Actions
Bug #11086
closed
File content directive - Audit mode is not correctly supported
Bug #11086:
File content directive - Audit mode is not correctly supported
Pull Request:
Severity:
Minor - inconvenience | misleading | easy workaround
UX impact:
User visibility:
Operational - other Techniques | Technique editor | Rudder settings
Effort required:
Small
Priority:
0
Name check:
Reviewed
Fix check:
Checked
Regression:
Description
I created a directive in audit mode from the File content technique. The directive has a regex to replace lines. When it gets a regex match within the file, (but of course can't actually do the replacement because of audit mode) it reports an error, both when a 'rudder agent run' is done as well as in the GUI. Is this expected?
The interactive output follows:
A| compliant checkGenericFileContent File /etc/login.defs The file /etc/login.defs was already in accordance with the policy
A| non-compliant checkGenericFileContent File /etc/login.defs The file /etc/login.defs could not be updated
A| compliant checkGenericFileContent Line deletion regular ex| /etc/login.defs The file /etc/login.defs was not set for any line deletion
A| error checkGenericFileContent Line replacement regular| /etc/login.defs The file /etc/login.defs was successfully updated using the replacement policy
A| compliant checkGenericFileContent Permission adjustment /etc/login.defs The file /etc/login.defs uses default permissions
A| compliant checkGenericFileContent Enforce content by secti| /etc/login.defs The file /etc/login.defs was not set for section edition, skipping
A| compliant checkGenericFileContent Post-modification hook /etc/login.defs No command for /etc/login.defs was to be executed
## Summary #####################################################################
20 components verified in 7 directives
=> 13 components in Enforce mode
-> 10 compliant
-> 1 repaired
-> 2 not-applicable
=> 7 components in Audit mode
-> 5 compliant
-> 1 non-compliant
-> 1 error
execution time: 3.42s
Files
Updated by Alexis Mousset over 8 years ago
- Subject changed from File content directive - Line replacement regex in audit mode reports error - Is this expected behavior? to File content directive - Line replacement regex in audit mode reports error
- Target version set to 4.1.6
- User visibility set to Operational - other Techniques | Technique editor | Rudder settings
- Priority changed from 0 to 32
The
A| error checkGenericFileContent Line replacement regular| /etc/login.defs The file /etc/login.defs was successfully updated using the replacement policy
line a clearly a bug, we should report a non-compliance if a replacement is needed (and have a non-compliance message too).
Updated by Alexis Mousset over 8 years ago
- Description updated (diff)
Updated by Alexis Mousset over 8 years ago
- Description updated (diff)
Updated by Benoît PECCATTE over 8 years ago
- Effort required set to Very Small
- Priority changed from 32 to 49
Updated by Vincent MEMBRÉ over 8 years ago
- Target version changed from 4.1.6 to 4.1.7
Updated by Vincent MEMBRÉ about 8 years ago
- Target version changed from 4.1.7 to 4.1.8
- Priority changed from 49 to 48
Updated by Vincent MEMBRÉ about 8 years ago
- Target version changed from 4.1.8 to 4.1.9
- Priority changed from 48 to 47
Updated by Benoît PECCATTE about 8 years ago
- Priority changed from 47 to 58
Updated by Vincent MEMBRÉ almost 8 years ago
- Target version changed from 4.1.9 to 4.1.10
- Priority changed from 58 to 57
Updated by Vincent MEMBRÉ over 7 years ago
- Target version changed from 4.1.10 to 4.1.11
- Priority changed from 57 to 55
Updated by Vincent MEMBRÉ over 7 years ago
- Target version changed from 4.1.11 to 4.1.12
- Priority changed from 55 to 53
Updated by Vincent MEMBRÉ over 7 years ago
- Target version changed from 4.1.12 to 4.1.13
- Priority changed from 53 to 52
Updated by Benoît PECCATTE over 7 years ago
- Target version changed from 4.1.13 to 411
Updated by Benoît PECCATTE over 7 years ago
- Target version changed from 411 to 4.1.13
Updated by Vincent MEMBRÉ over 7 years ago
- Target version changed from 4.1.13 to 4.1.14
- Priority changed from 52 to 51
Updated by Benoît PECCATTE over 7 years ago
- Target version changed from 4.1.14 to 4.1.15
Updated by Vincent MEMBRÉ about 7 years ago
- Target version changed from 4.1.15 to 4.1.16
Updated by Vincent MEMBRÉ about 7 years ago
- Target version changed from 4.1.16 to 4.1.17
Updated by Vincent MEMBRÉ almost 7 years ago
- Target version changed from 4.1.17 to 4.1.18
- Priority changed from 51 to 0
Updated by Vincent MEMBRÉ almost 7 years ago
- Target version changed from 4.1.18 to 4.1.19
Updated by Alexis Mousset almost 7 years ago
- Target version changed from 4.1.19 to 4.1.20
Updated by François ARMAND over 6 years ago
- Target version changed from 4.1.20 to 4.1.21
Updated by Vincent MEMBRÉ over 6 years ago
- Target version changed from 4.1.21 to 4.1.22
Updated by Vincent MEMBRÉ over 6 years ago
- Target version changed from 4.1.22 to 4.1.23
Updated by Vincent MEMBRÉ over 6 years ago
- Target version changed from 4.1.23 to 4.1.24
Updated by Vincent MEMBRÉ over 6 years ago
- Target version changed from 4.1.24 to 588
Updated by Alexis Mousset over 6 years ago
- Subject changed from File content directive - Line replacement regex in audit mode reports error to File content directive - Audit mode is not correctly supported
We need to move from rudder_common_report_index to generic reporting bundle that handles audit reports.
Updated by Alexis Mousset over 6 years ago
- Target version changed from 588 to 5.0.13
Updated by Alexis Mousset over 6 years ago
- Effort required changed from Very Small to Small
Updated by Vincent MEMBRÉ about 6 years ago
- Target version changed from 5.0.13 to 5.0.14
Updated by Vincent MEMBRÉ about 6 years ago
- Target version changed from 5.0.14 to 5.0.15
Updated by Nicolas CHARLES about 6 years ago
- Assignee set to Nicolas CHARLES
Updated by Nicolas CHARLES about 6 years ago
this is still happening
Updated by Nicolas CHARLES about 6 years ago
- Status changed from New to In progress
Updated by Nicolas CHARLES about 6 years ago
- Related to Bug #16178: Agent is not correctly aborted when repaired is happening in audit mode added
Updated by Nicolas CHARLES about 6 years ago
the replace_pattern defines a repaired class
rudder verbose: P: BEGIN promise 'promise_checkGenericFileContent_cf_416' of type "replace_patterns" (pass 2) rudder verbose: P: Promiser/affected object: 'kernel.shmmax=(?!12$).:' rudder verbose: P: Part of bundle: check_generic_file_content_edition_8_0_2aabebb3_7fe4_4ca9_9530_e40214d70fcc rudder verbose: P: Base context class: replace_lines.(replace_lines_destination_defined|(!no_replace_lines_destination_defined.!replace_lines_destination_defined)) rudder verbose: P: Stack path: /default/rudder_directives/methods/'Global configuration for all nodes/test l'audit'/default/check_generic_file_content_8_0_2aabebb3_7fe4_4ca9_9530_e4021 4d70fcc/files/'/tmp/audit'/default/check_generic_file_content_edition_8_0_2aabebb3_7fe4_4ca9_9530_e40214d70fcc/replace_patterns/'kernel.shmmax=(?!12$).:'[1] rudder verbose: P: rudder verbose: P: Comment: Replacing lines using the given regexps... rudder verbose: Looking at pattern 'kernel.shmmax=(?!12$).*' rudder verbose: Verifying replacement of 'kernel.shmmax=(?!12$).*' with 'kernel.shmmax=12', cutoff 2 rudder verbose: Additional promise info: source path '/var/rudder/cfengine-community/inputs/checkGenericFileContent/8_0_2aabebb3_7fe4_4ca9_9530_e40214d70fcc/checkGenericFileContent.cf' at line 416 comment 'Replacing lines using the given regexps...' rudder verbose: Replaced pattern 'kernel.shmmax=(?!12$).*' in '/tmp/audit' rudder verbose: C: + promise outcome class 'promise_repaired_file_content_modification_1_8_0_2aabebb3_7fe4_4ca9_9530_e40214d70fcc' rudder verbose: C: + promise outcome class 'file_content_modification_1_8_0_2aabebb3_7fe4_4ca9_9530_e40214d70fcc_repaired' rudder verbose: C: + promise outcome class 'file_content_modification_1_8_0_2aabebb3_7fe4_4ca9_9530_e40214d70fcc_ok' rudder verbose: C: + promise outcome class 'file_content_modification_1_8_0_2aabebb3_7fe4_4ca9_9530_e40214d70fcc_reached' rudder verbose: C: + promise outcome class 'file_content_modification_1_8_0_2aabebb3_7fe4_4ca9_9530_e40214d70fcc_not_kept' rudder verbose: cutoff 2, 'kernel.shmmax=12' rudder verbose: cutoff 2, 'kernel.shmmax=12'
even thought it is not replaced
Updated by Nicolas CHARLES about 6 years ago
- Status changed from In progress to Pending technical review
- Assignee changed from Nicolas CHARLES to Alexis Mousset
- Pull Request set to https://github.com/Normation/rudder-techniques/pull/1559
Updated by Nicolas CHARLES about 6 years ago
- Status changed from Pending technical review to Pending release
Applied in changeset rudder-techniques|1109be9f653c74709e7664bfd712f5325838e930.
Updated by Nicolas CHARLES about 6 years ago
Applied in changeset rudder-techniques|8c7ccc5ffc32a63321b4f95d166d08faeff767cf.
Updated by Vincent MEMBRÉ almost 6 years ago
- Fix check set to To do
Updated by Vincent MEMBRÉ almost 6 years ago
- Name check set to To do
Updated by Alexis Mousset almost 6 years ago
- Name check changed from To do to Reviewed
Updated by Alexis Mousset almost 6 years ago
- Fix check changed from To do to Checked
Updated by Vincent MEMBRÉ almost 6 years ago
- Status changed from Pending release to Released
This bug has been fixed in Rudder 5.0.15 which was released today.
Actions