Bug #14268: Broken authorized networks in centos6 - Rudder - Issue Tracker

Actions

Copy link

Bug #14268

closed

Broken authorized networks in centos6

Added by Félix DALLIDET about 5 years ago. Updated over 4 years ago.

Status:

Rejected

Priority:

N/A

Assignee:

Category:

Server components

Target version:

4.1.24

Pull Request:

Severity:

Minor - inconvenience | misleading | easy workaround

UX impact:

User visibility:

Getting started - demo | first install | Technique editor and level 1 Techniques

Effort required:

Priority:

Name check:

Fix check:

Regression:

Description

When installing a centos6 server, the authorized networks set up with rudder-init does not seems to be immediatly effective.
This can be see easily in rtf, setting up a server and an agent and then running the base scenario on it.

Each inventory coming from the agent will be denied by the server, until another server run is triggered.
Output on the agent:

04:50:56        +   info          Inventory                 inventory                                    User list generation tool is not present yet. Skipping...
04:50:56        +rudder     info: Edit file '/var/rudder/tmp/inventory/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs'
04:50:56        +rudder     info: Edit file '/var/rudder/tmp/inventory/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs'
04:50:56        +rudder     info: Copying from 'localhost:/var/rudder/tmp/inventory/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs'
04:50:56        +rudder     info: Transforming '/opt/rudder/bin/rudder-sign "/var/rudder/inventories/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs"' 
04:50:56        +rudder     info: Transformer '/var/rudder/inventories/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs' => '/opt/rudder/bin/rudder-sign "/var/rudder/inventories/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs"' seemed to work ok
04:50:56        +rudder     info: Transforming '/bin/gzip -fq /var/rudder/inventories/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs' 
04:50:56        +rudder     info: Transformer '/var/rudder/inventories/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs' => '/bin/gzip -fq /var/rudder/inventories/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs' seemed to work ok
04:50:56        +rudder     info: Transforming '/usr/bin/curl -L -k -1 -f -s --proxy '' --user rudder:rudder -T /var/rudder/inventories/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs.sign https://server/inventories/' 
04:50:56        +   error: Finished command related to promiser '/var/rudder/inventories' -- an error occurred, returned 22
04:50:56        +rudder     info: Automatically promoting context scope for 'cant_send_inventory' to namespace visibility, due to persistence
04:50:56        +   error: Transformer '/var/rudder/inventories/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs.sign' => '/usr/bin/curl -L -k -1 -f -s --proxy '' --user rudder:rudder -T /var/rudder/inventories/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs.sign https://server/inventories/' returned error
04:50:56        +rudder     info: Transforming '/usr/bin/curl -L -k -1 -f -s --proxy '' --user rudder:rudder -T /var/rudder/inventories/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs.gz https://server/inventories/' 
04:50:56        +   error: Finished command related to promiser '/var/rudder/inventories' -- an error occurred, returned 22
04:50:56        +rudder     info: Automatically promoting context scope for 'cant_send_inventory' to namespace visibility, due to persistence
04:50:56        +   error: Transformer '/var/rudder/inventories/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs.gz' => '/usr/bin/curl -L -k -1 -f -s --proxy '' --user rudder:rudder -T /var/rudder/inventories/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs.gz https://server/inventories/' returned error
04:50:56        +E| error         Inventory                 inventory                                    Could not send the inventory
04:50:56        +   error: Method 'sendInventory' failed in some repairs
04:50:56        +   error: Method 'doInventory_always' failed in some repairs

Apache logs on the rudder server:

04:52:07 [Fri Feb 01 03:50:03 2019] [error] [client 192.168.41.3] client denied by server configuration: /var/rudder/inventories/incoming/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs.sign
04:52:07 [Fri Feb 01 03:50:04 2019] [error] [client 192.168.41.3] client denied by server configuration: /var/rudder/inventories/incoming/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs.gz
04:52:07 [Fri Feb 01 03:50:54 2019] [error] [client 192.168.41.3] client denied by server configuration: /var/rudder/inventories/incoming/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs.sign
04:52:07 [Fri Feb 01 03:50:54 2019] [error] [client 192.168.41.3] client denied by server configuration: /var/rudder/inventories/incoming/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs.gz

This problem is centos6 specific, in rudder 4.1 and rudder 4.3

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Rudder

Custom queries

Bug #14268

Broken authorized networks in centos6

Updated by François ARMAND about 5 years ago

Updated by Vincent MEMBRÉ about 5 years ago

Updated by François ARMAND almost 5 years ago

Updated by Vincent MEMBRÉ almost 5 years ago

Updated by Vincent MEMBRÉ almost 5 years ago

Updated by Vincent MEMBRÉ almost 5 years ago

Updated by Alexis Mousset almost 5 years ago

Updated by Alexis Mousset over 4 years ago