Bug #7001
closedIf domain name is not set in resolv.conf, the inventory generated is invalid
Description
We should either:
- don't trust this field to be always set, or
- fix the inventory so that the value is always defined
This is even more criticla in 3.1, as we finally made this entry mandatory
This ticket is for correcting the agent behaviour, the child one is to adapt the server in 3.1 to find hostname information on inventories with empty FQDN attribute.
Files
Updated by Nicolas CHARLES over 9 years ago
- File test-fai-876cd88b-f6f2-4cf0-bd66-7eda1fb03bba.ocs added
Updated by Nicolas CHARLES over 9 years ago
- File deleted (
test-fai-876cd88b-f6f2-4cf0-bd66-7eda1fb03bba.ocs)
Updated by Nicolas CHARLES over 9 years ago
- patch fusion to enforce somethginh in fqdn (editing /opt/rudder/share/fusioninventory/lib/FusionInventory/Agent/Task/Inventory/Generic.pm, to add
use Sys::Hostname; ... my $base_fqdn = hostfqdn(); my $FQDN = length($base_fqdn) ? $base_fqdn : hostname();
but this solution will need an up to date agent - don't enforce that FQDN is filled, and if it is not, use HARDWARE/NAME
Updated by Nicolas CHARLES over 9 years ago
- Related to Bug #6711: Hostname in inventory may sometimes be wrongfully in lowercase added
Updated by Nicolas CHARLES over 9 years ago
- Target version changed from 3.1.1 to 2.10.16
Updated by Nicolas CHARLES over 9 years ago
- Related to Bug #7031: Inventory <FQDN> content differs from hostname --fqdn and may lead to unauthorised nodes added
Updated by Nicolas CHARLES over 9 years ago
- Category changed from Web - Nodes & inventories to Agent
- Status changed from New to In progress
- Assignee set to Nicolas CHARLES
- Target version changed from 2.10.16 to 2.11.13
Updated by Nicolas CHARLES over 9 years ago
- Status changed from In progress to Pending technical review
- Assignee changed from Nicolas CHARLES to Vincent MEMBRÉ
- Pull Request set to https://github.com/Normation/rudder-packages/pull/718
Updated by Nicolas CHARLES over 9 years ago
- Status changed from Pending technical review to Pending release
- % Done changed from 0 to 100
Applied in changeset rudder-packages|3152599796ea18128d13597ec0303e1c93e5bc21.
Updated by Vincent MEMBRÉ over 9 years ago
Applied in changeset rudder-packages|da2b7768659748c3c6682738815fc93f511b12e5.
Updated by Vincent MEMBRÉ over 9 years ago
- Category changed from Agent to Web - Nodes & inventories
Updated by François ARMAND over 9 years ago
- Status changed from Pending release to Released
Updated by Vincent MEMBRÉ about 9 years ago
- Related to Bug #7241: Patch not applied on fusion inventory added
Updated by Florian Heigl about 9 years ago
Some more details...
I can still have a host (3.1.5 server and agent) that can be accepted to rudder but will be denied access to its own policy after the first run.
Problem seems to be specific to CentOS6 with network manager installed and DOMAIN not set in the interface config.
I can fix it by setting that variable in the interface config file, the HOSTNAME setting in /etc/sysconfig/network (which is supposed to be a fqdn) is not sufficient since the init scripts now set a hostname of host.domain.tld (that means, it'll show this in both 'hostname' and 'hostname --fqdn).
So this means the hostname setup code in CentOS6 is broken, assuming that host.domain.tld is a single WORD.
I wish those people would be convicted to get a job outside IP.
The fix of setting it in the interface config (so a partial / mis-configuration for this purpose - because unless you have only one interface there might be multiple DOMAINS for per-interface hostnames) does get the job done.
A post-rudder-accept update also works and then magically unlocks ACLs for the client access.
In the reverse that means it's still having problems if there's some mismatch even though the inventory is probably correctly signed and the node is generally accepted.
Oh, lovely.
On a later run it broke again. I'm now again getting refusals.
NOT working, cannot update node's policy.
Please make sure your tests for this issue involve multiple runs of the agent on the master and client.
Will gladly give access to affected node and master for debugging.
Updated by François ARMAND over 8 years ago
- Related to User story #8022: Allow users to specify node hostname (FQDN) added