Actions
Bug #7064
closedSystem object (techniques, directives, rules, groups) must be always enabled
Status:
Released
Priority:
1 (highest)
Assignee:
Category:
Web - Config management
Target version:
Pull Request:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
Name check:
Fix check:
Regression:
Description
Today, we have build Rudder with the system rules actually on the node. If they are not, nothing work.
But system object still have a "isEnabled field", and it is actually used. That a big problem.
Moreover, if one of these object is disabled, the user can't do anything about it (safe invoking LDAP magic).
Updated by François ARMAND over 9 years ago
- Status changed from In progress to Pending technical review
- Assignee changed from François ARMAND to Nicolas CHARLES
- Pull Request set to https://github.com/Normation/rudder/pull/905
Updated by François ARMAND over 9 years ago
- Status changed from Pending technical review to Pending release
- % Done changed from 0 to 100
Applied in changeset rudder|8a1c76c9d92226ac456af226951993487aa89366.
Updated by Nicolas CHARLES over 9 years ago
Applied in changeset rudder|0d1e7e6420fc60f5bdebd57fbfde628750b7da9e.
Updated by François ARMAND over 9 years ago
- Status changed from Pending release to Released
Updated by Nicolas CHARLES about 9 years ago
this can be solved by
RUDDER_OPT="/opt/rudder" LDAP_CREDENTIALS=$(grep -c -E "^ldap.auth(dn|pw)[ \t]*=" /opt/rudder/etc/rudder-web.properties || true) LDAP_USER="$(grep -E '^ldap.authdn[ \t]*=' ${RUDDER_OPT}/etc/rudder-web.properties | cut -d "=" -f 2-)" LDAP_PASSWORD="$(grep -E '^ldap.authpw[ \t]*=' ${RUDDER_OPT}/etc/rudder-web.properties | cut -d "=" -f 2-)" LDAP_SERVER='localhost' LDAP_PORT='389' LDAP_PARAMETERS="-H ldap://${LDAP_SERVER}:${LDAP_PORT}/ -D ${LDAP_USER} -w ${LDAP_PASSWORD} -x" LDAPMODIFY="ldapmodify ${LDAP_PARAMETERS}" ${LDAPMODIFY} >/dev/null 2>&1 << EOF dn: activeTechniqueId=common,techniqueCategoryId=Rudder Internal,techniqueCategoryId=Active Techniques,ou=Rudder,cn=rudder-configuration changetype: modify replace: isEnabled isEnabled: TRUE EOF ${LDAPMODIFY} >/dev/null 2>&1 << EOF dn: ruleId=hasPolicyServer-root,ou=Rules,ou=Rudder,cn=rudder-configuration changetype: modify replace: isEnabled isEnabled: TRUE EOF ${LDAPMODIFY} >/dev/null 2>&1 << EOF dn: directiveId=common-root,activeTechniqueId=common,techniqueCategoryId=Rudder Internal,techniqueCategoryId=Active Techniques,ou=Rudder,cn=rudder-configuration changetype: modify replace: isEnabled isEnabled: TRUE EOF
And then, clear cache in the web interface
Actions