Project

General

Profile

Bug #11086

File content directive - Audit mode is not correctly supported

Added by Hamlyn Mootoo almost 3 years ago. Updated 6 months ago.

Status:
Released
Priority:
N/A
Category:
Agent
Target version:
Severity:
Minor - inconvenience | misleading | easy workaround
User visibility:
Operational - other Techniques | Technique editor | Rudder settings
Effort required:
Small
Priority:
0

Description

I created a directive in audit mode from the File content technique. The directive has a regex to replace lines. When it gets a regex match within the file, (but of course can't actually do the replacement because of audit mode) it reports an error, both when a 'rudder agent run' is done as well as in the GUI. Is this expected?

The interactive output follows:

A| compliant     checkGenericFileContent   File                      /etc/login.defs    The file /etc/login.defs was already in accordance with the policy
A| non-compliant checkGenericFileContent   File                      /etc/login.defs    The file /etc/login.defs could not be updated
A| compliant     checkGenericFileContent   Line deletion regular ex| /etc/login.defs    The file /etc/login.defs was not set for any line deletion
A| error         checkGenericFileContent   Line replacement regular| /etc/login.defs    The file /etc/login.defs was successfully updated using the replacement policy
A| compliant     checkGenericFileContent   Permission adjustment     /etc/login.defs    The file /etc/login.defs uses default permissions
A| compliant     checkGenericFileContent   Enforce content by secti| /etc/login.defs    The file /etc/login.defs was not set for section edition, skipping
A| compliant     checkGenericFileContent   Post-modification hook    /etc/login.defs    No command for /etc/login.defs was to be executed

## Summary #####################################################################
20 components verified in 7 directives
   => 13 components in Enforce mode
      -> 10 compliant
      -> 1 repaired
      -> 2 not-applicable
   => 7 components in Audit mode
      -> 5 compliant
      -> 1 non-compliant
      -> 1 error
execution time: 3.42s

Files


Related issues

Related to Rudder - Bug #16178: Agent is not correctly aborted when repaired is happening in audit modePending releaseNicolas CHARLESActions
#1

Updated by Alexis MOUSSET almost 3 years ago

  • Subject changed from File content directive - Line replacement regex in audit mode reports error - Is this expected behavior? to File content directive - Line replacement regex in audit mode reports error
  • Target version set to 4.1.6
  • User visibility set to Operational - other Techniques | Technique editor | Rudder settings
  • Priority changed from 0 to 32

The

A| error checkGenericFileContent Line replacement regular| /etc/login.defs The file /etc/login.defs was successfully updated using the replacement policy

line a clearly a bug, we should report a non-compliance if a replacement is needed (and have a non-compliance message too).

#2

Updated by Alexis MOUSSET almost 3 years ago

  • Description updated (diff)
#3

Updated by Alexis MOUSSET almost 3 years ago

  • Description updated (diff)
#4

Updated by Benoît PECCATTE almost 3 years ago

  • Effort required set to Very Small
  • Priority changed from 32 to 49
#5

Updated by Vincent MEMBRÉ almost 3 years ago

  • Target version changed from 4.1.6 to 4.1.7
#6

Updated by Vincent MEMBRÉ over 2 years ago

  • Target version changed from 4.1.7 to 4.1.8
  • Priority changed from 49 to 48
#7

Updated by Vincent MEMBRÉ over 2 years ago

  • Target version changed from 4.1.8 to 4.1.9
  • Priority changed from 48 to 47
#8

Updated by Benoît PECCATTE over 2 years ago

  • Priority changed from 47 to 58
#9

Updated by Vincent MEMBRÉ over 2 years ago

  • Target version changed from 4.1.9 to 4.1.10
  • Priority changed from 58 to 57
#10

Updated by Vincent MEMBRÉ over 2 years ago

  • Target version changed from 4.1.10 to 4.1.11
  • Priority changed from 57 to 55
#11

Updated by Vincent MEMBRÉ about 2 years ago

  • Target version changed from 4.1.11 to 4.1.12
  • Priority changed from 55 to 53
#12

Updated by Vincent MEMBRÉ about 2 years ago

  • Target version changed from 4.1.12 to 4.1.13
  • Priority changed from 53 to 52
#13

Updated by Benoît PECCATTE about 2 years ago

  • Target version changed from 4.1.13 to 411
#14

Updated by Benoît PECCATTE about 2 years ago

  • Target version changed from 411 to 4.1.13
#15

Updated by Vincent MEMBRÉ almost 2 years ago

  • Target version changed from 4.1.13 to 4.1.14
  • Priority changed from 52 to 51
#16

Updated by Benoît PECCATTE almost 2 years ago

  • Target version changed from 4.1.14 to 4.1.15
#17

Updated by Vincent MEMBRÉ over 1 year ago

  • Target version changed from 4.1.15 to 4.1.16
#18

Updated by Vincent MEMBRÉ over 1 year ago

  • Target version changed from 4.1.16 to 4.1.17
#19

Updated by Vincent MEMBRÉ over 1 year ago

  • Target version changed from 4.1.17 to 4.1.18
  • Priority changed from 51 to 0
#20

Updated by Vincent MEMBRÉ over 1 year ago

  • Target version changed from 4.1.18 to 4.1.19
#21

Updated by Alexis MOUSSET over 1 year ago

  • Target version changed from 4.1.19 to 4.1.20
#22

Updated by François ARMAND about 1 year ago

  • Target version changed from 4.1.20 to 4.1.21
#23

Updated by Vincent MEMBRÉ about 1 year ago

  • Target version changed from 4.1.21 to 4.1.22
#24

Updated by Vincent MEMBRÉ about 1 year ago

  • Target version changed from 4.1.22 to 4.1.23
#25

Updated by Vincent MEMBRÉ about 1 year ago

  • Target version changed from 4.1.23 to 4.1.24
#26

Updated by Vincent MEMBRÉ 11 months ago

  • Target version changed from 4.1.24 to 588
#27

Updated by Alexis MOUSSET 11 months ago

  • Subject changed from File content directive - Line replacement regex in audit mode reports error to File content directive - Audit mode is not correctly supported

We need to move from rudder_common_report_index to generic reporting bundle that handles audit reports.

#28

Updated by Alexis MOUSSET 11 months ago

  • Target version changed from 588 to 5.0.13
#29

Updated by Alexis MOUSSET 11 months ago

  • Effort required changed from Very Small to Small
#30

Updated by Vincent MEMBRÉ 9 months ago

  • Target version changed from 5.0.13 to 5.0.14
#31

Updated by Vincent MEMBRÉ 8 months ago

  • Target version changed from 5.0.14 to 5.0.15
#32

Updated by Nicolas CHARLES 7 months ago

  • Assignee set to Nicolas CHARLES
#33

Updated by Nicolas CHARLES 7 months ago

this is still happening

#34

Updated by Nicolas CHARLES 7 months ago

  • Status changed from New to In progress
#35

Updated by Nicolas CHARLES 7 months ago

  • Related to Bug #16178: Agent is not correctly aborted when repaired is happening in audit mode added
#36

Updated by Nicolas CHARLES 7 months ago

the replace_pattern defines a repaired class

rudder  verbose: P: BEGIN promise 'promise_checkGenericFileContent_cf_416' of type "replace_patterns" (pass 2)
rudder  verbose: P:    Promiser/affected object: 'kernel.shmmax=(?!12$).:'
rudder  verbose: P:    Part of bundle: check_generic_file_content_edition_8_0_2aabebb3_7fe4_4ca9_9530_e40214d70fcc
rudder  verbose: P:    Base context class: replace_lines.(replace_lines_destination_defined|(!no_replace_lines_destination_defined.!replace_lines_destination_defined))
rudder  verbose: P:    Stack path: /default/rudder_directives/methods/'Global configuration for all nodes/test l'audit'/default/check_generic_file_content_8_0_2aabebb3_7fe4_4ca9_9530_e4021
4d70fcc/files/'/tmp/audit'/default/check_generic_file_content_edition_8_0_2aabebb3_7fe4_4ca9_9530_e40214d70fcc/replace_patterns/'kernel.shmmax=(?!12$).:'[1]
rudder  verbose: P:
rudder  verbose: P:    Comment:  Replacing lines using the given regexps...
rudder  verbose: Looking at pattern 'kernel.shmmax=(?!12$).*'
rudder  verbose: Verifying replacement of 'kernel.shmmax=(?!12$).*' with 'kernel.shmmax=12', cutoff 2
rudder  verbose: Additional promise info: source path '/var/rudder/cfengine-community/inputs/checkGenericFileContent/8_0_2aabebb3_7fe4_4ca9_9530_e40214d70fcc/checkGenericFileContent.cf' at
 line 416 comment 'Replacing lines using the given regexps...'
rudder  verbose: Replaced pattern 'kernel.shmmax=(?!12$).*' in '/tmp/audit'
rudder  verbose: C:    + promise outcome class 'promise_repaired_file_content_modification_1_8_0_2aabebb3_7fe4_4ca9_9530_e40214d70fcc'
rudder  verbose: C:    + promise outcome class 'file_content_modification_1_8_0_2aabebb3_7fe4_4ca9_9530_e40214d70fcc_repaired'
rudder  verbose: C:    + promise outcome class 'file_content_modification_1_8_0_2aabebb3_7fe4_4ca9_9530_e40214d70fcc_ok'
rudder  verbose: C:    + promise outcome class 'file_content_modification_1_8_0_2aabebb3_7fe4_4ca9_9530_e40214d70fcc_reached'
rudder  verbose: C:    + promise outcome class 'file_content_modification_1_8_0_2aabebb3_7fe4_4ca9_9530_e40214d70fcc_not_kept'
rudder  verbose: cutoff 2, 'kernel.shmmax=12'
rudder  verbose: cutoff 2, 'kernel.shmmax=12'

even thought it is not replaced

#37

Updated by Nicolas CHARLES 7 months ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Nicolas CHARLES to Alexis MOUSSET
  • Pull Request set to https://github.com/Normation/rudder-techniques/pull/1559
#38

Updated by Nicolas CHARLES 7 months ago

  • Status changed from Pending technical review to Pending release
#44

Updated by Vincent MEMBRÉ 6 months ago

  • Status changed from Pending release to Released

This bug has been fixed in Rudder 5.0.15 which was released today.

Also available in: Atom PDF