Bug #3618
closed
Techniques using reporting based on file edition don't have proper reporting for kept status with CFEngine 3.4.x
Added by Dennis Cabooter over 11 years ago. Updated over 9 years ago.
Description
In the following directive I get a no answer status after upgrading from 2.5 to 2.6.
- Global sudo management
- Permissions
- Value Message Status
mygroup No answer
Mygroup should be able to execute all commands without password. If I remove the corresponding line from the sudoers file. Rudder will report status Repaired, but only for one run. After that the status flips back to status No Answer. nevertheless the sudoers line is added correctly.
Updated by Nicolas PERRON over 11 years ago
- Status changed from New to Discussion
Were the reporting of Sudo utility configuration before the upgrade from 2.5 to 2.6 in No Answer status too or in Success ?
It seems to me that this is an error in the reporting part of the Technique but in the code I don't see any error and the latest modification was in April (2 months ago).
Updated by Nicolas CHARLES over 11 years ago
- Status changed from Discussion to New
Dennis said on IRC that it used to work prior the upgrade
Updated by Dennis Cabooter over 11 years ago
I can confirm that it used to work prior to the upgrade.
Updated by Dennis Cabooter over 11 years ago
The issue is still there. However, de output on the node reports succes:
R: @@sudoParameters@@result_success@@ce690900-304d-492e-9b82-cdc3decdedda@@a588d0ed-aa10-418a-aa6d-3b687107d748@@137@@Install@@None@@2013-06-04 13:35:33+02:00##2500fd48-2905-42ba-bfdf-e5c170b9a176@#sudo already installed !! Method invoked repairs -> Executing '/usr/sbin/visudo -c -s -f /etc/sudoers.rudder' ... (no timeout) Q: "...bin/visudo -c -": /etc/sudoers.rudder: parsed OK I: Last 1 quoted lines were generated by promiser "/usr/sbin/visudo -c -s -f /etc/sudoers.rudder" -> Completed execution of /usr/sbin/visudo -c -s -f /etc/sudoers.rudder R: @@sudoParameters@@result_success@@ce690900-304d-492e-9b82-cdc3decdedda@@a588d0ed-aa10-418a-aa6d-3b687107d748@@137@@sudoersFile@@None@@2013-06-04 13:35:33+02:00##2500fd48-2905-42ba-bfdf-e5c170b9a176@#The sudoers file did not require any modification
Updated by Nicolas PERRON over 11 years ago
Dennis Cabooter wrote:
The issue is still there. However, de output on the node reports succes:
[...]
Ok and are these success messages present on the technical logs of the node in the Rudder WebUI ?
Updated by Dennis Cabooter over 11 years ago
In the webapp this are the only tech logs that have to do with sudo:
2013-06-04 14:41 result_success Global sudo management Global: User management sudoersFile - The sudoers file did not require any modification 2013-06-04 14:41 result_success Global sudo management Global: User management Install - sudo already installed
Updated by Vincent MEMBRÉ over 11 years ago
- Category set to Techniques
- Status changed from New to In progress
- Assignee set to Vincent MEMBRÉ
- Priority changed from N/A to 1 (highest)
I found out the reporting error.
It cam from the edit_line bundle used in here.
It does not report that the line was already inserted.
I'm trying to find out a fix!
Updated by Nicolas PERRON over 11 years ago
- Target version changed from 2.6.2 to 2.6.3
Updated by Vincent MEMBRÉ over 11 years ago
This bugs occurs because of a bug CFEngine 3.4.
classes in the following extract are not thrown, so there is no reporting done.
insert_lines:
replace_attempted_env_reset::
"Defaults env_reset";
check_sudo_parameters_sudo_add_line_vars_defined::
"${lines[${index}]}"
classes => kept_if_else("line_${index}_kept", "line_${index}_added", "line_${index}_add_failed");
delete_lines:
all_lines_defined.force::
".*"
delete_select => sudo_select_nomatch("${all_lines}"),
classes => if_repaired("line_deleted");
This was working in cfengine 3.2. and reporting is working in 2.5 and 2.4
Updated by Vincent MEMBRÉ over 11 years ago
The real explanation about that bug is that the last line inserted is not sending kept_promises.
In the actual version if you insert several users as sudoers, only the last inserted is not reporting (not necesserly the last in the list, really the last inserted).
I found a workaround, in inserting a comment line after all users lines are inserting, and then deleting this line (and if that line is not erased, as its a commentary it has no consequences)
This will be implemented very soon
Updated by Vincent MEMBRÉ over 11 years ago
- Status changed from In progress to Pending technical review
- Assignee changed from Vincent MEMBRÉ to Nicolas CHARLES
- Pull Request set to https://github.com/Normation/rudder-techniques/pull/138
Pull request here : https://github.com/Normation/rudder-techniques/pull/138
Updated by Vincent MEMBRÉ over 11 years ago
The bug is opened in CFEngine bug tracker https://cfengine.com/dev/issues/2943
Updated by Nicolas CHARLES over 11 years ago
I've submitted a pull request to fix this problem
https://github.com/cfengine/core/pull/769
Updated by Nicolas CHARLES over 11 years ago
- Project changed from 24 to 34
- Subject changed from Sudo utility configuration No answer status to Techniques using reporting based on file edition don't have proper reporting for kept status with CFEngine 3.4.x
- Category deleted (
Techniques) - Status changed from Pending technical review to In progress
- Pull Request deleted (
https://github.com/Normation/rudder-techniques/pull/138)
Updated by Nicolas CHARLES over 11 years ago
- Status changed from In progress to Pending technical review
- Assignee changed from Nicolas CHARLES to Jonathan CLARKE
- Pull Request set to https://github.com/Normation/rudder-packages/pull/70
I've submited a patch for our version of CFEngine, as the patch han't been accepted upstream yet
Updated by Nicolas CHARLES over 11 years ago
My patch wasn't accepted by CFEngine, they created this change, on Master
https://github.com/cfengine/core/pull/793
I'll try to backport it, to include it in our cfengine
Updated by Jonathan CLARKE over 11 years ago
- Status changed from Pending technical review to In progress
- Assignee changed from Jonathan CLARKE to Nicolas CHARLES
Nicolas CHARLES wrote:
My patch wasn't accepted by CFEngine, they created this change, on Master
https://github.com/cfengine/core/pull/793I'll try to backport it, to include it in our cfengine
Agreed, it would be preferable to fix this by CFEngine code, rather than a workaround in promises.
Updated by Nicolas CHARLES over 11 years ago
Ok, they changed their pull request ( https://github.com/cfengine/core/pull/805/files )
However, it won't be applied on the 3.4 branch :(
Updated by Nicolas CHARLES over 11 years ago
- Status changed from In progress to Pending technical review
- Assignee changed from Nicolas CHARLES to Jonathan CLARKE
I've backported their modification into our agent
Updated by Nicolas CHARLES over 11 years ago
- Status changed from Pending technical review to Pending release
- % Done changed from 0 to 100
Applied in changeset commit:c1838913e5794c8e66ff837f6915d330ddddb444.
Updated by Jonathan CLARKE over 11 years ago
Applied in changeset commit:0e25d257166042f2e201f48360855a9c695d7bf1.
Updated by Nicolas PERRON over 11 years ago
- Status changed from Pending release to Released
Updated by Nicolas PERRON over 11 years ago
This bug has been fixed in Rudder 2.6.3, which was released today.
Check out:
- The release announcement: http://www.rudder-project.org/pipermail/rudder-announce/2013-July/000036.html
- The full ChangeLog: http://www.rudder-project.org/foswiki/bin/view/System/Documentation:ChangeLog26
- Download information: http://www.rudder-project.org/foswiki/Download/
Updated by Benoît PECCATTE over 9 years ago
- Project changed from 34 to Rudder
- Category set to Packaging