 06:11:32 server dnf[20105]: CentOS-8 - AppStream 20 kB/s | 4.3 kB 00:00
|
|
Jul 31 06:11:32 server dnf[20105]: CentOS-8 - Base 11 kB/s | 3.9 kB 00:00
|
|
Jul 31 06:11:33 server dnf[20105]: CentOS-8 - Extras 4.8 kB/s | 1.5 kB 00:00
|
|
Jul 31 06:11:33 server dnf[20105]: Rudder 6.1-nightly Repository 23 kB/s | 2.9 kB 00:00
|
|
Jul 31 06:11:33 server dnf[20105]: Metadata cache created.
|
|
Jul 31 06:11:33 server systemd[1]: Started dnf makecache.
|
|
Jul 31 06:12:02 server sshd[20117]: Accepted publickey for vagrant from 10.0.2.2 port 35982 ssh2: RSA SHA256:R5O0kSWh5xwsIYVHiUOhuYmoyjAB8B1ocqHJBtWu7IA
|
|
Jul 31 06:12:02 server systemd-logind[943]: New session 9 of user vagrant.
|
|
Jul 31 06:12:02 server systemd[1]: Started Session 9 of user vagrant.
|
|
Jul 31 06:12:02 server sshd[20117]: pam_unix(sshd:session): session opened for user vagrant by (uid=0)
|
|
Jul 31 06:12:07 server sudo[20148]: vagrant : TTY=pts/1 ; PWD=/home/vagrant ; USER=root ; COMMAND=/bin/su
|
|
Jul 31 06:12:07 server sudo[20148]: pam_systemd(sudo:session): Cannot create session: Already running in a session or user slice
|
|
Jul 31 06:12:07 server sudo[20148]: pam_unix(sudo:session): session opened for user root by vagrant(uid=0)
|
|
Jul 31 06:12:07 server su[20150]: (to root) vagrant on pts/1
|
|
Jul 31 06:12:07 server su[20150]: pam_systemd(su:session): Cannot create session: Already running in a session or user slice
|
|
Jul 31 06:12:07 server su[20150]: pam_unix(su:session): session opened for user root by vagrant(uid=0)
|
|
Jul 31 06:12:16 server cf-agent[20312]: CFEngine(agent) rudder Using command line specified bundlesequence
|
|
Jul 31 06:12:16 server cf-agent[20312]: CFEngine(agent) rudder R: @@Common@@result_success@@hasPolicyServer-root@@common-root@@0@@Compute inventory splay@@rudder_run_inventory@@2020-07-31 06:12:15+00:00##root@#Scheduling rudder_run_inventory was correct
|
|
Jul 31 06:12:16 server cf-agent[20312]: CFEngine(agent) rudder Executing 'no timeout' ... '/usr/bin/curl --tlsv1.2 --location --insecure --silent --fail --proxy '' --output "/var/rudder/cfengine-community/rudder-server-uuid.txt" https://127.0.0.1/uuid'
|
|
Jul 31 06:12:16 server cf-agent[20312]: CFEngine(agent) rudder Completed execution of '/usr/bin/curl --tlsv1.2 --location --insecure --silent --fail --proxy '' --output "/var/rudder/cfengine-community/rudder-server-uuid.txt" https://127.0.0.1/uuid'
|
|
Jul 31 06:12:16 server cf-agent[20312]: CFEngine(agent) rudder Executing 'no timeout' ... '/opt/rudder/bin/run-inventory --local=/var/rudder/tmp/inventory/server-root.ocs'
|
|
Jul 31 06:12:16 server sshd[20436]: Connection closed by 127.0.0.1 port 48510 [preauth]
|
|
Jul 31 06:12:16 server sshd[20437]: Connection closed by 127.0.0.1 port 48512 [preauth]
|
|
Jul 31 06:12:16 server sshd[20438]: Connection closed by 127.0.0.1 port 48514 [preauth]
|
|
Jul 31 06:12:20 server cf-agent[20312]: CFEngine(agent) rudder Q: "...-inventory --lo": [info] FusionInventory instance: builtin - Perl instance: system
|
|
Q: "...-inventory --lo": [info] running task Inventory
|
|
Q: "...-inventory --lo": [info] Inventory saved in /var/rudder/tmp/inventory/server-root.ocs
|
|
Jul 31 06:12:20 server cf-agent[20312]: CFEngine(agent) rudder Last 3 quoted lines were generated by promiser '/opt/rudder/bin/run-inventory --local=/var/rudder/tmp/inventory/server-root.ocs'
|
|
Jul 31 06:12:20 server cf-agent[20312]: CFEngine(agent) rudder Completed execution of '/opt/rudder/bin/run-inventory --local=/var/rudder/tmp/inventory/server-root.ocs'
|
|
Jul 31 06:12:20 server cf-agent[20312]: CFEngine(agent) rudder R: @@Common@@control@@rudder@@run@@0@@start@@20200731-060609-23bf77bc@@2020-07-31 06:12:15+00:00##root@#Start execution
|
|
Jul 31 06:12:20 server cf-agent[20312]: CFEngine(agent) rudder Automatically promoting context scope for 'heartbeat_sent' to namespace visibility, due to persistence
|
|
Jul 31 06:12:20 server cf-agent[20312]: CFEngine(agent) rudder R: @@Inventory@@log_debug@@inventory-all@@inventory-all@@0@@inventory@@None@@2020-07-31 06:12:15+00:00##root@#Running inventory
|
|
Jul 31 06:12:20 server cf-agent[20312]: CFEngine(agent) rudder Copying from 'localhost:/var/rudder/tmp/inventory/server-root.ocs'
|
|
Jul 31 06:12:20 server cf-agent[20312]: CFEngine(agent) rudder Transforming '/opt/rudder/bin/rudder-sign "/var/rudder/inventories/server-root.ocs"'
|
|
Jul 31 06:12:20 server cf-agent[20312]: CFEngine(agent) rudder Transformer '/var/rudder/inventories/server-root.ocs' => '/opt/rudder/bin/rudder-sign "/var/rudder/inventories/server-root.ocs"' seemed to work ok
|
|
Jul 31 06:12:20 server cf-agent[20312]: CFEngine(agent) rudder Transforming '/opt/rudder/bin/rudder-sign "/var/rudder/inventories/server-root.ocs"'
|
|
Jul 31 06:12:20 server cf-agent[20312]: CFEngine(agent) rudder Transforming '/bin/gzip -fq /var/rudder/inventories/server-root.ocs'
|
|
Jul 31 06:12:20 server cf-agent[20312]: CFEngine(agent) rudder Transformer '/var/rudder/inventories/server-root.ocs' => '/bin/gzip -fq /var/rudder/inventories/server-root.ocs' seemed to work ok
|
|
Jul 31 06:12:20 server cf-agent[20312]: CFEngine(agent) rudder Transforming '/usr/bin/curl --tlsv1.2 --location --insecure --fail --silent --proxy '' --user rudder:a96ded5196820383ba72 --upload-file /var/rudder/inventories/server-root.ocs.sign https://127.0.0.1/inventory-updates/'
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder <html><head>
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder <title>201 Created</title>
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder </head><body>
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder <h1>Created</h1>
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder <p>Resource /inventory-updates/server-root.ocs.sign has been created.</p>
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder </body></html>
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder Automatically promoting context scope for 'inventory_sent' to namespace visibility, due to persistence
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder Transformer '/var/rudder/inventories/server-root.ocs.sign' => '/usr/bin/curl --tlsv1.2 --location --insecure --fail --silent --proxy '' --user rudder:a96ded5196820383ba72 --upload-file /var/rudder/inventories/server-root.ocs.sign https://127.0.0.1/inventory-updates/' seemed to work ok
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder Transforming '/usr/bin/curl --tlsv1.2 --location --insecure --fail --silent --proxy '' --user rudder:a96ded5196820383ba72 --upload-file /var/rudder/inventories/server-root.ocs.sign https://127.0.0.1/inventory-updates/'
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder Transforming '/usr/bin/curl --tlsv1.2 --location --insecure --fail --silent --proxy '' --user rudder:a96ded5196820383ba72 --upload-file /var/rudder/inventories/server-root.ocs.gz https://127.0.0.1/inventory-updates/'
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder <html><head>
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder <title>201 Created</title>
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder </head><body>
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder <h1>Created</h1>
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder <p>Resource /inventory-updates/server-root.ocs.gz has been created.</p>
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder </body></html>
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder Automatically promoting context scope for 'inventory_sent' to namespace visibility, due to persistence
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder Transformer '/var/rudder/inventories/server-root.ocs.gz' => '/usr/bin/curl --tlsv1.2 --location --insecure --fail --silent --proxy '' --user rudder:a96ded5196820383ba72 --upload-file /var/rudder/inventories/server-root.ocs.gz https://127.0.0.1/inventory-updates/' seemed to work ok
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder Transforming '/usr/bin/curl --tlsv1.2 --location --insecure --fail --silent --proxy '' --user rudder:a96ded5196820383ba72 --upload-file /var/rudder/inventories/server-root.ocs.gz https://127.0.0.1/inventory-updates/'
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder Transforming '/bin/cp /var/rudder/inventories/server-root.ocs.sign /var/rudder/inventories/accepted-nodes-updates'
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder Automatically promoting context scope for 'inventory_sent' to namespace visibility, due to persistence
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder Transformer '/var/rudder/inventories/server-root.ocs.sign' => '/bin/cp /var/rudder/inventories/server-root.ocs.sign /var/rudder/inventories/accepted-nodes-updates' seemed to work ok
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder Transforming '/bin/cp /var/rudder/inventories/server-root.ocs.sign /var/rudder/inventories/accepted-nodes-updates'
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder Transforming '/bin/cp /var/rudder/inventories/server-root.ocs.gz /var/rudder/inventories/accepted-nodes-updates'
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder Automatically promoting context scope for 'inventory_sent' to namespace visibility, due to persistence
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder Transformer '/var/rudder/inventories/server-root.ocs.gz' => '/bin/cp /var/rudder/inventories/server-root.ocs.gz /var/rudder/inventories/accepted-nodes-updates' seemed to work ok
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder Transforming '/bin/cp /var/rudder/inventories/server-root.ocs.gz /var/rudder/inventories/accepted-nodes-updates'
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder Transforming '/bin/rm -f /var/rudder/inventories/server-root.ocs.sign'
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder Transformer '/var/rudder/inventories/server-root.ocs.sign' => '/bin/rm -f /var/rudder/inventories/server-root.ocs.sign' seemed to work ok
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder Transforming '/bin/rm -f /var/rudder/inventories/server-root.ocs.gz'
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder Transformer '/var/rudder/inventories/server-root.ocs.gz' => '/bin/rm -f /var/rudder/inventories/server-root.ocs.gz' seemed to work ok
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder Touched (updated time stamps) for path '/var/rudder/tmp/inventory_sent'
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder R: @@Inventory@@result_success@@inventory-all@@inventory-all@@0@@inventory@@None@@2020-07-31 06:12:15+00:00##root@#The inventory has been successfully sent
|
|
Jul 31 06:12:21 server cf-agent[20312]: CFEngine(agent) rudder R: @@Inventory@@log_info@@inventory-all@@inventory-all@@0@@inventory@@None@@2020-07-31 06:12:15+00:00##root@#An inventory was already sent less than 8 hours ago
|
|
Jul 31 06:12:28 server rudder-relayd[18620]: INFO relayd: Configuration reload requested
|
|
Jul 31 06:12:28 server rudder-relayd[18620]: INFO relayd::data::node: Parsing nodes list from "/var/rudder/lib/relay/nodeslist.json"
|
|
Jul 31 06:12:28 server rudder-relayd[18620]: INFO relayd::relay-api: 127.0.0.1:48786 "POST /rudder/relay-api/1/system/reload HTTP/1.1" 200 "-" "curl/7.61.1" 18.345626ms
|
|
Jul 31 06:12:34 server rudder-relayd[18620]: INFO relayd: Configuration reload requested
|
|
Jul 31 06:12:34 server rudder-relayd[18620]: INFO relayd::data::node: Parsing nodes list from "/var/rudder/lib/relay/nodeslist.json"
|
|
Jul 31 06:12:34 server rudder-relayd[18620]: INFO relayd::relay-api: 127.0.0.1:48788 "POST /rudder/relay-api/1/system/reload HTTP/1.1" 200 "-" "curl/7.61.1" 577.367µs
|
|
Jul 31 06:12:34 server systemd[1]: Reloading CFEngine file server.
|
|
Jul 31 06:12:34 server systemd[1]: Reloaded CFEngine file server.
|
|
Jul 31 06:12:35 server cf-serverd[15229]: notice: Rereading policy file '/var/rudder/cfengine-community/inputs/promises.cf'
|
|
Jul 31 06:12:35 server cf-serverd[15229]: CFEngine(server) rudder Rereading policy file '/var/rudder/cfengine-community/inputs/promises.cf'
|
|
Jul 31 06:12:36 server cf-serverd[15229]: rudder info: Failed to canonicalise filename '/var/rudder/configuration-repository/ncf/50_techniques' (realpath: No such file or directory)
|
|
Jul 31 06:12:36 server cf-serverd[15229]: rudder info: Path does not exist, it's added as-is in access rules: /var/rudder/configuration-repository/ncf/50_techniques
|
|
Jul 31 06:12:36 server cf-serverd[15229]: rudder info: WARNING: this means that (not) having a trailing slash defines if it's (not) a directory!
|
|
Jul 31 06:12:36 server cf-serverd[15229]: rudder info: Failed to canonicalise filename '/var/rudder/share/root/' (realpath: No such file or directory)
|
|
Jul 31 06:12:36 server cf-serverd[15229]: rudder info: Path does not exist, it's added as-is in access rules: /var/rudder/share/root/
|
|
Jul 31 06:12:36 server cf-serverd[15229]: rudder info: WARNING: this means that (not) having a trailing slash defines if it's (not) a directory!
|
|
Jul 31 06:12:36 server cf-serverd[15229]: rudder info: Failed to canonicalise filename '/var/rudder/shared-files/root/' (realpath: No such file or directory)
|
|
Jul 31 06:12:36 server cf-serverd[15229]: rudder info: Path does not exist, it's added as-is in access rules: /var/rudder/shared-files/root/
|
|
Jul 31 06:12:36 server cf-serverd[15229]: rudder info: WARNING: this means that (not) having a trailing slash defines if it's (not) a directory!
|
|
Jul 31 06:12:36 server cf-serverd[15229]: CFEngine(server) rudder Failed to canonicalise filename '/var/rudder/configuration-repository/ncf/50_techniques' (realpath: No such file or directory)
|
|
Jul 31 06:12:36 server cf-serverd[15229]: CFEngine(server) rudder Path does not exist, it's added as-is in access rules: /var/rudder/configuration-repository/ncf/50_techniques
|
|
Jul 31 06:12:36 server cf-serverd[15229]: CFEngine(server) rudder WARNING: this means that (not) having a trailing slash defines if it's (not) a directory!
|
|
Jul 31 06:12:36 server cf-serverd[15229]: CFEngine(server) rudder Failed to canonicalise filename '/var/rudder/share/root/' (realpath: No such file or directory)
|
|
Jul 31 06:12:36 server cf-serverd[15229]: CFEngine(server) rudder Path does not exist, it's added as-is in access rules: /var/rudder/share/root/
|
|
Jul 31 06:12:36 server cf-serverd[15229]: CFEngine(server) rudder WARNING: this means that (not) having a trailing slash defines if it's (not) a directory!
|
|
Jul 31 06:12:36 server cf-serverd[15229]: CFEngine(server) rudder Failed to canonicalise filename '/var/rudder/shared-files/root/' (realpath: No such file or directory)
|
|
Jul 31 06:12:36 server cf-serverd[15229]: CFEngine(server) rudder Path does not exist, it's added as-is in access rules: /var/rudder/shared-files/root/
|
|
Jul 31 06:12:36 server cf-serverd[15229]: CFEngine(server) rudder WARNING: this means that (not) having a trailing slash defines if it's (not) a directory!
|
|
Jul 31 06:12:59 server systemd[19860]: Starting Mark boot as successful...
|
|
Jul 31 06:12:59 server systemd[19860]: Started Mark boot as successful.
|
|
Jul 31 06:15:01 server CROND[20824]: (root) CMD (/opt/rudder/bin/rudder agent check -q >> /var/log/rudder/agent-check/check.log 2>&1)
|
|
Jul 31 06:15:01 server CROND[20825]: (root) CMD (/opt/rudder/bin/relay-cleanup >/dev/null)
|
|
Jul 31 06:15:04 server su[20899]: (to postgres) root on none
|
|
Jul 31 06:15:04 server systemd[1]: Started /run/user/26 mount wrapper.
|
|
Jul 31 06:15:04 server systemd[1]: Created slice User Slice of UID 26.
|
|
Jul 31 06:15:04 server systemd[1]: Starting User Manager for UID 26...
|
|
Jul 31 06:15:04 server systemd[1]: Started Session c3 of user postgres.
|
|
Jul 31 06:15:04 server systemd[20901]: pam_unix(systemd-user:session): session opened for user postgres by (uid=0)
|
|
Jul 31 06:15:04 server systemd[20901]: Reached target Timers.
|
|
Jul 31 06:15:04 server systemd[20901]: Starting D-Bus User Message Bus Socket.
|
|
Jul 31 06:15:04 server systemd[20901]: Reached target Paths.
|
|
Jul 31 06:15:04 server systemd[20901]: Listening on D-Bus User Message Bus Socket.
|
|
Jul 31 06:15:04 server systemd[20901]: Reached target Sockets.
|
|
Jul 31 06:15:04 server systemd[20901]: Reached target Basic System.
|
|
Jul 31 06:15:04 server systemd[20901]: Reached target Default.
|
|
Jul 31 06:15:04 server systemd[20901]: Startup finished in 38ms.
|
|
Jul 31 06:15:04 server systemd[1]: Started User Manager for UID 26.
|
|
Jul 31 06:15:04 server su[20899]: pam_unix(su-l:session): session opened for user postgres by (uid=0)
|
|
Jul 31 06:15:04 server su[20899]: pam_unix(su-l:session): session closed for user postgres
|
|
Jul 31 06:15:04 server systemd[1]: user-runtime-dir@26.service: Unit not needed anymore. Stopping.
|
|
Jul 31 06:15:04 server systemd[1]: Stopping User Manager for UID 26...
|
|
Jul 31 06:15:04 server systemd[20901]: Stopped target Default.
|
|
Jul 31 06:15:04 server systemd[20901]: Stopped target Basic System.
|
|
Jul 31 06:15:04 server systemd[20901]: Stopped target Timers.
|
|
Jul 31 06:15:04 server systemd[20901]: Stopped target Sockets.
|
|
Jul 31 06:15:04 server systemd[20901]: Closed D-Bus User Message Bus Socket.
|
|
Jul 31 06:15:04 server systemd[20901]: Stopped target Paths.
|
|
Jul 31 06:15:04 server systemd[20901]: Reached target Shutdown.
|
|
Jul 31 06:15:04 server systemd[20901]: Starting Exit the Session...
|
|
Jul 31 06:15:04 server systemd[20905]: pam_unix(systemd-user:session): session closed for user postgres
|
|
Jul 31 06:15:04 server systemd[1]: user@26.service: Killing process 20947 (systemctl) with signal SIGKILL.
|
|
Jul 31 06:15:04 server systemd[1]: user-runtime-dir@26.service: Unit not needed anymore. Stopping.
|
|
Jul 31 06:15:04 server systemd[1]: Stopped User Manager for UID 26.
|
|
Jul 31 06:15:04 server systemd[1]: user-runtime-dir@26.service: Unit not needed anymore. Stopping.
|
|
Jul 31 06:15:04 server systemd[1]: Stopping /run/user/26 mount wrapper...
|
|
Jul 31 06:15:04 server systemd[1]: Removed slice User Slice of UID 26.
|
|
Jul 31 06:15:04 server systemd[1]: Stopped /run/user/26 mount wrapper.
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: @@Common@@control@@rudder@@run@@0@@start@@20200731-061225-26d33918@@2020-07-31 06:15:27+00:00##root@#Start execution
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Automatically promoting context scope for 'heartbeat_sent' to namespace visibility, due to persistence
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: [INFO] Starting CFEngine 3.15.1 on host server.rudder.local (centos_8 x86_64)
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: @@Common@@result_success@@hasPolicyServer-root@@common-root@@0@@ncf Initialization@@None@@2020-07-31 06:15:27+00:00##root@#Configuration library initialization was correct
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: @@Common@@result_success@@hasPolicyServer-root@@common-root@@0@@Update@@None@@2020-07-31 06:15:27+00:00##root@#Configuration library already up to date on this root server. No action required.
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/distributePolicy/rsyslog.conf/rudder-rsyslog-relay.conf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/distributePolicy/rsyslog.conf/rudder-rsyslog-root.conf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/distributePolicy/rsyslog.conf' had permission 0750, changed it to 0700
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/distributePolicy/1.0/nodeslist.json' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/distributePolicy/1.0/nodescerts.pem' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/distributePolicy/1.0/common.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/distributePolicy/1.0/rsyslogConf.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/distributePolicy/1.0/propagatePromises.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/distributePolicy/1.0/apache-acl.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/distributePolicy/1.0' had permission 0750, changed it to 0700
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/distributePolicy' had permission 0770, changed it to 0700
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/rudder_promises_generated' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/rudder-promises-generated' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0/rudder-parameters.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0/cf-serverd.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0/rudder-groups.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0/common.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0/check-rsyslog-version' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0/site.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0/reporting-http.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0/hooks.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0/environment-variables.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0/monitoring.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0/properties.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0/restart-services.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0/update.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0/cron-setup.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0/internal-security.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/1.0' had permission 0750, changed it to 0700
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/cron/rudder-agent-community-cron' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common/cron' had permission 0750, changed it to 0700
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/common' had permission 0770, changed it to 0700
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/inventory/1.0/test-inventory.pl' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/inventory/1.0/fusionAgent.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/inventory/1.0' had permission 0750, changed it to 0700
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/inventory' had permission 0770, changed it to 0700
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/run_interval' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/rudder-vars.json' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/rudder-directives.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/failsafe.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/rudder-server-roles.conf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/rudder-system-directives.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/clientlist/clientlist.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/clientlist' had permission 0750, changed it to 0700
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/promises.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0/common.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0/network-check.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0/logrotate-check.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0/relayd.conf.tpl' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0/relayd.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0/compress-ldap-backups.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0/password-check.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0/metrics-reporting.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0/integrity-check.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0/component-check.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0/servers-by-role.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0/alive-check.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0/service-check.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0/compress-webapp-log.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0/technique-reload.cf' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/1.0' had permission 0750, changed it to 0700
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/logrotate.conf/rudder' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles/logrotate.conf' had permission 0750, changed it to 0700
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/server-roles' had permission 0770, changed it to 0700
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/rudder.json' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/rudder-directives.csv' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/properties.d/properties.json' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/properties.d' had permission 0750, changed it to 0700
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs/rudder-parameters.json' had permission 0640, changed it to 0600
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder Object '/var/rudder/cfengine-community/inputs' had permission 0750, changed it to 0700
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: @@Common@@result_repaired@@hasPolicyServer-root@@common-root@@0@@Security parameters@@None@@2020-07-31 06:15:27+00:00##root@#Some internal security parameters were adjusted
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: @@Common@@result_success@@hasPolicyServer-root@@common-root@@0@@CRON Daemon@@None@@2020-07-31 06:15:27+00:00##root@#Cron daemon status was correct
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: @@Common@@result_success@@hasPolicyServer-root@@common-root@@0@@Log system for reports@@None@@2020-07-31 06:15:27+00:00##root@#Reports forwarding to policy server was correct
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: @@Common@@log_info@@hasPolicyServer-root@@common-root@@0@@None@@/var/rudder/tmp/rudder_monitoring.csv@@2020-07-31 06:15:27+00:00##root@#Remove file /var/rudder/tmp/rudder_monitoring.csv was correct
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: @@DistributePolicy@@result_na@@root-DP@@root-distributePolicy@@0@@Synchronize resources@@None@@2020-07-31 06:15:27+00:00##root@#Nothing needs to be updated
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: @@DistributePolicy@@result_na@@root-DP@@root-distributePolicy@@0@@Synchronize policies@@None@@2020-07-31 06:15:27+00:00##root@#Rudder server does not need to synchronize its policies
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: @@DistributePolicy@@result_na@@root-DP@@root-distributePolicy@@0@@Synchronize files@@None@@2020-07-31 06:15:27+00:00##root@#Rudder server does not need to synchronize its shared files
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: @@DistributePolicy@@result_success@@root-DP@@root-distributePolicy@@0@@Send inventories to Rudder server@@None@@2020-07-31 06:15:27+00:00##root@#No inventory to send
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: @@DistributePolicy@@result_success@@root-DP@@root-distributePolicy@@0@@Configure apache ACL@@None@@2020-07-31 06:15:27+00:00##root@#Apache ACLs are correct
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check logrotate configuration@@None@@2020-07-31 06:15:27+00:00##root@#The logrotate configuration is correct
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: [INFO] Executing is-active on postgresql using the systemctl method
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check postgresql process@@postgresql@@2020-07-31 06:15:27+00:00##root@#Check if the service postgresql is started was correct
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check postgresql process@@postgresql@@2020-07-31 06:15:27+00:00##root@#Ensure that service postgresql is running was correct
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: [INFO] Executing is-enabled on postgresql using the systemctl method
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check postgresql process@@postgresql@@2020-07-31 06:15:27+00:00##root@#Check if service postgresql is started at boot was correct
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check postgresql process@@postgresql@@2020-07-31 06:15:27+00:00##root@#Ensure service postgresql is started at boot was correct
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check postgresql process@@None@@2020-07-31 06:15:27+00:00##root@#postgresql service running was correct
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check postgresql boot script@@None@@2020-07-31 06:15:27+00:00##root@#postgresql service enabled was correct
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check LDAP in rudder-webapp.properties@@None@@2020-07-31 06:15:27+00:00##root@#Web interface configuration files (checked LDAP password) was correct
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check LDAP credentials@@None@@2020-07-31 06:15:27+00:00##root@#OpenLDAP configuration file (rootdn password) was correct
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check rudder-passwords.conf@@None@@2020-07-31 06:15:27+00:00##root@#Presence and permissions of Rudder password file was correct
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check pgpass file@@None@@2020-07-31 06:15:27+00:00##root@#Presence and permissions of pgsql password file was correct
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check SQL in rudder-webapp.properties@@None@@2020-07-31 06:15:27+00:00##root@#Web interface configuration files (SQL password) was correct
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check SQL credentials@@None@@2020-07-31 06:15:27+00:00##root@#PostgreSQL user account's already correct.
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: [INFO] Executing is-active on rudder-relayd using the systemctl method
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check relayd process@@rudder-relayd@@2020-07-31 06:15:27+00:00##root@#Check if the service rudder-relayd is started was correct
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check relayd process@@rudder-relayd@@2020-07-31 06:15:27+00:00##root@#Ensure that service rudder-relayd is running was correct
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: [INFO] Executing is-enabled on rudder-relayd using the systemctl method
|
|
Jul 31 06:15:28 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check relayd process@@rudder-relayd@@2020-07-31 06:15:27+00:00##root@#Check if service rudder-relayd is started at boot was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check relayd process@@rudder-relayd@@2020-07-31 06:15:27+00:00##root@#Ensure service rudder-relayd is started at boot was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check relayd process@@None@@2020-07-31 06:15:27+00:00##root@#relayd service running was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check relayd boot script@@None@@2020-07-31 06:15:27+00:00##root@#relayd service enabled was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Relayd service configuration@@/opt/rudder/etc/relayd@@2020-07-31 06:15:27+00:00##root@#Ensure permissions mode 640, owner root and group rudder on /opt/rudder/etc/relayd on type all with inf recursion level was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Relayd service configuration@@/opt/rudder/etc/relayd@@2020-07-31 06:15:27+00:00##root@#Ensure permissions mode 640, owner root and group rudder on /opt/rudder/etc/relayd with ${recursion} recursion level was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Relayd service configuration@@/opt/rudder/etc/relayd/main.conf@@2020-07-31 06:15:27+00:00##root@#Build file /opt/rudder/etc/relayd/main.conf from mustache type template /var/rudder/cfengine-community/inputs/server-roles/1.0/relayd.conf.tpl was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Relayd service configuration@@/opt/rudder/etc/relayd/main.conf@@2020-07-31 06:15:27+00:00##root@#Build file /opt/rudder/etc/relayd/main.conf from mustache template /var/rudder/cfengine-community/inputs/server-roles/1.0/relayd.conf.tpl was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Relayd service configuration@@None@@2020-07-31 06:15:27+00:00##root@#rudder-relayd configration was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check allowed networks configuration@@None@@2020-07-31 06:15:27+00:00##root@#Allowed networks configuration is correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check WebDAV properties@@None@@2020-07-31 06:15:27+00:00##root@#Rudder WebDAV properties was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check WebDAV credentials@@None@@2020-07-31 06:15:27+00:00##root@#Apache WebDAV user and password are OK
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: [INFO] Executing is-active on httpd using the systemctl method
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check apache process@@httpd@@2020-07-31 06:15:27+00:00##root@#Check if the service httpd is started was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check apache process@@httpd@@2020-07-31 06:15:27+00:00##root@#Ensure that service httpd is running was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: [INFO] Executing is-enabled on httpd using the systemctl method
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check apache process@@httpd@@2020-07-31 06:15:27+00:00##root@#Check if service httpd is started at boot was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check apache process@@httpd@@2020-07-31 06:15:27+00:00##root@#Ensure service httpd is started at boot was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check apache process@@None@@2020-07-31 06:15:27+00:00##root@#apache service running was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check apache boot script@@None@@2020-07-31 06:15:27+00:00##root@#apache service enabled was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: [INFO] Executing is-active on rudder-jetty using the systemctl method
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check jetty process@@rudder-jetty@@2020-07-31 06:15:27+00:00##root@#Check if the service rudder-jetty is started was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check jetty process@@rudder-jetty@@2020-07-31 06:15:27+00:00##root@#Ensure that service rudder-jetty is running was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: [INFO] Executing is-enabled on rudder-jetty using the systemctl method
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check jetty process@@rudder-jetty@@2020-07-31 06:15:27+00:00##root@#Check if service rudder-jetty is started at boot was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check jetty process@@rudder-jetty@@2020-07-31 06:15:27+00:00##root@#Ensure service rudder-jetty is started at boot was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check jetty process@@None@@2020-07-31 06:15:27+00:00##root@#jetty service running was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check jetty boot script@@None@@2020-07-31 06:15:27+00:00##root@#jetty service enabled was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check jetty process@@/var/rudder/cfengine-community/ppkeys/root-MD5=ae7892a0221ce7038ee569ac3102070b.pub@@2020-07-31 06:15:27+00:00##root@#Symlink /var/rudder/cfengine-community/ppkeys/root-MD5=ae7892a0221ce7038ee569ac3102070b.pub targeting /var/rudder/cfengine-community/ppkeys/localhost.pub was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check jetty process@@/var/rudder/cfengine-community/ppkeys/root-MD5=ae7892a0221ce7038ee569ac3102070b.pub@@2020-07-31 06:15:27+00:00##root@#Symlink /var/rudder/cfengine-community/ppkeys/root-MD5=ae7892a0221ce7038ee569ac3102070b.pub targeting /var/rudder/cfengine-community/ppkeys/localhost.pub was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check jetty process@@/var/rudder/cfengine-community/ppkeys/root-MD5=ae7892a0221ce7038ee569ac3102070b.pub@@2020-07-31 06:15:27+00:00##root@#Symlink /var/rudder/cfengine-community/ppkeys/root-MD5=ae7892a0221ce7038ee569ac3102070b.pub targeting /var/rudder/cfengine-community/ppkeys/localhost.pub (without overwrite) was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check configuration-repository folder@@None@@2020-07-31 06:15:27+00:00##root@#The /var/rudder/configuration-repository directory is present
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check configuration-repository GIT lock@@None@@2020-07-31 06:15:27+00:00##root@#The /var/rudder/configuration-repository git lock file is not present or not older than 5 minutes
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder Executing 'no timeout' ... '/usr/bin/curl --proxy '' --max-time 240 -s http://localhost:8080/rudder/api/status |/bin/grep -q OK'
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder Automatically promoting context scope for 'site_ok' to namespace visibility, due to persistence
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder Completed execution of '/usr/bin/curl --proxy '' --max-time 240 -s http://localhost:8080/rudder/api/status |/bin/grep -q OK'
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check rudder status@@None@@2020-07-31 06:15:27+00:00##root@#The http://localhost:8080/rudder/api/status web interface is running
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: [INFO] Executing is-active on rudder-slapd using the systemctl method
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check slapd process@@rudder-slapd@@2020-07-31 06:15:27+00:00##root@#Check if the service rudder-slapd is started was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check slapd process@@rudder-slapd@@2020-07-31 06:15:27+00:00##root@#Ensure that service rudder-slapd is running was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: [INFO] Executing is-enabled on rudder-slapd using the systemctl method
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check slapd process@@rudder-slapd@@2020-07-31 06:15:27+00:00##root@#Check if service rudder-slapd is started at boot was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check slapd process@@rudder-slapd@@2020-07-31 06:15:27+00:00##root@#Ensure service rudder-slapd is started at boot was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check slapd process@@None@@2020-07-31 06:15:27+00:00##root@#slapd service running was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check slapd boot script@@None@@2020-07-31 06:15:27+00:00##root@#slapd service enabled was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@server-roles@@result_na@@server-roles@@server-roles-directive@@0@@Send metrics to rudder-project@@None@@2020-07-31 06:15:27+00:00##root@#Sending metrics to rudder-project.org is not enabled. Skipping.
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@inventory@@log_info@@inventory-all@@inventory-all@@0@@Compute inventory splay@@rudder_run_inventory@@2020-07-31 06:15:27+00:00##root@#Scheduling rudder_run_inventory was correct
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@Inventory@@log_info@@inventory-all@@inventory-all@@0@@inventory@@None@@2020-07-31 06:15:27+00:00##root@#An inventory was already sent less than 8 hours ago
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@Inventory@@result_success@@inventory-all@@inventory-all@@0@@inventory@@None@@2020-07-31 06:15:27+00:00##root@#Next inventory scheduled between 00:00 and 06:00
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@Common@@result_na@@hasPolicyServer-root@@common-root@@0@@Monitoring@@None@@2020-07-31 06:15:27+00:00##root@#No Rudder monitoring information to share with the server
|
|
Jul 31 06:15:29 server cf-agent[21204]: CFEngine(agent) rudder R: @@Common@@control@@rudder@@run@@0@@end@@20200731-061225-26d33918@@2020-07-31 06:15:27+00:00##root@#End execution
|
|
Jul 31 06:15:37 server cf-serverd[15229]: notice: Rereading policy file '/var/rudder/cfengine-community/inputs/promises.cf'
|
|
Jul 31 06:15:37 server cf-serverd[15229]: CFEngine(server) rudder Rereading policy file '/var/rudder/cfengine-community/inputs/promises.cf'
|
|
Jul 31 06:15:37 server cf-serverd[15229]: rudder info: Failed to canonicalise filename '/var/rudder/configuration-repository/ncf/50_techniques' (realpath: No such file or directory)
|
|
Jul 31 06:15:37 server cf-serverd[15229]: rudder info: Path does not exist, it's added as-is in access rules: /var/rudder/configuration-repository/ncf/50_techniques
|
|
Jul 31 06:15:37 server cf-serverd[15229]: rudder info: WARNING: this means that (not) having a trailing slash defines if it's (not) a directory!
|
|
Jul 31 06:15:37 server cf-serverd[15229]: rudder info: Failed to canonicalise filename '/var/rudder/share/root/' (realpath: No such file or directory)
|
|
Jul 31 06:15:37 server cf-serverd[15229]: rudder info: Path does not exist, it's added as-is in access rules: /var/rudder/share/root/
|
|
Jul 31 06:15:37 server cf-serverd[15229]: rudder info: WARNING: this means that (not) having a trailing slash defines if it's (not) a directory!
|
|
Jul 31 06:15:37 server cf-serverd[15229]: rudder info: Failed to canonicalise filename '/var/rudder/shared-files/root/' (realpath: No such file or directory)
|
|
Jul 31 06:15:37 server cf-serverd[15229]: rudder info: Path does not exist, it's added as-is in access rules: /var/rudder/shared-files/root/
|
|
Jul 31 06:15:37 server cf-serverd[15229]: rudder info: WARNING: this means that (not) having a trailing slash defines if it's (not) a directory!
|
|
Jul 31 06:15:37 server cf-serverd[15229]: CFEngine(server) rudder Failed to canonicalise filename '/var/rudder/configuration-repository/ncf/50_techniques' (realpath: No such file or directory)
|
|
Jul 31 06:15:37 server cf-serverd[15229]: CFEngine(server) rudder Path does not exist, it's added as-is in access rules: /var/rudder/configuration-repository/ncf/50_techniques
|
|
Jul 31 06:15:37 server cf-serverd[15229]: CFEngine(server) rudder WARNING: this means that (not) having a trailing slash defines if it's (not) a directory!
|
|
Jul 31 06:15:37 server cf-serverd[15229]: CFEngine(server) rudder Failed to canonicalise filename '/var/rudder/share/root/' (realpath: No such file or directory)
|
|
Jul 31 06:15:37 server cf-serverd[15229]: CFEngine(server) rudder Path does not exist, it's added as-is in access rules: /var/rudder/share/root/
|
|
Jul 31 06:15:37 server cf-serverd[15229]: CFEngine(server) rudder WARNING: this means that (not) having a trailing slash defines if it's (not) a directory!
|
|
Jul 31 06:15:37 server cf-serverd[15229]: CFEngine(server) rudder Failed to canonicalise filename '/var/rudder/shared-files/root/' (realpath: No such file or directory)
|
|
Jul 31 06:15:37 server cf-serverd[15229]: CFEngine(server) rudder Path does not exist, it's added as-is in access rules: /var/rudder/shared-files/root/
|
|
Jul 31 06:15:37 server cf-serverd[15229]: CFEngine(server) rudder WARNING: this means that (not) having a trailing slash defines if it's (not) a directory!
|
|
Jul 31 06:16:26 server systemd[1]: Starting Cleanup of Temporary Directories...
|
|
Jul 31 06:16:26 server systemd-tmpfiles[21670]: [/usr/lib/tmpfiles.d/mdadm.conf:1] Line references path below legacy directory /var/run/, updating /var/run/mdadm → /run/mdadm; please update the tmpfiles.d/ drop-in file accordingly.
|
|
Jul 31 06:16:26 server systemd-tmpfiles[21670]: [/usr/lib/tmpfiles.d/pesign.conf:1] Line references path below legacy directory /var/run/, updating /var/run/pesign → /run/pesign; please update the tmpfiles.d/ drop-in file accordingly.
|
|
Jul 31 06:16:26 server systemd-tmpfiles[21670]: [/usr/lib/tmpfiles.d/postgresql.conf:1] Line references path below legacy directory /var/run/, updating /var/run/postgresql → /run/postgresql; please update the tmpfiles.d/ drop-in file accordingly.
|
|
Jul 31 06:16:26 server systemd[1]: Started Cleanup of Temporary Directories.
|
|
Jul 31 06:20:01 server CROND[21741]: (root) CMD (/opt/rudder/bin/relay-cleanup >/dev/null)
|
|
Jul 31 06:20:01 server CROND[21748]: (root) CMD (/opt/rudder/bin/rudder agent check -q >> /var/log/rudder/agent-check/check.log 2>&1)
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@Common@@control@@rudder@@run@@0@@start@@20200731-061225-26d33918@@2020-07-31 06:20:28+00:00##root@#Start execution
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder Automatically promoting context scope for 'heartbeat_sent' to namespace visibility, due to persistence
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: [INFO] Starting CFEngine 3.15.1 on host server.rudder.local (centos_8 x86_64)
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@Common@@result_success@@hasPolicyServer-root@@common-root@@0@@ncf Initialization@@None@@2020-07-31 06:20:28+00:00##root@#Configuration library initialization was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@Common@@result_success@@hasPolicyServer-root@@common-root@@0@@Update@@None@@2020-07-31 06:20:28+00:00##root@#Configuration library already up to date on this root server. No action required.
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@Common@@result_success@@hasPolicyServer-root@@common-root@@0@@Security parameters@@None@@2020-07-31 06:20:28+00:00##root@#The internal environment security is acceptable
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@Common@@result_success@@hasPolicyServer-root@@common-root@@0@@CRON Daemon@@None@@2020-07-31 06:20:28+00:00##root@#Cron daemon status was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@Common@@result_success@@hasPolicyServer-root@@common-root@@0@@Log system for reports@@None@@2020-07-31 06:20:28+00:00##root@#Reports forwarding to policy server was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@Common@@log_info@@hasPolicyServer-root@@common-root@@0@@None@@/var/rudder/tmp/rudder_monitoring.csv@@2020-07-31 06:20:28+00:00##root@#Remove file /var/rudder/tmp/rudder_monitoring.csv was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@DistributePolicy@@result_na@@root-DP@@root-distributePolicy@@0@@Synchronize resources@@None@@2020-07-31 06:20:28+00:00##root@#Nothing needs to be updated
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@DistributePolicy@@result_na@@root-DP@@root-distributePolicy@@0@@Synchronize policies@@None@@2020-07-31 06:20:28+00:00##root@#Rudder server does not need to synchronize its policies
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@DistributePolicy@@result_na@@root-DP@@root-distributePolicy@@0@@Synchronize files@@None@@2020-07-31 06:20:28+00:00##root@#Rudder server does not need to synchronize its shared files
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@DistributePolicy@@result_success@@root-DP@@root-distributePolicy@@0@@Send inventories to Rudder server@@None@@2020-07-31 06:20:28+00:00##root@#No inventory to send
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@DistributePolicy@@result_success@@root-DP@@root-distributePolicy@@0@@Configure apache ACL@@None@@2020-07-31 06:20:28+00:00##root@#Apache ACLs are correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check logrotate configuration@@None@@2020-07-31 06:20:28+00:00##root@#The logrotate configuration is correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: [INFO] Executing is-active on postgresql using the systemctl method
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check postgresql process@@postgresql@@2020-07-31 06:20:28+00:00##root@#Check if the service postgresql is started was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check postgresql process@@postgresql@@2020-07-31 06:20:28+00:00##root@#Ensure that service postgresql is running was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: [INFO] Executing is-enabled on postgresql using the systemctl method
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check postgresql process@@postgresql@@2020-07-31 06:20:28+00:00##root@#Check if service postgresql is started at boot was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check postgresql process@@postgresql@@2020-07-31 06:20:28+00:00##root@#Ensure service postgresql is started at boot was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check postgresql process@@None@@2020-07-31 06:20:28+00:00##root@#postgresql service running was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check postgresql boot script@@None@@2020-07-31 06:20:28+00:00##root@#postgresql service enabled was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check LDAP in rudder-webapp.properties@@None@@2020-07-31 06:20:28+00:00##root@#Web interface configuration files (checked LDAP password) was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check LDAP credentials@@None@@2020-07-31 06:20:28+00:00##root@#OpenLDAP configuration file (rootdn password) was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check rudder-passwords.conf@@None@@2020-07-31 06:20:28+00:00##root@#Presence and permissions of Rudder password file was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check pgpass file@@None@@2020-07-31 06:20:28+00:00##root@#Presence and permissions of pgsql password file was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check SQL in rudder-webapp.properties@@None@@2020-07-31 06:20:28+00:00##root@#Web interface configuration files (SQL password) was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check SQL credentials@@None@@2020-07-31 06:20:28+00:00##root@#PostgreSQL user account's already correct.
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: [INFO] Executing is-active on rudder-relayd using the systemctl method
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check relayd process@@rudder-relayd@@2020-07-31 06:20:28+00:00##root@#Check if the service rudder-relayd is started was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check relayd process@@rudder-relayd@@2020-07-31 06:20:28+00:00##root@#Ensure that service rudder-relayd is running was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: [INFO] Executing is-enabled on rudder-relayd using the systemctl method
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check relayd process@@rudder-relayd@@2020-07-31 06:20:28+00:00##root@#Check if service rudder-relayd is started at boot was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check relayd process@@rudder-relayd@@2020-07-31 06:20:28+00:00##root@#Ensure service rudder-relayd is started at boot was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check relayd process@@None@@2020-07-31 06:20:28+00:00##root@#relayd service running was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check relayd boot script@@None@@2020-07-31 06:20:28+00:00##root@#relayd service enabled was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Relayd service configuration@@/opt/rudder/etc/relayd@@2020-07-31 06:20:28+00:00##root@#Ensure permissions mode 640, owner root and group rudder on /opt/rudder/etc/relayd on type all with inf recursion level was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Relayd service configuration@@/opt/rudder/etc/relayd@@2020-07-31 06:20:28+00:00##root@#Ensure permissions mode 640, owner root and group rudder on /opt/rudder/etc/relayd with ${recursion} recursion level was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Relayd service configuration@@/opt/rudder/etc/relayd/main.conf@@2020-07-31 06:20:28+00:00##root@#Build file /opt/rudder/etc/relayd/main.conf from mustache type template /var/rudder/cfengine-community/inputs/server-roles/1.0/relayd.conf.tpl was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Relayd service configuration@@/opt/rudder/etc/relayd/main.conf@@2020-07-31 06:20:28+00:00##root@#Build file /opt/rudder/etc/relayd/main.conf from mustache template /var/rudder/cfengine-community/inputs/server-roles/1.0/relayd.conf.tpl was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Relayd service configuration@@None@@2020-07-31 06:20:28+00:00##root@#rudder-relayd configration was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check allowed networks configuration@@None@@2020-07-31 06:20:28+00:00##root@#Allowed networks configuration is correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check WebDAV properties@@None@@2020-07-31 06:20:28+00:00##root@#Rudder WebDAV properties was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check WebDAV credentials@@None@@2020-07-31 06:20:28+00:00##root@#Apache WebDAV user and password are OK
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: [INFO] Executing is-active on httpd using the systemctl method
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check apache process@@httpd@@2020-07-31 06:20:28+00:00##root@#Check if the service httpd is started was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check apache process@@httpd@@2020-07-31 06:20:28+00:00##root@#Ensure that service httpd is running was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: [INFO] Executing is-enabled on httpd using the systemctl method
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check apache process@@httpd@@2020-07-31 06:20:28+00:00##root@#Check if service httpd is started at boot was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check apache process@@httpd@@2020-07-31 06:20:28+00:00##root@#Ensure service httpd is started at boot was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check apache process@@None@@2020-07-31 06:20:28+00:00##root@#apache service running was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check apache boot script@@None@@2020-07-31 06:20:28+00:00##root@#apache service enabled was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: [INFO] Executing is-active on rudder-jetty using the systemctl method
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check jetty process@@rudder-jetty@@2020-07-31 06:20:28+00:00##root@#Check if the service rudder-jetty is started was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check jetty process@@rudder-jetty@@2020-07-31 06:20:28+00:00##root@#Ensure that service rudder-jetty is running was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: [INFO] Executing is-enabled on rudder-jetty using the systemctl method
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check jetty process@@rudder-jetty@@2020-07-31 06:20:28+00:00##root@#Check if service rudder-jetty is started at boot was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check jetty process@@rudder-jetty@@2020-07-31 06:20:28+00:00##root@#Ensure service rudder-jetty is started at boot was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check jetty process@@None@@2020-07-31 06:20:28+00:00##root@#jetty service running was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check jetty boot script@@None@@2020-07-31 06:20:28+00:00##root@#jetty service enabled was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check jetty process@@/var/rudder/cfengine-community/ppkeys/root-MD5=ae7892a0221ce7038ee569ac3102070b.pub@@2020-07-31 06:20:28+00:00##root@#Symlink /var/rudder/cfengine-community/ppkeys/root-MD5=ae7892a0221ce7038ee569ac3102070b.pub targeting /var/rudder/cfengine-community/ppkeys/localhost.pub was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check jetty process@@/var/rudder/cfengine-community/ppkeys/root-MD5=ae7892a0221ce7038ee569ac3102070b.pub@@2020-07-31 06:20:28+00:00##root@#Symlink /var/rudder/cfengine-community/ppkeys/root-MD5=ae7892a0221ce7038ee569ac3102070b.pub targeting /var/rudder/cfengine-community/ppkeys/localhost.pub was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check jetty process@@/var/rudder/cfengine-community/ppkeys/root-MD5=ae7892a0221ce7038ee569ac3102070b.pub@@2020-07-31 06:20:28+00:00##root@#Symlink /var/rudder/cfengine-community/ppkeys/root-MD5=ae7892a0221ce7038ee569ac3102070b.pub targeting /var/rudder/cfengine-community/ppkeys/localhost.pub (without overwrite) was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check configuration-repository folder@@None@@2020-07-31 06:20:28+00:00##root@#The /var/rudder/configuration-repository directory is present
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check configuration-repository GIT lock@@None@@2020-07-31 06:20:28+00:00##root@#The /var/rudder/configuration-repository git lock file is not present or not older than 5 minutes
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder Executing 'no timeout' ... '/usr/bin/curl --proxy '' --max-time 240 -s http://localhost:8080/rudder/api/status |/bin/grep -q OK'
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder Automatically promoting context scope for 'site_ok' to namespace visibility, due to persistence
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder Completed execution of '/usr/bin/curl --proxy '' --max-time 240 -s http://localhost:8080/rudder/api/status |/bin/grep -q OK'
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check rudder status@@None@@2020-07-31 06:20:28+00:00##root@#The http://localhost:8080/rudder/api/status web interface is running
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: [INFO] Executing is-active on rudder-slapd using the systemctl method
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check slapd process@@rudder-slapd@@2020-07-31 06:20:28+00:00##root@#Check if the service rudder-slapd is started was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check slapd process@@rudder-slapd@@2020-07-31 06:20:28+00:00##root@#Ensure that service rudder-slapd is running was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: [INFO] Executing is-enabled on rudder-slapd using the systemctl method
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check slapd process@@rudder-slapd@@2020-07-31 06:20:28+00:00##root@#Check if service rudder-slapd is started at boot was correct
|
|
Jul 31 06:20:29 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@log_info@@server-roles@@server-roles-directive@@0@@Check slapd process@@rudder-slapd@@2020-07-31 06:20:28+00:00##root@#Ensure service rudder-slapd is started at boot was correct
|
|
Jul 31 06:20:30 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check slapd process@@None@@2020-07-31 06:20:28+00:00##root@#slapd service running was correct
|
|
Jul 31 06:20:30 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@result_success@@server-roles@@server-roles-directive@@0@@Check slapd boot script@@None@@2020-07-31 06:20:28+00:00##root@#slapd service enabled was correct
|
|
Jul 31 06:20:30 server cf-agent[21954]: CFEngine(agent) rudder R: @@server-roles@@result_na@@server-roles@@server-roles-directive@@0@@Send metrics to rudder-project@@None@@2020-07-31 06:20:28+00:00##root@#Sending metrics to rudder-project.org is not enabled. Skipping.
|
|
Jul 31 06:20:30 server cf-agent[21954]: CFEngine(agent) rudder R: @@inventory@@log_info@@inventory-all@@inventory-all@@0@@Compute inventory splay@@rudder_run_inventory@@2020-07-31 06:20:28+00:00##root@#Scheduling rudder_run_inventory was correct
|
|
Jul 31 06:20:30 server cf-agent[21954]: CFEngine(agent) rudder R: @@Inventory@@log_info@@inventory-all@@inventory-all@@0@@inventory@@None@@2020-07-31 06:20:28+00:00##root@#An inventory was already sent less than 8 hours ago
|
|
Jul 31 06:20:30 server cf-agent[21954]: CFEngine(agent) rudder R: @@Inventory@@result_success@@inventory-all@@inventory-all@@0@@inventory@@None@@2020-07-31 06:20:28+00:00##root@#Next inventory scheduled between 00:00 and 06:00
|
|
Jul 31 06:20:30 server cf-agent[21954]: CFEngine(agent) rudder R: @@Common@@result_na@@hasPolicyServer-root@@common-root@@0@@Monitoring@@None@@2020-07-31 06:20:28+00:00##root@#No Rudder monitoring information to share with the server
|
|
Jul 31 06:20:30 server cf-agent[21954]: CFEngine(agent) rudder R: @@Common@@control@@rudder@@run@@0@@end@@20200731-061225-26d33918@@2020-07-31 06:20:28+00:00##root@#End execution
|
|
Jul 31 06:20:59 server dbus-daemon[892]: [system] Activating service name='org.fedoraproject.Setroubleshootd' requested by ':1.135' (uid=0 pid=855 comm="/usr/sbin/sedispatch " label="system_u:system_r:auditd_t:s0") (using servicehelper)
|
|
Jul 31 06:21:00 server dbus-daemon[892]: [system] Successfully activated service 'org.fedoraproject.Setroubleshootd'
|
|
Jul 31 06:21:01 server setroubleshoot[22151]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:21:01 server setroubleshoot[22151]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:21:01 server platform-python[22151]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:21:01 server platform-python[22151]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:21:01 server setroubleshoot[22151]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:21:01 server platform-python[22151]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:21:01 server setroubleshoot[22151]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:21:01 server platform-python[22151]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:21:01 server setroubleshoot[22151]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:21:01 server platform-python[22151]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:21:01 server setroubleshoot[22151]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:21:01 server platform-python[22151]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:21:01 server setroubleshoot[22151]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:21:01 server platform-python[22151]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:21:01 server setroubleshoot[22151]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:21:01 server platform-python[22151]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:21:01 server setroubleshoot[22151]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:21:01 server platform-python[22151]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:21:01 server setroubleshoot[22151]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:21:01 server platform-python[22151]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:21:01 server setroubleshoot[22151]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:21:01 server platform-python[22151]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:21:01 server setroubleshoot[22151]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:21:01 server platform-python[22151]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:21:01 server setroubleshoot[22151]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:21:01 server platform-python[22151]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:21:01 server setroubleshoot[22151]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:21:01 server platform-python[22151]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:21:03 server setroubleshoot[22151]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:21:03 server platform-python[22151]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:21:15 server dbus-daemon[892]: [system] Activating service name='org.fedoraproject.Setroubleshootd' requested by ':1.135' (uid=0 pid=855 comm="/usr/sbin/sedispatch " label="system_u:system_r:auditd_t:s0") (using servicehelper)
|
|
Jul 31 06:21:16 server dbus-daemon[892]: [system] Successfully activated service 'org.fedoraproject.Setroubleshootd'
|
|
Jul 31 06:21:17 server setroubleshoot[22222]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:21:17 server platform-python[22222]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:21:22 server su[22249]: (to postgres) root on none
|
|
Jul 31 06:21:22 server setroubleshoot[22222]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:21:22 server platform-python[22222]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:21:22 server setroubleshoot[22222]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5. For complete SELinux messages run: sealert -l 07e5b566-8a9d-4635-965f-22c336cc3c99
|
|
Jul 31 06:21:22 server platform-python[22222]: SELinux is preventing /opt/rudder/bin/rudder-relayd from search access on the directory krb5.
|
|
|
|
***** Plugin catchall (100. confidence) suggests **************************
|
|
|
|
If you believe that rudder-relayd should be allowed search access on the krb5 directory by default.
|
|
Then you should report this as a bug.
|
|
You can generate a local policy module to allow this access.
|
|
Do
|
|
allow this access for now by executing:
|
|
# ausearch -c 'r2d2-worker-1' --raw | audit2allow -M my-r2d2worker1
|
|
# semodule -X 300 -i my-r2d2worker1.pp
|
|
|
|
Jul 31 06:21:22 server systemd[1]: Started /run/user/26 mount wrapper.
|
|
Jul 31 06:21:22 server systemd[1]: Created slice User Slice of UID 26.
|
|
Jul 31 06:21:22 server systemd[1]: Starting User Manager for UID 26...
|
|
Jul 31 06:21:22 server systemd[1]: Started Session c4 of user postgres.
|
|
Jul 31 06:21:22 server systemd[22259]: pam_unix(systemd-user:session): session opened for user postgres by (uid=0)
|
|
Jul 31 06:21:22 server systemd[22259]: Reached target Paths.
|
|
Jul 31 06:21:22 server systemd[22259]: Starting D-Bus User Message Bus Socket.
|
|
Jul 31 06:21:22 server systemd[22259]: Reached target Timers.
|
|
Jul 31 06:21:22 server systemd[22259]: Listening on D-Bus User Message Bus Socket.
|
|
Jul 31 06:21:22 server su[22249]: pam_unix(su-l:session): session opened for user postgres by (uid=0)
|
|
Jul 31 06:21:22 server systemd[22259]: Reached target Sockets.
|
|
Jul 31 06:21:22 server systemd[22259]: Reached target Basic System.
|
|
Jul 31 06:21:22 server systemd[22259]: Reached target Default.
|
|
Jul 31 06:21:22 server systemd[22259]: Startup finished in 40ms.
|
|
Jul 31 06:21:22 server systemd[1]: Started User Manager for UID 26.
|
|
Jul 31 06:21:22 server su[22249]: pam_unix(su-l:session): session closed for user postgres
|
|
Jul 31 06:21:23 server systemd[1]: user-runtime-dir@26.service: Unit not needed anymore. Stopping.
|
|
Jul 31 06:21:23 server systemd[1]: Stopping User Manager for UID 26...
|
|
Jul 31 06:21:23 server systemd[22259]: Stopped target Default.
|
|
Jul 31 06:21:23 server systemd[22259]: Stopped target Basic System.
|
|
Jul 31 06:21:23 server systemd[22259]: Stopped target Sockets.
|
|
Jul 31 06:21:23 server systemd[22259]: Closed D-Bus User Message Bus Socket.
|
|
Jul 31 06:21:23 server systemd[22259]: Stopped target Timers.
|
|
Jul 31 06:21:23 server systemd[22259]: Stopped target Paths.
|
|
Jul 31 06:21:23 server systemd[22259]: Reached target Shutdown.
|
|
Jul 31 06:21:23 server systemd[22259]: Starting Exit the Session...
|
|
Jul 31 06:21:23 server systemd[22263]: pam_unix(systemd-user:session): session closed for user postgres
|
|
Jul 31 06:21:23 server systemd[1]: user@26.service: Killing process 22305 (systemctl) with signal SIGKILL.
|
|
Jul 31 06:21:23 server systemd[1]: user-runtime-dir@26.service: Unit not needed anymore. Stopping.
|
|
Jul 31 06:21:23 server systemd[1]: Stopped User Manager for UID 26.
|
|
Jul 31 06:21:23 server systemd[1]: user-runtime-dir@26.service: Unit not needed anymore. Stopping.
|
|
Jul 31 06:21:23 server systemd[1]: Stopping /run/user/26 mount wrapper...
|
|
Jul 31 06:21:23 server systemd[1]: Removed slice User Slice of UID 26.
|
|
Jul 31 06:21:23 server systemd[1]: Stopped /run/user/26 mount wrapper.
|