Actions
Bug #11086
closed
File content directive - Audit mode is not correctly supported
Pull Request:
Severity:
Minor - inconvenience | misleading | easy workaround
UX impact:
User visibility:
Operational - other Techniques | Technique editor | Rudder settings
Effort required:
Small
Priority:
0
Name check:
Reviewed
Fix check:
Checked
Regression:
Description
I created a directive in audit mode from the File content technique. The directive has a regex to replace lines. When it gets a regex match within the file, (but of course can't actually do the replacement because of audit mode) it reports an error, both when a 'rudder agent run' is done as well as in the GUI. Is this expected?
The interactive output follows:
A| compliant checkGenericFileContent File /etc/login.defs The file /etc/login.defs was already in accordance with the policy
A| non-compliant checkGenericFileContent File /etc/login.defs The file /etc/login.defs could not be updated
A| compliant checkGenericFileContent Line deletion regular ex| /etc/login.defs The file /etc/login.defs was not set for any line deletion
A| error checkGenericFileContent Line replacement regular| /etc/login.defs The file /etc/login.defs was successfully updated using the replacement policy
A| compliant checkGenericFileContent Permission adjustment /etc/login.defs The file /etc/login.defs uses default permissions
A| compliant checkGenericFileContent Enforce content by secti| /etc/login.defs The file /etc/login.defs was not set for section edition, skipping
A| compliant checkGenericFileContent Post-modification hook /etc/login.defs No command for /etc/login.defs was to be executed
## Summary #####################################################################
20 components verified in 7 directives
=> 13 components in Enforce mode
-> 10 compliant
-> 1 repaired
-> 2 not-applicable
=> 7 components in Audit mode
-> 5 compliant
-> 1 non-compliant
-> 1 error
execution time: 3.42s
Files
Updated by Alexis Mousset almost 8 years ago
- Subject changed from File content directive - Line replacement regex in audit mode reports error - Is this expected behavior? to File content directive - Line replacement regex in audit mode reports error
- Target version set to 4.1.6
- User visibility set to Operational - other Techniques | Technique editor | Rudder settings
- Priority changed from 0 to 32
The
A| error checkGenericFileContent Line replacement regular| /etc/login.defs The file /etc/login.defs was successfully updated using the replacement policy
line a clearly a bug, we should report a non-compliance if a replacement is needed (and have a non-compliance message too).
Updated by 
Updated by 
Updated by Alexis Mousset almost 6 years ago
- Subject changed from File content directive - Line replacement regex in audit mode reports error to File content directive - Audit mode is not correctly supported
We need to move from rudder_common_report_index to generic reporting bundle that handles audit reports.
Updated by Nicolas CHARLES over 5 years ago
the replace_pattern defines a repaired class
rudder verbose: P: BEGIN promise 'promise_checkGenericFileContent_cf_416' of type "replace_patterns" (pass 2) rudder verbose: P: Promiser/affected object: 'kernel.shmmax=(?!12$).:' rudder verbose: P: Part of bundle: check_generic_file_content_edition_8_0_2aabebb3_7fe4_4ca9_9530_e40214d70fcc rudder verbose: P: Base context class: replace_lines.(replace_lines_destination_defined|(!no_replace_lines_destination_defined.!replace_lines_destination_defined)) rudder verbose: P: Stack path: /default/rudder_directives/methods/'Global configuration for all nodes/test l'audit'/default/check_generic_file_content_8_0_2aabebb3_7fe4_4ca9_9530_e4021 4d70fcc/files/'/tmp/audit'/default/check_generic_file_content_edition_8_0_2aabebb3_7fe4_4ca9_9530_e40214d70fcc/replace_patterns/'kernel.shmmax=(?!12$).:'[1] rudder verbose: P: rudder verbose: P: Comment: Replacing lines using the given regexps... rudder verbose: Looking at pattern 'kernel.shmmax=(?!12$).*' rudder verbose: Verifying replacement of 'kernel.shmmax=(?!12$).*' with 'kernel.shmmax=12', cutoff 2 rudder verbose: Additional promise info: source path '/var/rudder/cfengine-community/inputs/checkGenericFileContent/8_0_2aabebb3_7fe4_4ca9_9530_e40214d70fcc/checkGenericFileContent.cf' at line 416 comment 'Replacing lines using the given regexps...' rudder verbose: Replaced pattern 'kernel.shmmax=(?!12$).*' in '/tmp/audit' rudder verbose: C: + promise outcome class 'promise_repaired_file_content_modification_1_8_0_2aabebb3_7fe4_4ca9_9530_e40214d70fcc' rudder verbose: C: + promise outcome class 'file_content_modification_1_8_0_2aabebb3_7fe4_4ca9_9530_e40214d70fcc_repaired' rudder verbose: C: + promise outcome class 'file_content_modification_1_8_0_2aabebb3_7fe4_4ca9_9530_e40214d70fcc_ok' rudder verbose: C: + promise outcome class 'file_content_modification_1_8_0_2aabebb3_7fe4_4ca9_9530_e40214d70fcc_reached' rudder verbose: C: + promise outcome class 'file_content_modification_1_8_0_2aabebb3_7fe4_4ca9_9530_e40214d70fcc_not_kept' rudder verbose: cutoff 2, 'kernel.shmmax=12' rudder verbose: cutoff 2, 'kernel.shmmax=12'
even thought it is not replaced
Updated by Nicolas CHARLES over 5 years ago
- Status changed from In progress to Pending technical review
- Assignee changed from Nicolas CHARLES to Alexis Mousset
- Pull Request set to https://github.com/Normation/rudder-techniques/pull/1559
Updated by Nicolas CHARLES over 5 years ago
- Status changed from Pending technical review to Pending release
Applied in changeset rudder-techniques|1109be9f653c74709e7664bfd712f5325838e930.
Updated by Nicolas CHARLES over 5 years ago
Applied in changeset rudder-techniques|8c7ccc5ffc32a63321b4f95d166d08faeff767cf.
Updated by Vincent MEMBRÉ over 5 years ago
- Status changed from Pending release to Released
This bug has been fixed in Rudder 5.0.15 which was released today.
Actions