Project

General

Profile

Actions
Copy link

Bug #16953

closed

error when using openscap technique

Added by Nicolas CHARLES about 4 years ago. Updated almost 4 years ago.

Status:
Released
Priority:
N/A
Assignee:
Alexis Mousset
Target version:
6.1-1.0
Pull Request:
https://github.com/Normation/rudder-p...
Severity:
UX impact:
User visibility:
Effort required:
Priority:
0
Name check:
To do
Fix check:
To do
Regression:

Description

on a centos7, i ran the technique with parameters
profile: xccdf_org.ssgproject.content_profile_standard
scap_file: ssg-centos7-ds.xml

the output of the agent is 

E| compliant     Inventory                 inventory                                    Next inventory scheduled between 00:00 and 06:00
E| compliant     plugin_openscap_policies  Schedule Simple           openscap           Scheduling openscap was correct
E| compliant     plugin_openscap_policies  OpenSCAP packages         packages           Set the iterator openscap.packages value to scap-security-guide,openscap-scanner was correct
E| compliant     plugin_openscap_policies  Package present           scap-security-gui| Presence of package scap-security-guide in any version was correct
E| compliant     plugin_openscap_policies  Package present           openscap-scanner   Presence of package openscap-scanner in any version was correct
E| error         plugin_openscap_policies  send report to server     report.html        File /var/rudder/tmp/openscap_policies.html does not exist could not be repaired
2020-03-23T22:46:41+00:00 rudder     info: Executing 'no timeout' ... '/opt/rudder/bin/rudder-sign /var/rudder/tmp/openscap_policies.html 1.1'
2020-03-23T22:46:41+00:00    error: Finished command related to promiser '/opt/rudder/bin/rudder-sign' -- an error occurred, returned 2
2020-03-23T22:46:41+00:00   notice: Q: "...udder-sign /var": ERROR: Cannot sign: The file /var/rudder/tmp/openscap_policies.html doesn't exist
2020-03-23T22:46:41+00:00 rudder     info: Last 1 quoted lines were generated by promiser '/opt/rudder/bin/rudder-sign /var/rudder/tmp/openscap_policies.html 1.1'
2020-03-23T22:46:41+00:00 rudder     info: Completed execution of '/opt/rudder/bin/rudder-sign /var/rudder/tmp/openscap_policies.html 1.1'
2020-03-23T22:46:41+00:00    error: Method 'sharedfile_to_node' failed in some repairs
2020-03-23T22:46:41+00:00    error: Method 'plugin_openscap_policies' failed in some repairs
E| n/a           plugin_openscap_policies  OpenSCAP packages         packages           Skipping method 'Variable iterator' with key parameter 'packages' since condition 'debian_10' is not reached was not applicable
E| n/a           plugin_openscap_policies  OpenSCAP packages         packages           Skipping method 'Variable iterator' with key parameter 'packages' since condition 'debian_9' is not reached was not applicable
E| n/a           plugin_openscap_policies  OpenSCAP packages         packages           Skipping method 'Variable iterator' with key parameter 'packages' since condition 'ubuntu_18' is not reached was not applicable
E| n/a           plugin_openscap_policies  OpenSCAP packages         packages           Skipping method 'Variable iterator' with key parameter 'packages' since condition 'SUSE.(!sles_10)' is not reached was not applicable
E| n/a           plugin_openscap_policies  run scan Openscap         oscap xccdf eval | Skipping method 'Command execution result' with key parameter 'oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_standard --report /var/rudder/tmp/openscap_report.html ssg-centos7-ds.xml' since condition 'any.(schedule_simple_openscap_repaired)' is not reached was not applicable
2020-03-23T22:46:41+00:00    error: Method 'run_2fe56045_8fd8_44c2_b815_68c10d729dc8' failed in some repairs
E| n/a           Common                    Monitoring                                   No Rudder monitoring information to share with the server

since schedule is not met, file doesn't exist, so it cannot send it to the serveur, hence the error

Related issues 1 (0 open1 closed)

Related to Rudder - Bug #16955: sharedfile_to_node cannot send file generated during the runRejectedNicolas CHARLESActions
Actions
Copy link
 #1

Updated by Nicolas CHARLES about 4 years ago

even when file is there it fails

2020-03-Add nodev Option to /dev/shmap xccdf eva": Title
2020-03-xccdf_org.ssgproject.content_rule_mount_option_dev_shm_nodev
2020-03-pass2:53:29+00:00 Q: "...oscap xccdf eva": Result
2020-03-23T22:53:29+00:00 rudder     info: Last 156 quoted lines were generated by promiser 'oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_standard --report /var/rudder/tmp/openscap_report.html /usr/share/xml/scap/ssg/content/ssg-centos7-ds.xml'
2020-03-23T22:53:29+00:00 rudder     info: Completed execution of 'oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_standard --report /var/rudder/tmp/openscap_report.html /usr/share/xml/scap/ssg/content/ssg-centos7-ds.xml'
E| compliant     plugin_openscap_policies  run scan Openscap         oscap xccdf eval | Execute the command oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_standard --report /var/rudder/tmp/openscap_report.html /usr/share/xml/scap/ssg/content/ssg-centos7-ds.xml was correct
E| error         plugin_openscap_policies  send report to server     report.html        File /var/rudder/tmp/openscap_policies.html does not exist could not be repaired
2020-03-23T22:53:29+00:00 rudder     info: Executing 'no timeout' ... '/opt/rudder/bin/rudder-sign /var/rudder/tmp/openscap_policies.html 1.1'
2020-03-23T22:53:29+00:00    error: Finished command related to promiser '/opt/rudder/bin/rudder-sign' -- an error occurred, returned 2
2020-03-23T22:53:29+00:00   notice: Q: "...udder-sign /var": ERROR: Cannot sign: The file /var/rudder/tmp/openscap_policies.html doesn't exist
2020-03-23T22:53:29+00:00 rudder     info: Last 1 quoted lines were generated by promiser '/opt/rudder/bin/rudder-sign /var/rudder/tmp/openscap_policies.html 1.1'
2020-03-23T22:53:29+00:00 rudder     info: Completed execution of '/opt/rudder/bin/rudder-sign /var/rudder/tmp/openscap_policies.html 1.1'
2020-03-23T22:53:29+00:00    error: Method 'sharedfile_to_node' failed in some repairs
2020-03-23T22:53:29+00:00    error: Method 'plugin_openscap_policies' failed in some repairs

ls /var/rudder/tmp/openscap_report.html
/var/rudder/tmp/openscap_report.html

Actions
Copy link
 #2

Updated by Nicolas CHARLES about 4 years ago

it's because sharefile_to_node doesn't guard the filesexist by a class condition

Actions
Copy link
 #3

Updated by Nicolas CHARLES about 4 years ago

  • Related to Bug #16955: sharedfile_to_node cannot send file generated during the run added
Actions
Copy link
 #4

Updated by Nicolas CHARLES about 4 years ago

it's also because the file name is not correct

Actions
Copy link
 #5

Updated by Nicolas CHARLES about 4 years ago

  • Status changed from New to In progress
  • Assignee set to Nicolas CHARLES
Actions
Copy link
 #6

Updated by Nicolas CHARLES about 4 years ago

  • Assignee changed from Nicolas CHARLES to Alexis Mousset
  • Pull Request set to https://github.com/Normation/rudder-plugins/pull/255
Actions
Copy link
 #7

Updated by Nicolas CHARLES about 4 years ago

  • Status changed from In progress to Pending technical review
Actions
Copy link
 #8

Updated by Nicolas CHARLES about 4 years ago

  • Status changed from Pending technical review to Pending release
Actions
Copy link
 #9

Updated by Vincent MEMBRÉ almost 4 years ago

  • Target version changed from 6.0-1.0 to 6.1-1.0
Actions
Copy link
 #10

Updated by Vincent MEMBRÉ almost 4 years ago

  • Status changed from Pending release to Released
Actions
Copy link

Also available in: Atom PDF