Bug #18944
closedValue replacement in "File key-value present" and "File keys-values present" methods doesn't work correctly in some cases.
Description
I've run into a strange behavior of "File key-value present" method and couldn't understand if this correct behavior or not.
Steps:
- Create custom Technique
- Use generic method "File key-value present" with following params:
- File:
/etc/mysql/mysql.conf.d/mysqld.cnf
- Key:
bind-address
- Value:
${sys.ipv4}
- Separator: =
- File:
- Created necessary directive and assigned it to a particular node
- When I run rudder agent update && rudder agent run I can see that Technique is being applied to node and it shows that Technique is
compliant
Observed: In /etc/mysql/mysql.conf.d/mysqld.cnf is bind-address = 127.0.0.1
Expected: In /etc/mysql/mysql.conf.d/mysqld.cnf is bind-address = 10.0.2.46
Contents of /etc/mysql/mysql.conf.d/mysqld.cnf:
# Instead of skip-networking the default is now to listen only on # localhost which is more compatible and is not less secure. bind-address = 127.0.0.1 mysqlx-bind-address = 127.0.0.1
Additional findings:
- If I remove or comment
bind-address
in/etc/mysql/mysql.conf.d/mysqld.cnf
- everything works as expected i.e.bind-address = 10.0.2.46
is added in the end of file. - If in
/etc/mysql/mysql.conf.d/mysqld.cnf
I replacebind-address = 127.0.0.1
withbind-address =127.0.0.1
(remove space after =) - works as expected. Value = 10.0.2.46
- doesn't work.Value = 192.168.0.1
- worksValue = 10.0.2.1
- worksValue = 10.0.2.10
- doesn't workValue = 10.0.20.10
- works
Please see outputs from rudder agent run -v | grep -C200 ncf_maintain_keys_values_option
when replacement works and doesn't in the attachment.
Updated by Alexis Mousset almost 4 years ago
- Severity set to Critical - prevents main use of Rudder | no workaround | data loss | security
- User visibility set to Operational - other Techniques | Rudder settings | Plugins
- Priority changed from 0 to 76
Thanks for your detailed report and investigations.
There are two problems:
- Wrong "compliant" reporting while the file is not compliant (setting severity to critical because of this).
- The line edition that fails with:
2021-02-25T09:05:33+00:00 error: Promised replacement 'bind-address = 10.0.2.15' on line 'bind-address = 127.0.0.1' for pattern '^(\s*bind\-address\s*\=\s*)(?!10\.0\.2\.15$).*' is not convergent while editing '/tmp/test' 2021-02-25T09:05:33+00:00 error: Because the regular expression '^(\s*bind\-address\s*\=\s*)(?!10\.0\.2\.15$).*' still matches the replacement string 'bind-address = 10.0.2.15' 2021-02-25T09:05:33+00:00 error: Promise belongs to bundle 'ncf_maintain_keys_values_option' in file '/var/rudder/ncf/common/20_cfe_basics/files.cf' near line 111
Updated by Alexis Mousset almost 4 years ago
We could reproduce the problem on 6.1 and 6.2.
Updated by Vincent MEMBRÉ almost 4 years ago
- Project changed from Rudder to 41
- Category changed from Agent to Generic methods - File Management
- Target version changed from 6.2.3 to 6.1.10
Updated by Vincent MEMBRÉ almost 4 years ago
- Status changed from New to In progress
- Assignee set to Vincent MEMBRÉ
Updated by Vincent MEMBRÉ almost 4 years ago
- Assignee changed from Vincent MEMBRÉ to Alexis Mousset
- Pull Request set to https://github.com/Normation/ncf/pull/1285
Updated by Vincent MEMBRÉ almost 4 years ago
- Status changed from In progress to Pending release
Applied in changeset f66d61a59ccee1325455c9cc3a3669ec461017ab.
Updated by Anton Yakimov almost 4 years ago
Hello again,
I forgot to mention that same issue exists for File keys-values present
. I've tested changes in PR and they did not address this problem in File keys-values present
.
Technique:
1. Variable dict
Prefix: mysql
Variable name: ConfigurationMySQLKeys
Value:
{ "bind-address": "${sys.ipv4}", "server-id": 1, "log_bin": "/var/log/mysql/mysql-bin.log" }
2. File keys-values present
File: /etc/mysql/mysql.conf.d/mysqld.cnf
Keys: mysql.ConfigurationMySQLKeys
Separator: =
Could you please expand the scope of the defect.
Thanks,
Anton
Updated by Anton Yakimov almost 4 years ago
Tested ok by applying changes manually on local server.
Updated by Vincent MEMBRÉ almost 4 years ago
- Fix check changed from To do to Checked
Updated by Vincent MEMBRÉ almost 4 years ago
- Status changed from Pending release to Released
This bug has been fixed in Rudder 6.1.10 and 6.2.3 which were released today.
Updated by Félix DALLIDET over 3 years ago
- Related to Bug #19908: Strict mode of file_key_value_present_option does not introduce unwanted escpaing characters added
Updated by Alexis Mousset over 2 years ago
- Project changed from 41 to Rudder
- Category changed from Generic methods - File Management to Generic methods
- Priority changed from 76 to 63