Bug #11720
closed
policy generation failure via rudder-reload-cf-served if PATH is restricted.
Description
I just switched our master to enforcing mode (because otherwise cf-served seems to not run)
Policy generation fails since it seems to call cf-served but doesn't use a path on "service".
"service" here resides at /sbin which isn't in the search path.
What is one supposed to do then?
@(
⇨ Policy update error for process '1381' at 2017-11-13 15:42:19
⇨ Exit code=-2147483648 for hook: '/opt/rudder/etc/hooks.d/policy-generation-finished/50-reload-policy-file-server'.
stdout:
stderr: 'cf-serverd: no process found
/opt/rudder/bin/rudder-reload-cf-serverd: line 13: service: command not found
'@
(For now I have added "/sbin/" to the script but this is not ideal, and seems to be fixed in the package - I'm sure there's some code in the NCF service methods for this you can just re-use)
Updated by Benoît PECCATTE over 6 years ago
- Related to Bug #11721: cf-served seems to not work in audit mode added
Updated by Benoît PECCATTE over 6 years ago
- Target version set to 4.1.9
- Severity changed from Critical - prevents main use of Rudder | no workaround | data loss | security to Major - prevents use of part of Rudder | no simple workaround
- Priority changed from 76 to 52
Does the PATH on your command line contain /sbin ? We'd like to know if it has been altered by Rudder or not.
In this hook we should not use service but "rudder agent" instead. Does it work if you replace :
service rudder-agent restartin /opt/rudder/bin/rudder-reload-cf-serverd by :
rudder agent stop
rudder agent start
Updated by Vincent MEMBRÉ over 6 years ago
- Target version changed from 4.1.9 to 4.1.10
Updated by Vincent MEMBRÉ about 6 years ago
- Target version changed from 4.1.10 to 4.1.11
- Priority changed from 52 to 50
Updated by Vincent MEMBRÉ about 6 years ago
- Target version changed from 4.1.11 to 4.1.12
- Priority changed from 50 to 48
Updated by Vincent MEMBRÉ almost 6 years ago
- Target version changed from 4.1.12 to 4.1.13
Updated by Benoît PECCATTE almost 6 years ago
- Target version changed from 4.1.13 to 411
- Priority changed from 48 to 47
Updated by Benoît PECCATTE almost 6 years ago
- Target version changed from 411 to 4.1.13
Updated by Vincent MEMBRÉ almost 6 years ago
- Target version changed from 4.1.13 to 4.1.14
- Priority changed from 47 to 46
Updated by Benoît PECCATTE over 5 years ago
- Target version changed from 4.1.14 to 4.1.15
Updated by Vincent MEMBRÉ over 5 years ago
- Target version changed from 4.1.15 to 4.1.16
- Priority changed from 46 to 44
Updated by Vincent MEMBRÉ over 5 years ago
- Target version changed from 4.1.16 to 4.1.17
- Priority changed from 44 to 43
Updated by Vincent MEMBRÉ over 5 years ago
- Target version changed from 4.1.17 to 4.1.18
- Priority changed from 43 to 0
Updated by Vincent MEMBRÉ over 5 years ago
- Target version changed from 4.1.18 to 4.1.19
Updated by Alexis Mousset about 5 years ago
- Target version changed from 4.1.19 to 4.1.20
Updated by François ARMAND about 5 years ago
- Target version changed from 4.1.20 to 4.1.21
Updated by Vincent MEMBRÉ about 5 years ago
- Target version changed from 4.1.21 to 4.1.22
Updated by Benoît PECCATTE almost 5 years ago
- Target version changed from 4.1.22 to 5.0.10
Updated by Vincent MEMBRÉ almost 5 years ago
- Target version changed from 5.0.10 to 5.0.11
Updated by Vincent MEMBRÉ almost 5 years ago
- Target version changed from 5.0.11 to 5.0.12
Updated by Vincent MEMBRÉ almost 5 years ago
- Target version changed from 5.0.12 to 5.0.13
Updated by Vincent MEMBRÉ over 4 years ago
- Target version changed from 5.0.13 to 5.0.14
Updated by Vincent MEMBRÉ over 4 years ago
- Target version changed from 5.0.14 to 5.0.15
Updated by Vincent MEMBRÉ over 4 years ago
- Target version changed from 5.0.15 to 5.0.16
Updated by Alexis Mousset about 4 years ago
- Target version changed from 5.0.16 to 5.0.17
Updated by Vincent MEMBRÉ about 4 years ago
- Target version changed from 5.0.17 to 5.0.18
Updated by Vincent MEMBRÉ over 3 years ago
- Target version changed from 5.0.18 to 5.0.19
Updated by Vincent MEMBRÉ over 3 years ago
- Target version changed from 5.0.19 to 5.0.20
Updated by Vincent MEMBRÉ over 3 years ago
- Target version changed from 5.0.20 to 797
Updated by Benoît PECCATTE almost 3 years ago
- Target version changed from 797 to 6.1.14
Updated by Vincent MEMBRÉ almost 3 years ago
- Target version changed from 6.1.14 to 6.1.15
Updated by Vincent MEMBRÉ over 2 years ago
- Target version changed from 6.1.15 to 6.1.16
Updated by Vincent MEMBRÉ over 2 years ago
- Target version changed from 6.1.16 to 6.1.17
Updated by Vincent MEMBRÉ over 2 years ago
- Target version changed from 6.1.17 to 6.1.18
Updated by Vincent MEMBRÉ over 2 years ago
- Target version changed from 6.1.18 to 6.1.19
Updated by Alexis Mousset about 2 years ago
- Status changed from New to Resolved
we now use systemctl on all servers anyway, closing.