Bug #11152
closed
Reporting on old technique fails in audit mode
Added by Maxime Longuet over 7 years ago.
Updated over 7 years ago.
Category:
Web - Compliance & node report
Severity:
Major - prevents use of part of Rudder | no simple workaround
User visibility:
Getting started - demo | first install | level 1 Techniques
Description
For a new node i've put Audit Mode on the Node.
But on report compliance i've :
This node has up to date policy and the agent is running. Reports below are from the latest run, which started on the node at 2017-07-21 17:27:27.
Current configuration ID for this node is '20170721-171353-93fe40dc' (generated on 2017-07-21 17:13:53).
The node is reporting an error regarding the requested policy mode of the policies. This problem require special attention.
Error for node 'da94dfa9-9cef-43e9-b9bf-daf8304aad62' in directive 'f00d263c-1601-46ec-9b31-a37bf564bfe6', other directives based on the same Technique have different Policy Mode
Error for node 'da94dfa9-9cef-43e9-b9bf-daf8304aad62' in directive '7607768b-d7be-4887-ba5e-f1a7cd4d59b0', other directives based on the same Technique have different Policy Mode
Error for node 'da94dfa9-9cef-43e9-b9bf-daf8304aad62' in directive '95106170-490d-455b-8cd0-6f73636bfefd', other directives based on the same Technique have different Policy Mode
Error for node 'da94dfa9-9cef-43e9-b9bf-daf8304aad62' in directive '5bfdab24-f8d8-426e-9aea-a31d89afb018', other directives based on the same Technique have different Policy Mode
134 reports below (out of 148 total reports) are not in Success, and may require attention."
With compliance in red with missing status. :(
- Target version set to 4.1.6
- Severity set to Major - prevents use of part of Rudder | no simple workaround
- User visibility set to Getting started - demo | first install | level 1 Techniques
- Priority changed from 0 to 70
- Assignee set to François ARMAND
I can reproduce the problem when some directives are sending "enforece" reports while the node is actually in audit.
In my case, the directive are correctly configured to be in audit in /var/rudder/cfengine-community/inputs/rudder-directives.cf, but they still send bad kind of reports. Perhaps the problems lie on the Techniques.
So, it happens on old version of Techniques that don't support audit mode (and for now, I didn't reproduce it on other cases).
Notice that on my cases, the audit mode was respected (i.e no changes were made) and only the reporting was incorrect - which is bad, but less bad than the case where changes would have been made on a node where none should have.
Migrating to last Technique version solved the reporting problem on my case.
Ok thanks, i'm check how mlgrate my 30 directives on enforce content file 6.0 to 7.0.. ;)
- Related to User story #7959: "rudder technique migrate" command to automatically upgrade all directives to a newer technique version added
- Subject changed from Audit mode on node to Reporting on old techniqe fail in audit mode
- Assignee changed from François ARMAND to Vincent MEMBRÉ
Let's change the message: this error happens when we have an old technique that doesn't report properly during audit mode.
- Assignee changed from Vincent MEMBRÉ to François ARMAND
- Status changed from New to In progress
- Status changed from In progress to Pending technical review
- Assignee changed from François ARMAND to Vincent MEMBRÉ
- Pull Request set to https://github.com/Normation/rudder/pull/1720
- Status changed from Pending technical review to Pending release
- Subject changed from Reporting on old techniqe fail in audit mode to Reporting on old technique fails in audit mode
- Status changed from Pending release to Released
This bug has been fixed in Rudder 4.1.6 and 4.2.0~beta3 which were released today.
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by 
Updated by