Project

General

Profile

Actions

Bug #3618

closed

Techniques using reporting based on file edition don't have proper reporting for kept status with CFEngine 3.4.x

Added by Dennis Cabooter almost 11 years ago. Updated about 9 years ago.

Status:
Released
Priority:
1
Category:
Packaging
Target version:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
Name check:
Fix check:
Regression:

Description

In the following directive I get a no answer status after upgrading from 2.5 to 2.6.

- Global sudo management
- Permissions
- Value Message Status
mygroup No answer

Mygroup should be able to execute all commands without password. If I remove the corresponding line from the sudoers file. Rudder will report status Repaired, but only for one run. After that the status flips back to status No Answer. nevertheless the sudoers line is added correctly.

Actions #1

Updated by Nicolas PERRON almost 11 years ago

  • Status changed from New to Discussion

Were the reporting of Sudo utility configuration before the upgrade from 2.5 to 2.6 in No Answer status too or in Success ?

It seems to me that this is an error in the reporting part of the Technique but in the code I don't see any error and the latest modification was in April (2 months ago).

Actions #2

Updated by Nicolas CHARLES almost 11 years ago

  • Status changed from Discussion to New

Dennis said on IRC that it used to work prior the upgrade

Actions #3

Updated by Dennis Cabooter almost 11 years ago

I can confirm that it used to work prior to the upgrade.

Actions #4

Updated by Dennis Cabooter almost 11 years ago

The issue is still there. However, de output on the node reports succes:

R: @@sudoParameters@@result_success@@ce690900-304d-492e-9b82-cdc3decdedda@@a588d0ed-aa10-418a-aa6d-3b687107d748@@137@@Install@@None@@2013-06-04 13:35:33+02:00##2500fd48-2905-42ba-bfdf-e5c170b9a176@#sudo already installed
 !! Method invoked repairs
 -> Executing '/usr/sbin/visudo -c -s -f /etc/sudoers.rudder' ... (no timeout)
Q: "...bin/visudo -c -": /etc/sudoers.rudder: parsed OK
I: Last 1 quoted lines were generated by promiser "/usr/sbin/visudo -c -s -f /etc/sudoers.rudder" 
 -> Completed execution of /usr/sbin/visudo -c -s -f /etc/sudoers.rudder
R: @@sudoParameters@@result_success@@ce690900-304d-492e-9b82-cdc3decdedda@@a588d0ed-aa10-418a-aa6d-3b687107d748@@137@@sudoersFile@@None@@2013-06-04 13:35:33+02:00##2500fd48-2905-42ba-bfdf-e5c170b9a176@#The sudoers file did not require any modification
Actions #5

Updated by Nicolas PERRON almost 11 years ago

Dennis Cabooter wrote:

The issue is still there. However, de output on the node reports succes:

[...]

Ok and are these success messages present on the technical logs of the node in the Rudder WebUI ?

Actions #6

Updated by Dennis Cabooter almost 11 years ago

In the webapp this are the only tech logs that have to do with sudo:

2013-06-04 14:41     result_success     Global sudo management     Global: User management     sudoersFile     -     The sudoers file did not require any modification
2013-06-04 14:41     result_success     Global sudo management     Global: User management     Install     -     sudo already installed
Actions #7

Updated by Vincent MEMBRÉ almost 11 years ago

  • Category set to Techniques
  • Status changed from New to In progress
  • Assignee set to Vincent MEMBRÉ
  • Priority changed from N/A to 1

I found out the reporting error.

It cam from the edit_line bundle used in here.

It does not report that the line was already inserted.

I'm trying to find out a fix!

Actions #8

Updated by Dennis Cabooter almost 11 years ago

Cool :)

Actions #9

Updated by Nicolas PERRON almost 11 years ago

  • Target version changed from 2.6.2 to 2.6.3
Actions #10

Updated by Vincent MEMBRÉ almost 11 years ago

This bugs occurs because of a bug CFEngine 3.4.

classes in the following extract are not thrown, so there is no reporting done.

  insert_lines:
    replace_attempted_env_reset::
      "Defaults env_reset";

    check_sudo_parameters_sudo_add_line_vars_defined::
      "${lines[${index}]}" 
        classes => kept_if_else("line_${index}_kept", "line_${index}_added", "line_${index}_add_failed");

  delete_lines:

    all_lines_defined.force::

      ".*" 
        delete_select => sudo_select_nomatch("${all_lines}"),
        classes => if_repaired("line_deleted");

This was working in cfengine 3.2. and reporting is working in 2.5 and 2.4

Actions #11

Updated by Dennis Cabooter almost 11 years ago

Is it possible to fix it?

Actions #12

Updated by Vincent MEMBRÉ almost 11 years ago

The real explanation about that bug is that the last line inserted is not sending kept_promises.

In the actual version if you insert several users as sudoers, only the last inserted is not reporting (not necesserly the last in the list, really the last inserted).

I found a workaround, in inserting a comment line after all users lines are inserting, and then deleting this line (and if that line is not erased, as its a commentary it has no consequences)

This will be implemented very soon

Actions #13

Updated by Vincent MEMBRÉ almost 11 years ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Vincent MEMBRÉ to Nicolas CHARLES
  • Pull Request set to https://github.com/Normation/rudder-techniques/pull/138
Actions #14

Updated by Vincent MEMBRÉ almost 11 years ago

The bug is opened in CFEngine bug tracker https://cfengine.com/dev/issues/2943

Actions #15

Updated by Nicolas CHARLES almost 11 years ago

I've submitted a pull request to fix this problem
https://github.com/cfengine/core/pull/769

Actions #16

Updated by Nicolas CHARLES almost 11 years ago

  • Project changed from 24 to 34
  • Subject changed from Sudo utility configuration No answer status to Techniques using reporting based on file edition don't have proper reporting for kept status with CFEngine 3.4.x
  • Category deleted (Techniques)
  • Status changed from Pending technical review to In progress
  • Pull Request deleted (https://github.com/Normation/rudder-techniques/pull/138)
Actions #17

Updated by Nicolas CHARLES almost 11 years ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Nicolas CHARLES to Jonathan CLARKE
  • Pull Request set to https://github.com/Normation/rudder-packages/pull/70

I've submited a patch for our version of CFEngine, as the patch han't been accepted upstream yet

Actions #18

Updated by Nicolas CHARLES over 10 years ago

My patch wasn't accepted by CFEngine, they created this change, on Master
https://github.com/cfengine/core/pull/793

I'll try to backport it, to include it in our cfengine

Actions #19

Updated by Jonathan CLARKE over 10 years ago

  • Status changed from Pending technical review to In progress
  • Assignee changed from Jonathan CLARKE to Nicolas CHARLES

Nicolas CHARLES wrote:

My patch wasn't accepted by CFEngine, they created this change, on Master
https://github.com/cfengine/core/pull/793

I'll try to backport it, to include it in our cfengine

Agreed, it would be preferable to fix this by CFEngine code, rather than a workaround in promises.

Actions #20

Updated by Nicolas CHARLES over 10 years ago

Ok, they changed their pull request ( https://github.com/cfengine/core/pull/805/files )
However, it won't be applied on the 3.4 branch :(

Actions #21

Updated by Nicolas CHARLES over 10 years ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Nicolas CHARLES to Jonathan CLARKE

I've backported their modification into our agent

Actions #22

Updated by Nicolas CHARLES over 10 years ago

  • Status changed from Pending technical review to Pending release
  • % Done changed from 0 to 100

Applied in changeset commit:c1838913e5794c8e66ff837f6915d330ddddb444.

Actions #23

Updated by Jonathan CLARKE over 10 years ago

Applied in changeset commit:0e25d257166042f2e201f48360855a9c695d7bf1.

Actions #24

Updated by Nicolas PERRON over 10 years ago

  • Status changed from Pending release to Released
Actions #25

Updated by Nicolas PERRON over 10 years ago

This bug has been fixed in Rudder 2.6.3, which was released today.
Check out:

Actions #26

Updated by Benoît PECCATTE about 9 years ago

  • Project changed from 34 to Rudder
  • Category set to Packaging
Actions

Also available in: Atom PDF