Project

General

Profile

Actions

Bug #7892

closed

rudder server debug fails on SLES 11

Added by Nicolas CHARLES almost 9 years ago. Updated over 7 years ago.

Status:
Released
Priority:
N/A
Category:
System integration
Target version:
Severity:
Major - prevents use of part of Rudder | no simple workaround
UX impact:
User visibility:
Getting started - demo | first install | level 1 Techniques
Effort required:
Priority:
45
Name check:
Fix check:
Regression:

Description

On a SLES11, running rudder server debug fails with following error message (as dictated over the phone)

iptables 1.4.6 cant initialize table, table NAT does not exist

Actions #1

Updated by Janos Mattyasovszky almost 9 years ago

Well, I have seen that you get an error when stopping the debugging by Ctrl+C:

# bash -x /opt/rudder/share/commands/server-debug 127.0.0.123
+ DEBUG_PORT=5310
+ set -e
+ trap anomaly_handler ERR INT TERM
+ STEP=INIT
+ NODE=127.0.0.123
+ '[' -z 127.0.0.123 ']'
+ STEP='Creating redirect iptables rule'
+ iptables -t nat -I PREROUTING -p tcp -s 127.0.0.123 --dport 5309 -j DNAT --to-destination :5310
+ STEP='Running debug server'
+ /var/rudder/cfengine-community/bin/cf-serverd -v --no-fork -D debug_port

[...]
2016-02-09T10:51:57+0100  verbose: Listening for connections ...
2016-02-09T10:51:57+0100   notice: Server is starting...
^C 2016-02-09T10:51:58+0100   notice: Cleaning up and exiting...
2016-02-09T10:51:58+0100  verbose: Closing listening socket
2016-02-09T10:51:58+0100  verbose: All threads are done, cleaning up allocations
++ anomaly_handler
++ iptables -t nat -D PREROUTING -p tcp -s 127.0.0.123 --dport 5309 -j DNAT --to-destination :5310
++ echo ''

++ echo 'Debug has been stopped on step: Running debug server'
Debug has been stopped on step: Running debug server
+ STEP='Removing iptables rule'
+ iptables -t nat -D PREROUTING -p tcp -s 127.0.0.123 --dport 5309 -j DNAT --to-destination :5310
iptables: No chain/target/match by that name.
++ anomaly_handler
++ iptables -t nat -D PREROUTING -p tcp -s 127.0.0.123 --dport 5309 -j DNAT --to-destination :5310
iptables: No chain/target/match by that name.

Seen on:

# rpm -qf /opt/rudder/share/commands/server-debug
rudder-agent-3.0.13.release-1.SLES.11

This problem arises from the issue, that you also remove the same iptables rule on exit which was already removed by the anomaly_handler routine, so this at-the-end removal triggers an error, which also calls the anomaly_handler, which also tries to remove the iptables rule, causing a second error message on failure of removal.

My suggestion is to put the iptables-deletion into a function, that keeps track if it was already removed, or put an exit 1 into the anomaly_handler, so further code is not executed after a ctrl+C is handled (basically skipping "Removing iptables rule" on error).

Actions #2

Updated by Jonathan CLARKE over 8 years ago

  • Target version changed from 3.1.6 to 3.1.7
Actions #3

Updated by Vincent MEMBRÉ over 8 years ago

  • Target version changed from 3.1.7 to 3.1.8
Actions #4

Updated by Vincent MEMBRÉ over 8 years ago

  • Target version changed from 3.1.8 to 3.1.9
Actions #5

Updated by Vincent MEMBRÉ over 8 years ago

  • Target version changed from 3.1.9 to 3.1.10
Actions #6

Updated by Vincent MEMBRÉ over 8 years ago

  • Target version changed from 3.1.10 to 3.1.11
Actions #7

Updated by Vincent MEMBRÉ over 8 years ago

  • Target version changed from 3.1.11 to 3.1.12
Actions #8

Updated by Vincent MEMBRÉ over 8 years ago

  • Target version changed from 3.1.12 to 3.1.13
Actions #9

Updated by Vincent MEMBRÉ about 8 years ago

  • Target version changed from 3.1.13 to 3.1.14
Actions #10

Updated by Vincent MEMBRÉ about 8 years ago

  • Target version changed from 3.1.14 to 3.1.15
Actions #11

Updated by Vincent MEMBRÉ about 8 years ago

  • Target version changed from 3.1.15 to 3.1.16
Actions #12

Updated by Vincent MEMBRÉ about 8 years ago

  • Target version changed from 3.1.16 to 3.1.17
Actions #13

Updated by Vincent MEMBRÉ almost 8 years ago

  • Target version changed from 3.1.17 to 3.1.18
Actions #14

Updated by Vincent MEMBRÉ almost 8 years ago

  • Target version changed from 3.1.18 to 3.1.19
Actions #15

Updated by Jonathan CLARKE over 7 years ago

  • Severity set to Major - prevents use of part of Rudder | no simple workaround
  • User visibility set to Getting started - demo | first install | level 1 Techniques
Actions #16

Updated by Benoît PECCATTE over 7 years ago

  • Priority set to 45
Actions #17

Updated by Vincent MEMBRÉ over 7 years ago

  • Target version changed from 3.1.19 to 3.1.20
Actions #18

Updated by Jonathan CLARKE over 7 years ago

  • Assignee deleted (Benoît PECCATTE)
Actions #19

Updated by Benoît PECCATTE over 7 years ago

  • Status changed from New to In progress
  • Assignee set to Benoît PECCATTE
Actions #20

Updated by Benoît PECCATTE over 7 years ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Benoît PECCATTE to Alexis Mousset
  • Pull Request set to https://github.com/Normation/rudder-agent/pull/114
Actions #21

Updated by Benoît PECCATTE over 7 years ago

  • Status changed from Pending technical review to Pending release
Actions #22

Updated by Vincent MEMBRÉ over 7 years ago

  • Status changed from Pending release to Released

This bug has been fixed in Rudder 3.1.20, 4.0.5 and 4.1.2 which were released today.

Actions

Also available in: Atom PDF