Project

General

Profile

Actions

Bug #15570

closed

Rudder server does not show/detect all software from agent

Added by Edmon Evtimov about 5 years ago. Updated almost 3 years ago.

Status:
Rejected
Priority:
N/A
Assignee:
-
Category:
Agent
Target version:
Severity:
Critical - prevents main use of Rudder | no workaround | data loss | security
UX impact:
User visibility:
Operational - other Techniques | Rudder settings | Plugins
Effort required:
Medium
Priority:
49
Name check:
To do
Fix check:
To do
Regression:

Related issues 1 (0 open1 closed)

Related to Rudder - Bug #15454: Fixes to allow building the agent on Fedora 30ReleasedFélix DALLIDETActions
Actions #1

Updated by Edmon Evtimov about 5 years ago


Rudder server says this agent is connected, has sent an inventory and everything is recognized but I find that some installed packages don't get shown on the web interface (I was searching to ensure ClamAV is installed on all endpoints).
The server is a normal Rudder server on CentoS 7 and the agent is working happily on Fedora 30 with the package built in this ticket - https://issues.rudder.io/issues/15454

Here's logs (from server) - https://pastebin.com/SsMzPunK

Running

rudder agent inventory
rudder agent run -i

on the endpoint both show maximum compliance and don't give any warnings or errors. Agent logs don't give much other useful info but I can provide them if need be. :)

Actions #2

Updated by Edmon Evtimov about 5 years ago

  • Related to Bug #15454: Fixes to allow building the agent on Fedora 30 added
Actions #3

Updated by Edmon Evtimov about 5 years ago

  • Translation missing: en.field_tag_list set to rudder agent inventory
  • Target version set to 5.0.13
Actions #4

Updated by Alexis Mousset about 5 years ago

The image attachment seems to have failed. Could you give an example of a missing package (appearing in rpm -qa output but not in the inventory)?

Actions #5

Updated by Alexis Mousset about 5 years ago

  • Category set to Agent
Actions #6

Updated by Edmon Evtimov about 5 years ago

  • Category deleted (Agent)

Yes, it's ClamAV. Doesn't come up on the server despite agent being run on the endpoint several times from that point. ClamAV even made a scan.
For some reason PNGs fail to upload... JPG too? https://imgur.com/a/PCTf3ML EDIT: updated link with second screenshot from inventory

Anyway - it shows result locally of 'rpm -qa | grep clam' showing clamav-data, clamav-milter, clamav-filesystem, clamav-update, clamd, clamav, clamav-lib...
Rudder server doesn't show this endpoint having ClamAV while it has it. Neither in search, nor in the node itself if I browse all packages on it.

Some of the other endpoints show it though...

Actions #7

Updated by Edmon Evtimov about 5 years ago

  • Category set to Agent
Actions #8

Updated by Alexis Mousset about 5 years ago

What does grep clamav /var/rudder/tmp/inventory/*.ocs give on the node?

Actions #9

Updated by Edmon Evtimov about 5 years ago

Alexis MOUSSET wrote:

What does grep clamav /var/rudder/tmp/inventory/*.ocs give on the node?

It returns nothing.

Actions #10

Updated by Alexis Mousset about 5 years ago

It means the inventory does not contain them, so the problem is on the agent. The command used by the inventory is:

rpm -qa --queryformat '%{NAME}\t%{ARCH}\t%{VERSION}-%{RELEASE}\t%{INSTALLTIME}\t%{SIZE}\t%{VENDOR}\t%{SUMMARY}\n' | grep clamav

What does it give?

Actions #11

Updated by Edmon Evtimov about 5 years ago

Alexis MOUSSET wrote:

It means the inventory does not contain them, so the problem is on the agent. The command used by the inventory is:

[...]

What does it give?

Shows the packages and versions - https://imgur.com/UIyfnxx

Actions #12

Updated by Vincent MEMBRÉ about 5 years ago

  • Target version changed from 5.0.13 to 5.0.14
Actions #13

Updated by François ARMAND about 5 years ago

We are really not sure about the root cause of that one, and we are out of luck for reproducing it.

Edmond: do you noticed something special on the nodes where the clamav is missing? Perhaps a different locale?

Actions #14

Updated by François ARMAND about 5 years ago

  • Severity set to Critical - prevents main use of Rudder | no workaround | data loss | security
  • User visibility set to Operational - other Techniques | Rudder settings | Plugins
  • Priority changed from 0 to 76

Upgrading the severity to "critical", because it's really a simple package and that can cause production policy misconfiguration.

Actions #15

Updated by François ARMAND about 5 years ago

  • Priority changed from 76 to 75

Edmon: any news about that one? We would really like to go to the root of it, since its a critical problem from our point of view.

Actions #16

Updated by Vincent MEMBRÉ about 5 years ago

  • Target version changed from 5.0.14 to 5.0.15
Actions #17

Updated by Benoît PECCATTE about 5 years ago

  • Effort required set to Medium
  • Priority changed from 75 to 57
Actions #18

Updated by Vincent MEMBRÉ almost 5 years ago

  • Target version changed from 5.0.15 to 5.0.16
Actions #19

Updated by Alexis Mousset almost 5 years ago

  • Target version changed from 5.0.16 to 5.0.17
  • Priority changed from 57 to 55
Actions #20

Updated by Vincent MEMBRÉ over 4 years ago

  • Target version changed from 5.0.17 to 5.0.18
  • Priority changed from 55 to 53
Actions #21

Updated by Vincent MEMBRÉ over 4 years ago

  • Target version changed from 5.0.18 to 5.0.19
  • Priority changed from 53 to 50
Actions #22

Updated by Vincent MEMBRÉ about 4 years ago

  • Target version changed from 5.0.19 to 5.0.20
  • Priority changed from 50 to 49
Actions #23

Updated by Vincent MEMBRÉ about 4 years ago

  • Target version changed from 5.0.20 to 797
Actions #24

Updated by Benoît PECCATTE over 3 years ago

  • Target version changed from 797 to 6.1.14
Actions #25

Updated by Vincent MEMBRÉ over 3 years ago

  • Target version changed from 6.1.14 to 6.1.15
Actions #26

Updated by Vincent MEMBRÉ over 3 years ago

  • Target version changed from 6.1.15 to 6.1.16
Actions #27

Updated by Vincent MEMBRÉ about 3 years ago

  • Target version changed from 6.1.16 to 6.1.17
Actions #28

Updated by Vincent MEMBRÉ about 3 years ago

  • Target version changed from 6.1.17 to 6.1.18
Actions #29

Updated by Vincent MEMBRÉ almost 3 years ago

  • Target version changed from 6.1.18 to 6.1.19
Actions #30

Updated by François ARMAND almost 3 years ago

  • Status changed from New to Rejected

We weren't able to reproduce. Closing it.

Actions

Also available in: Atom PDF