Actions
Bug #15120
closed
Error after upgrade from 4.1 to 5.0 on RPM because slapd is not restarted: apiAuthorizationKind: attribute type undefined
Pull Request:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
0
Name check:
To do
Fix check:
Checked
Regression:
Description
[2019-06-25 09:34:58] ERROR com.normation.ldap.sdk.RwLDAPConnection - Exception ignored (by configuration) when trying to modify entry 'apiAccountId=a92b486d-379a-4e96-b2e8-b1ac6f7fd4a5,ou=API Accounts,ou=Rudder,cn=rudder-configuration'. Reported exception was: apiAuthorizationKind: attribute type undefined
com.unboundid.ldap.sdk.LDAPException: apiAuthorizationKind: attribute type undefined
at com.unboundid.ldap.sdk.LDAPConnection.modify(LDAPConnection.java:2867)
at com.normation.ldap.sdk.RwLDAPConnection.$anonfun$modifyAction$3(LDAPConnection.scala:539)
at scala.util.control.Exception$Catch.apply(Exception.scala:224)
at com.normation.ldap.sdk.RwLDAPConnection.$anonfun$modifyAction$1(LDAPConnection.scala:539)
at com.normation.ldap.sdk.RwLDAPConnection.applyMod(LDAPConnection.scala:487)
at com.normation.ldap.sdk.RwLDAPConnection.$anonfun$applyModify$2(LDAPConnection.scala:545)
at com.normation.ldap.sdk.RwLDAPConnection.save(LDAPConnection.scala:602)
at bootstrap.liftweb.checks.CheckApiTokenAutorizationKind.$anonfun$checks$2(CheckApiTokenAutorizationKind.scala:79)
at bootstrap.liftweb.checks.CheckApiTokenAutorizationKind.$anonfun$checks$2$adapted(CheckApiTokenAutorizationKind.scala:73)
at scala.collection.mutable.ResizableArray.foreach(ResizableArray.scala:58)
Slapd was not correctly restarted, log says:
Mise à jour : 1398866025:rudder-inventory-ldap-5.0.12.rc1.git201906250320-1.EL.7.x86_64 4/24 warning: /opt/rudder/etc/openldap/slapd.conf created as /opt/rudder/etc/openldap/slapd.conf.rpmnew INFO: Setting rudder-slapd as a boot service...rudder-slapd.service is not a native service, redirecting to /sbin/chkconfig. Executing /sbin/chkconfig rudder-slapd on Done INFO: Restarting rudder-slapd... Done
but
# ps afux | grep slap root 12779 0.0 0.0 112680 968 pts/0 S+ 10:06 0:00 \_ grep --color=auto slap root 10619 0.0 2.9 105367048 44824 ? Ssl 07:42 0:02 /opt/rudder/libexec/slapd -h ldap://localhost:389 -n rudder-slapd -f /opt/rudder/etc/openldap/slapd.conf
it can also cause error at acceptance of inventories
ERROR com.normation.ldap.sdk.RwLDAPConnection - Exception ignored (by configuration) when trying to add entry 'networkInterface=eth2,nodeId=bfcf227a-d296-41a5-b073-9476b1647f1a,ou=Nodes,ou=Accepted Inventories,ou=Inventories,cn=rudder-configuration'. Reported exception was: networkSubnet: attribute type undefined
Updated by Nicolas CHARLES over 5 years ago
- Subject changed from Error after upgrade from 4.1 to 5.0 on RHEL7: apiAuthorizationKind: attribute type undefined to Error after upgrade from 4.1 to 5.0 on RPM because slapd is not restarted: apiAuthorizationKind: attribute type undefined
Updated by Nicolas CHARLES over 5 years ago
journalctl says
juin 25 09:33:42 server systemd[1]: Starting LSB: OpenLDAP...
juin 25 09:33:42 server rudder-slapd[5900]: [INFO] Using /etc/default/rudder-slapd for configuration
juin 25 09:33:42 server rudder-slapd[5887]: rudder-slapd: [INFO] Using /etc/default/rudder-slapd for configuration
juin 25 09:33:42 server rudder-slapd[5905]: [OK] virtual memory limit set to unlimited
juin 25 09:33:42 server rudder-slapd[5887]: rudder-slapd: [OK] virtual memory limit set to unlimited
juin 25 09:33:42 server rudder-slapd[5887]: rudder-slapd: [INFO] Launching OpenLDAP configuration test...
juin 25 09:33:42 server rudder-slapd[5906]: [INFO] Launching OpenLDAP configuration test...
juin 25 09:33:42 server rudder-slapd[5913]: [INFO] Using /etc/default/rudder-slapd for configuration
juin 25 09:33:42 server rudder-slapd[5887]: rudder-slapd[5913]: [INFO] Using /etc/default/rudder-slapd for configuration
juin 25 09:33:42 server rudder-slapd[5921]: [OK] OpenLDAP configuration test successful
juin 25 09:33:42 server rudder-slapd[5887]: rudder-slapd: [OK] OpenLDAP configuration test successful
juin 25 09:33:42 server rudder-slapd[5922]: [INFO] Launching OpenLDAP replication...
juin 25 09:33:42 server rudder-slapd[5887]: rudder-slapd: [INFO] Launching OpenLDAP replication...
juin 25 09:33:42 server rudder-slapd[5923]: [INFO] no replica found in configuration, aborting lauching slurpd
juin 25 09:33:42 server rudder-slapd[5887]: rudder-slapd: [INFO] no replica found in configuration, aborting lauching slurpd
juin 25 09:33:42 server rudder-slapd[5924]: [INFO] no db_recover done
juin 25 09:33:42 server rudder-slapd[5887]: rudder-slapd: [INFO] no db_recover done
juin 25 09:33:42 server rudder-slapd[5925]: [INFO] Launching OpenLDAP...
juin 25 09:33:42 server rudder-slapd[5887]: rudder-slapd: [INFO] Launching OpenLDAP...
juin 25 09:33:42 server rudder-slapd[5926]: [OK] file descriptor limit set to 1024
juin 25 09:33:42 server rudder-slapd[5887]: rudder-slapd: [OK] file descriptor limit set to 1024
juin 25 09:33:43 server rudder-slapd[5928]: @(#) $OpenLDAP: slapd 2.4.46 (Jun 25 2019 03:44:54) $
root@centos-builder-7-64:/usr/src/rudder-packages/package/BUILD/openldap-source/servers/slapd
juin 25 09:33:43 server rudder-slapd[5928]: daemon: bind(7) failed errno=98 (Address already in use)
juin 25 09:33:43 server rudder-slapd[5928]: daemon: bind(7) failed errno=98 (Address already in use)
juin 25 09:33:43 server rudder-slapd[5928]: slapd stopped.
juin 25 09:33:43 server slapd[5928]: connections_destroy: nothing to destroy.
juin 25 09:33:44 server rudder-slapd[5931]: [OK] OpenLDAP started on port 389 and 636
juin 25 09:33:44 server rudder-slapd[5887]: rudder-slapd: [OK] OpenLDAP started on port 389 and 636
juin 25 09:33:44 server rudder-slapd[5932]: [INFO] Prefetching data for cache warmup
juin 25 09:33:44 server rudder-slapd[5887]: rudder-slapd: [INFO] Prefetching data for cache warmup
juin 25 09:33:44 server systemd[1]: Started LSB: OpenLDAP.
but given that the process was started a 7:42, this is a lie
Updated by Nicolas CHARLES over 5 years ago
Ok, the issue is that systemctl restart rudder-slapd doesn't restart it, because it doesn't know it's running, as it's been started by services
from man command
restart PATTERN...
Restart one or more units specified on the command line. If the units are not running yet, they will be started.
Updated by Nicolas CHARLES over 5 years ago
- Status changed from New to In progress
- Assignee set to Nicolas CHARLES
Updated by Nicolas CHARLES over 5 years ago
- Status changed from In progress to Pending technical review
- Assignee changed from Nicolas CHARLES to Alexis Mousset
- Pull Request set to https://github.com/Normation/rudder-packages/pull/1972
Updated by Rudder Quality Assistant over 5 years ago
- Assignee changed from Alexis Mousset to Nicolas CHARLES
Updated by Nicolas CHARLES over 5 years ago
- Status changed from Pending technical review to Pending release
Applied in changeset rudder-packages|54c26986c5a75fb651c73c0dac8cf4fe71d995bb.
Updated by Nicolas CHARLES over 5 years ago
- Fix check changed from To do to Checked
Updated by Vincent MEMBRÉ over 5 years ago
- Status changed from Pending release to Released
This bug has been fixed in Rudder 5.0.12 which was released today.
Actions