Project

General

Profile

Actions

Bug #7268

closed

Network list for apache 2.4 is invalidly generated

Added by Janos Mattyasovszky about 9 years ago. Updated about 9 years ago.

Status:
Released
Priority:
1 (highest)
Assignee:
-
Category:
System techniques
Target version:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
Name check:
Fix check:
Regression:

Description

Hi folks,
Anyone actually running a rudder server on ubuntu?

I have the Problem, that the Server defines an ACL who can access it, and it contains hostnames and also IPs, and the generated rudder-networks-24.conf uses statements that only work for IP-s.

Root server: rts_m01
Relay server: rts_m01_r01
Base OS: 14.04.2 LTS, Trusty Tahr

I have traced the issue to the following bundles:
rudder-techniques/techniques/system/common/1.0/cf-served.st

bundle common def
{
[...]
    policy_server::
      "acl" slist => {
      "127.0.0.0/8" , "::1",
      "${def.policy_server}", # the policy server can connect to a relay
      "172.17.0.0/16",
    };
[...]

The culprit is the plain "${def.policy_server}".

This evaluates to a config file like this (on the relay), since the Relay has a Name in its policy_server.dat, not an IP Address:

root@rts_m01_r01:/# cat /opt/rudder/etc/rudder-networks-24.conf
Require ip 127.0.0.0/8
Require ip ::1
Require ip rts_m01
Require ip 172.17.0.0/16

However, according to the Documentation of Apache 2.4 @ [[http://httpd.apache.org/docs/2.4/howto/access.html]], the proper usage for hostnames would be "Require host rts_m01".

So basically when I (or the Agent's run) tries to restart apache2, it gets an error like this:

root@rts_m01_r01:/# service apache2 restart
 * Restarting web server apache2
   ...fail!
 * The apache2 configtest failed.
Output of config test was:
AH00526: Syntax error on line 3 of /opt/rudder/etc/rudder-networks-24.conf:
ip address 'rts_m01' appears to be invalid
Action 'configtest' failed.
The Apache error log may have more information.
root@rts_m01_r01:/#

Proposing to use host2ip on the value to make sure you have an IP

Actions #1

Updated by Janos Mattyasovszky about 9 years ago

  • Pull Request set to https://github.com/matya/rudder-techniques/pull/1
Actions #2

Updated by Janos Mattyasovszky about 9 years ago

  • Description updated (diff)
Actions #3

Updated by Janos Mattyasovszky about 9 years ago

  • Description updated (diff)
Actions #4

Updated by Janos Mattyasovszky about 9 years ago

  • Pull Request changed from https://github.com/matya/rudder-techniques/pull/1 to https://github.com/Normation/rudder-techniques/pull/754
Actions #5

Updated by Benoît PECCATTE about 9 years ago

  • Category changed from Techniques to System techniques
  • Target version set to 2.11.15
Actions #6

Updated by Anonymous about 9 years ago

  • Status changed from New to Pending release
  • % Done changed from 0 to 100
Actions #8

Updated by Vincent MEMBRÉ about 9 years ago

  • Status changed from Pending release to Released

This bug has been fixed in Rudder 2.11.15, 3.0.10 and 3.1.3 which were released today.

Actions

Also available in: Atom PDF