Project

General

Profile

Actions

Bug #15907

closed

Changes-only does not behave as expected and lead to missing reports

Added by Félix DALLIDET about 5 years ago. Updated over 1 year ago.

Status:
Rejected
Priority:
N/A
Assignee:
-
Category:
Web - Compliance & node report
Severity:
Critical - prevents main use of Rudder | no workaround | data loss | security
UX impact:
User visibility:
Operational - other Techniques | Rudder settings | Plugins
Effort required:
Priority:
0
Name check:
To do
Fix check:
To do
Regression:
No

Description

In 5.0.13 I have a node in changes-only, one if its directive always return a missing reports on some components which are well executed.
I digged up into the GM code and found that an old_class_prefix was not copied properly, thought it will fix the issue.

It did not.

But forcing the agent to run in full-compliance mode fixed it...
Moreover, in the agent output, I have lots of "compliant" report even when running it in changes-only which is definitly strange.

root@nrm-vir-intranet-01:/var/rudder/ncf/common/30_generic_methods# rudder agent info
Hostname: nrm-vir-intranet-01.priv.normation.com
UUID: 4c3e0270-a50a-4c63-9f2a-a48c7591b102
Key Hash: 133c635c379e0ca0df8bb8bf26a43ac72bbd0663
Policy server: rudder
Roles: rudder-agent
Report mode: changes-only
Run interval: 5 min
Agent is enabled
Configuration id: 20191004-112505-9c2451a1
Policy updated: 2019-10-09 16:06:16
Inventory sent: 2019-10-09 03:31:43
Version: Rudder agent 5.0.12-buster0

root@nrm-vir-intranet-01:/var/rudder/ncf/common/30_generic_methods# rudder agent run -i
Rudder agent 5.0.12-buster0
Node uuid: 4c3e0270-a50a-4c63-9f2a-a48c7591b102
R: [INFO] Starting CFEngine 3.12.2 on host nrm-vir-intranet-01.priv.normation.com (debian_10 x86_64)
rudder     info: Deleted file '/var/rudder/cfengine-community/outputs/cf_nrm_vir_intranet_01_priv_normation_com__1570025182_Wed_Oct__2_16_06_22_2019_0x7fecfc0fe700'
rudder     info: Deleted file '/var/rudder/cfengine-community/outputs/cf_nrm_vir_intranet_01_priv_normation_com__1570025460_Wed_Oct__2_16_11_00_2019_0x7fecfc0fe700'
rudder     info: Executing 'no timeout' ... '/var/rudder/tools/check-rsyslog-version 5.6.4'
rudder     info: Completed execution of '/var/rudder/tools/check-rsyslog-version 5.6.4'
rudder     info: Executing 'no timeout' ... '/var/rudder/tools/check-rsyslog-version'
rudder     info: Completed execution of '/var/rudder/tools/check-rsyslog-version'
rudder     info: Object '/etc/cron.d/quality-assistant' had permission 0644, changed it to 0755
M| State         Technique                 Component                 Key                Message
E| compliant     copyFile                  Copy file                 rudder-tools-priv| The content of the file(s) is valid
E| compliant     copyFile                  Copy file                 rudder-tools-priv| The content of the file(s) is valid
E| compliant     copyFile                  Copy file                 configurations/ap| The content of the file(s) is valid
E| compliant     copyFile                  Copy file                 configurations/do| The content of the file(s) is valid
E| compliant     copyFile                  Copy file                 configurations/do| The content of the file(s) is valid
E| compliant     copyFile                  Copy file                 ssl/private/       The content of the file(s) is valid
E| compliant     copyFile                  Copy file                 common/etc/apt/tr| The content of the file(s) is valid
E| compliant     copyFile                  Copy file                 rudder-tools-priv| The content of the file(s) is valid
E| compliant     copyFile                  Copy file                 ssl/certs/         The content of the file(s) is valid
E| repaired      copyFile                  Copy file                 rudder-tools-priv| The content or permissions of the file(s) has been repaired
E| compliant     copyFile                  Post-modification hook    rudder-tools-priv| No post-hook command for /home/mergingscript/qa-wrapper was defined, not executing
E| compliant     copyFile                  Post-modification hook    rudder-tools-priv| No post-hook command for /etc/cron.d/quality-assistant was defined, not executing
E| compliant     copyFile                  Post-modification hook    configurations/ap| No post-hook command for /etc/apt/apt.conf.d/50unattended-upgrades was defined, not executing
E| compliant     copyFile                  Post-modification hook    configurations/do| No post-hook command for /root/.bashrc was defined, not executing
E| compliant     copyFile                  Post-modification hook    configurations/do| No post-hook command for /root/.vimrc was defined, not executing
E| compliant     copyFile                  Post-modification hook    common/etc/apt/tr| No post-hook command for /etc/apt/trusted.gpg.d/normation-infra.gpg was defined, not executing
E| compliant     copyFile                  Post-modification hook    rudder-tools-priv| /etc/apache2/sites-available/quality-assistant.normation.com.conf was already in the desired state, so no command was executed
E| compliant     copyFile                  Post-modification hook    ssl/private/       /etc/ssl/private/ was already in the desired state, so no command was executed
E| compliant     copyFile                  Post-modification hook    rudder-tools-priv| /usr/local/quality-assistant/ was already in the desired state, so no command was executed
E| compliant     copyFile                  Post-modification hook    ssl/certs/         /etc/ssl/certs/ was already in the desired state, so no command was executed
rudder     info: Executing 'no timeout' ... '/sbin/hwclock --systohc'
rudder     info: Completed execution of '/sbin/hwclock --systohc'
R: [INFO] Executing is-enabled on ssh using the /etc/rcX.d/ method
E: Repository 'http://repository.rudder.io/apt/5.0 buster InRelease' changed its 'Origin' value from '5.0.12 buster' to '5.0.13 buster'
E: Repository 'http://repository.rudder.io/apt/5.0 buster InRelease' changed its 'Label' value from '5.0.12 buster' to '5.0.13 buster'
rudder     info: Some error occurred while updating available updates cache.
rudder     info: Can not update packages cache.
R: [INFO] Executing is-enabled on zabbix-agent using the /etc/rcX.d/ method
R: [INFO] Executing is-active on zabbix-agent using the service method
R: The 'cksum /etc/hostname | cut -c1-4 | awk '{ print $1 % 24 }'' command returned '6'
rudder     info: Object '/etc/cron.d/quality-assistant' had permission 0755, changed it to 0644
Start execution with config [20191004-112505-9c2451a1]

rudder     info: Automatically promoting context scope for 'heartbeat_sent' to namespace visibility, due to persistence
   info          Install_and_configure_qu| Permissions (non recursi| /etc/cron.d/quali| Ensure permissions mode 644, owner root and group root on /etc/cron.d/quality-assistant on type all with 0 recursion level was repaired
E| repaired      Install_and_configure_qu| Permissions (non recursi| /etc/cron.d/quali| Ensure permissions mode 644, owner root and group root on /etc/cron.d/quality-assistant was repaired
rudder     info: Executing 'no timeout' ... '/usr/sbin/visudo -c  -f /etc/sudoers.rudder'
  notice: Q: "...bin/visudo -c  ": /etc/sudoers.rudder: parsed OK
Q: "...bin/visudo -c  ": /etc/sudoers.d/README: parsed OK
Q: "...bin/visudo -c  ": /etc/sudoers.d/zabbix: parsed OK
rudder     info: Last 3 quoted lines were generated by promiser '/usr/sbin/visudo -c  -f /etc/sudoers.rudder'
rudder     info: Completed execution of '/usr/sbin/visudo -c  -f /etc/sudoers.rudder'
R: [INFO] Executing is-active on rsyslog using the service method

## Summary #####################################################################
Not all components were displayed because we are not in full compliance mode. Please run with -g to force full compliance mode.
   => 21 components in Enforce mode
      -> 19 compliant
      -> 2 repaired
Execution time: 27.52s
################################################################################


Subtasks 1 (0 open1 closed)

Bug #15908: Misleading old_class_prefix in permissions generic methodReleasedAlexis MoussetActions

Related issues 2 (0 open2 closed)

Is duplicate of Rudder - Bug #22371: missing report in change onlyReleasedNicolas CHARLESActions
Is duplicate of Rudder - Bug #22375: Nodes not answering are seen in "missing" rather than in "no reports"ReleasedFrançois ARMANDActions
Actions

Also available in: Atom PDF