Project

General

Profile

Actions

Bug #10484

closed

Use the same initial database password everywhere to avoid breaking database connection before rudder-init

Added by Nicolas CHARLES about 7 years ago. Updated almost 7 years ago.

Status:
Released
Priority:
N/A
Category:
Packaging
Target version:
Severity:
Critical - prevents main use of Rudder | no workaround | data loss | security
UX impact:
User visibility:
First impressions of Rudder
Effort required:
Priority:
0
Name check:
Fix check:
Regression:

Description

During install of Rudder 4.1, I had an issue with ldap (see #10482 for instance)
It caused rudder-upgrade to fail

INFO: Checking if rudder-web.properties database access credentials are all right... LDAP OK,  SQL Credentials updated
INFO: Checking if inventory-web.properties database access credentials are all right... LDAP OK,  SQL skipped
INFO: Checking PostgreSQL service status... OK
INFO: Checking LDAP service status............ FAILED
LDAP service verification failed after 10 tries.

ERROR: The migration has failed in some steps. Check previous error messages.
Please restart the failed service(s), and start the migration script again.
(on a single Rudder server, try service rudder restart)
Once it is working, run:
# /opt/rudder/bin/rudder-upgrade

running again rudder-upgrade failed, because it changed the SQL credential in /opt/rudder/etc/rudder-web.properties with invalid default credential
So script use this password to try to connect again to Postgres and fails

INFO: Checking if rudder-web.properties database access credentials are all right... LDAP OK,  SQL OK
INFO: Checking if inventory-web.properties database access credentials are all right... LDAP OK,  SQL skipped
INFO: Alternative source path added: /var/rudder/configuration-repository/ncf
INFO: A Technique library reload is needed and has been scheduled.
INFO: Checking PostgreSQL service status............ FAILED
PostgreSQL service verification failed after 10 tries.

Agent is not running, as rudder-init cannot be run yet because of the error to correct

Root cause is default password for postgresql is Normation, but distributed /opt/rudder/etc/rudder-password.conf contains rudder as a password
We need to change the default password in this file to match the real config, and make sure system would recover

Actions

Also available in: Atom PDF