Project

General

Profile

Bug #12765

System Techniques must not be added by reload technique, only updated, else they are duplicated

Added by Nicolas CHARLES 6 months ago. Updated 5 months ago.

Status:
Released
Priority:
N/A
Category:
System techniques
Target version:
Severity:
User visibility:
Effort required:
Priority:
0

Description

On Rudder 4.3.2 with DSC plugin 4.2-1.8.0, I get the System Technique "DSC Common policies" in the Directive list, and so I can create directive based on it

see screenshot

May happen on 4.2 as well

Capture du 2018-06-08 15-46-46.png (12.4 KB) Capture du 2018-06-08 15-46-46.png Nicolas CHARLES, 2018-06-08 13:49
1368

Related issues

Related to Rudder - Bug #12764: Policy generation with Rudder 4.2 and a DSC nodeRejected

Associated revisions

Revision 08b9703b (diff)
Added by François ARMAND 6 months ago

Fixes #12765: System Techniques must not be added by reload technique, only updated, else they are duplicated

History

#1 Updated by Nicolas CHARLES 6 months ago

Somohow, I have two dsc-common technique in my ative technique tree:

dn: activeTechniqueId=38895185-8260-4b0c-9cbb-8f550fb2dcef,techniqueCategory
 Id=6ece2d94-f514-451c-a2d0-c0dfbb270de9,techniqueCategoryId=Active Techniqu
 es,ou=Rudder,cn=rudder-configuration
activeTechniqueId: 38895185-8260-4b0c-9cbb-8f550fb2dcef
objectClass: activeTechnique
objectClass: top
techniqueId: dsc-common
isEnabled: TRUE
isSystem: FALSE
structuralObjectClass: activeTechnique
entryUUID: 256f3fb6-ff43-1037-8963-3764802316be
creatorsName: cn=manager,cn=rudder-configuration
createTimestamp: 20180608083905Z
acceptationTimestamp: {"1.0":"20180608134109.444Z"}
entryCSN: 20180608134109.457033Z#000000#000#000000
modifiersName: cn=manager,cn=rudder-configuration
modifyTimestamp: 20180608134109Z

dn: activeTechniqueId=dsc-common,techniqueCategoryId=Rudder Internal,techniq
 ueCategoryId=Active Techniques,ou=Rudder,cn=rudder-configuration
objectClass: activeTechnique
objectClass: top
acceptationTimestamp: {"1.0":"20170101010100.000Z"}
techniqueId: dsc-common
isEnabled: TRUE
isSystem: TRUE
activeTechniqueId: dsc-common
structuralObjectClass: activeTechnique
entryUUID: 2828cd58-ff43-1037-8966-3764802316be
creatorsName: cn=manager,cn=rudder-configuration
createTimestamp: 20180608083909Z
entryCSN: 20180608083909.574038Z#000000#000#000000
modifiersName: cn=manager,cn=rudder-configuration
modifyTimestamp: 20180608083909Z

#2 Updated by Nicolas CHARLES 6 months ago

It may be related to an upgrade of the DSC plugin...

#3 Updated by Félix DALLIDET 6 months ago

I had the same problem on a fresh install of rudder and plugin.

#4 Updated by Nicolas CHARLES 6 months ago

When we install the DSC plugin, it
  1. add techniques in /var/rudder/configuration-repository/techniques
  2. schedule a reload of the technique tree at next webapp restart
  3. restart the webapp
  4. the webapp reloads the techniques, create the ActiveTechnique
  5. the plugin adds the ative techniques
[2018-06-11 11:47:48] INFO  bootchecks - Flag file '/opt/rudder/etc/force_technique_reload' found, reload Technique library now
[2018-06-11 11:47:49] INFO  com.normation.cfclerk.services.impl.TechniqueRepositoryImpl - Reloading technique library, found modified technique(s): ['windowsSoftware': updated (1.0: VersionAdded)], ['dsc-common': updated (1.0: VersionAdded)], ['registryManagement': updated (3.0: VersionAdded)]
[2018-06-11 11:47:49] INFO  com.normation.rudder.services.policies.TechniqueAcceptationUpdater - Automatically adding technique 'windowsSoftware' in category 'Application management (applications)' of active techniques library
[2018-06-11 11:47:49] DEBUG com.normation.rudder.repository.xml.GitActiveTechniqueArchiverImpl - Archived technique library template: /var/rudder/configuration-repository/directives/applications/windowsSoftware/activeTechniqueSettings.xml
[2018-06-11 11:47:49] DEBUG com.normation.rudder.repository.xml.UpdatePiOnActiveTechniqueEvent - Executing archivage of PIs for UPT 'ActiveTechnique(ActiveTechniqueId(7515cd7c-440c-49cd-9fa3-5371361ad6f7),windowsSoftware,Map(1.0 -> 2018-06-11T11:47:49.566+02:00),List(),true,false)'
[2018-06-11 11:47:49] DEBUG com.normation.rudder.repository.xml.GitActiveTechniqueArchiverImpl - Add file directives/applications/windowsSoftware/activeTechniqueSettings.xml from configuration repository
[2018-06-11 11:47:49] DEBUG com.normation.rudder.repository.xml.GitActiveTechniqueArchiverImpl - file directives/applications/windowsSoftware/activeTechniqueSettings.xml was added in commit d1fb10a2293ee22248df1b36e65ee60cb4e39a2b
[2018-06-11 11:47:49] DEBUG com.normation.rudder.repository.xml.GitActiveTechniqueCategoryArchiverImpl - Archived technique library category: /var/rudder/configuration-repository/directives/70424589-d52e-4b60-8e3f-400a22927518/category.xml
[2018-06-11 11:47:49] DEBUG com.normation.rudder.repository.xml.GitActiveTechniqueCategoryArchiverImpl - Add file directives/70424589-d52e-4b60-8e3f-400a22927518/category.xml from configuration repository
[2018-06-11 11:47:50] DEBUG com.normation.rudder.repository.xml.GitActiveTechniqueCategoryArchiverImpl - file directives/70424589-d52e-4b60-8e3f-400a22927518/category.xml was added in commit 611228307dd6c04d1bdeb7dad84c4dbab4a89b29
[2018-06-11 11:47:50] INFO  com.normation.rudder.services.policies.TechniqueAcceptationUpdater - Automatically adding technique 'dsc-common' in category 'System Techniques (70424589-d52e-4b60-8e3f-400a22927518)' of active techniques library
[2018-06-11 11:47:50] DEBUG com.normation.rudder.repository.xml.GitActiveTechniqueArchiverImpl - Archived technique library template: /var/rudder/configuration-repository/directives/70424589-d52e-4b60-8e3f-400a22927518/dsc-common/activeTechniqueSettings.xml
[2018-06-11 11:47:50] DEBUG com.normation.rudder.repository.xml.UpdatePiOnActiveTechniqueEvent - Executing archivage of PIs for UPT 'ActiveTechnique(ActiveTechniqueId(48c1b313-857a-4959-92c5-81e08bc930a5),dsc-common,Map(1.0 -> 2018-06-11T11:47:50.075+02:00),List(),true,false)'
[2018-06-11 11:47:50] DEBUG com.normation.rudder.repository.xml.GitActiveTechniqueArchiverImpl - Add file directives/70424589-d52e-4b60-8e3f-400a22927518/dsc-common/activeTechniqueSettings.xml from configuration repository
[2018-06-11 11:47:50] DEBUG com.normation.rudder.repository.xml.GitActiveTechniqueArchiverImpl - file directives/70424589-d52e-4b60-8e3f-400a22927518/dsc-common/activeTechniqueSettings.xml was added in commit 8a2a664207388bbe3dd53648eccacda9b46061f0

then

[2018-06-11 11:47:54] INFO  application - Initializing plugin 'rudder-plugin-dsc' [com.normation.plugins.dsc.DscPluginDef]
[2018-06-11 11:47:54] INFO  application.plugin - loading 'rudder-plugin-dsc:4.2-1.8.0' plugin
[2018-06-11 11:47:54] INFO  bootchecks - Updating system configuration for DSC based agent stored in entry 'nodeGroupId=all-nodes-with-dsc-agent,groupCategoryId=SystemGroups,groupCategoryId=GroupRoot,ou=Rudder,cn=rudder-configuration': LDIFAddChangeRecord(dn='nodeGroupId=all-nodes-with-dsc-agent,groupCategoryId=SystemGroups,groupCategoryId=GroupRoot,ou=Rudder,cn=rudder-configuration', attrs={Attribute(name=objectClass, values={'nodeGroup', 'top'}), Attribute(name=cn, values={'All nodes with a Rudder Windows DSC agent'}), Attribute(name=isDynamic, values={'TRUE'}), Attribute(name=description, values={'All nodes with a Rudder Windows DSC agent'}), Attribute(name=isEnabled, values={'TRUE'}), Attribute(name=isSystem, values={'TRUE'}), Attribute(name=jsonNodeGroupQuery, values={'{"select":"nodeAndPolicyServer","composition":"And","where":[{"objectType":"node","attribute":"agentName","comparator":"eq","value":"dsc"}]}'}), Attribute(name=nodeGroupId, values={'all-nodes-with-dsc-agent'})})
[2018-06-11 11:47:54] INFO  bootchecks - Updating system configuration for DSC based agent stored in entry 'activeTechniqueId=dsc-common,techniqueCategoryId=Rudder Internal,techniqueCategoryId=Active Techniques,ou=Rudder,cn=rudder-configuration': LDIFAddChangeRecord(dn='activeTechniqueId=dsc-common,techniqueCategoryId=Rudder Internal,techniqueCategoryId=Active Techniques,ou=Rudder,cn=rudder-configuration', attrs={Attribute(name=objectClass, values={'activeTechnique', 'top'}), Attribute(name=acceptationTimestamp, values={'{"1.0":"20170101010100.000Z"}'}), Attribute(name=techniqueId, values={'dsc-common'}), Attribute(name=isEnabled, values={'TRUE'}), Attribute(name=isSystem, values={'TRUE'}), Attribute(name=activeTechniqueId, values={'dsc-common'})})
[2018-06-11 11:47:54] INFO  bootchecks - Updating system configuration for DSC based agent stored in entry 'directiveId=dsc-common-all,activeTechniqueId=dsc-common,techniqueCategoryId=Rudder Internal,techniqueCategoryId=Active Techniques,ou=Rudder,cn=rudder-configuration': LDIFAddChangeRecord(dn='directiveId=dsc-common-all,activeTechniqueId=dsc-common,techniqueCategoryId=Rudder Internal,techniqueCategoryId=Active Techniques,ou=Rudder,cn=rudder-configuration', attrs={Attribute(name=objectClass, values={'directive', 'top'}), Attribute(name=techniqueVersion, values={'1.0'}), Attribute(name=cn, values={'DSC Based agent configuration'}), Attribute(name=description, values={'System configuration for base agent'}), Attribute(name=directivePriority, values={'0'}), Attribute(name=isEnabled, values={'TRUE'}), Attribute(name=isSystem, values={'TRUE'}), Attribute(name=serializedTags, values={'[]'}), Attribute(name=directiveId, values={'dsc-common-all'})})
[2018-06-11 11:47:54] INFO  bootchecks - Updating system configuration for DSC based agent stored in entry 'ruleId=dsc-agent-all,ou=Rules,ou=Rudder,cn=rudder-configuration': LDIFAddChangeRecord(dn='ruleId=dsc-agent-all,ou=Rules,ou=Rudder,cn=rudder-configuration', attrs={Attribute(name=objectClass, values={'rule', 'top'}), Attribute(name=serial, values={'0'}), Attribute(name=cn, values={'Rudder system policy: base configuration for DSC based agent'}), Attribute(name=description, values={'Rudder system policy: base configuration for DSC based agent'}), Attribute(name=longDescription, values={'This rule manage based configuration for DSC agent'}), Attribute(name=ruleTarget, values={'group:all-nodes-with-dsc-agent'}), Attribute(name=directiveId, values={'dsc-common-all'}), Attribute(name=isEnabled, values={'TRUE'}), Attribute(name=isSystem, values={'TRUE'}), Attribute(name=ruleId, values={'dsc-agent-all'})})
[2018-06-11 11:47:54] INFO  application - Application Rudder started

#5 Updated by François ARMAND 6 months ago

  • Target version changed from 4.3.3 to 4.1.13

So, the correct behavior is to never add a system technique with reload techniques. They are special and must be added by other means.

In reload technique, we ignore that case (with a log).

#6 Updated by François ARMAND 6 months ago

  • Subject changed from System Technique "DSC Common policies" appears in the Technique & Directive tree to System Techniques must not be added by reload technique, only updated, else they are duplicated

#7 Updated by François ARMAND 6 months ago

  • Status changed from New to In progress
  • Assignee set to François ARMAND

#8 Updated by François ARMAND 6 months ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from François ARMAND to Vincent MEMBRÉ
  • Pull Request set to https://github.com/Normation/rudder/pull/1966

#9 Updated by François ARMAND 6 months ago

  • Status changed from Pending technical review to Pending release

#10 Updated by Benoît PECCATTE 6 months ago

  • Related to Bug #12764: Policy generation with Rudder 4.2 and a DSC node added

#11 Updated by Vincent MEMBRÉ 5 months ago

  • Status changed from Pending release to Released

This bug has been fixed in Rudder 4.1.13, 4.2.7 and 4.3.3 which were released today.

Also available in: Atom PDF