Bug #7268
Updated by Janos Mattyasovszky about 9 years ago
Hi folks,
Anyone actually running a rudder server on ubuntu?
I have the Problem, that the Server defines an ACL who can access it, and it contains hostnames and also IPs, and the generated rudder-networks-24.conf uses statements that only work for IP-s.
Root server: rts_m01
Relay server: rts_m01_r01
Base OS: 14.04.2 LTS, Trusty Tahr
I have traced the issue to the following bundles:
+rudder-techniques/techniques/system/common/1.0/cf-served.st+
<pre>
bundle common def
{
[...]
policy_server::
"acl" slist => {
"127.0.0.0/8" , "::1",
"${def.policy_server}", # the policy server can connect to a relay
"172.17.0.0/16",
};
[...]
</pre>
The culprit is the plain _"${def.policy_server}"_.
This evaluates to a config file like this (on the relay), since the Relay has a Name in its policy_server.dat, not an IP Address:
<pre>
root@rts_m01_r01:/# cat /opt/rudder/etc/rudder-networks-24.conf
Require ip 127.0.0.0/8
Require ip ::1
Require ip rts_m01
Require ip 172.17.0.0/16
</pre>
However, according to the Documentation of Apache 2.4 @ [[http://httpd.apache.org/docs/2.4/howto/access.html]], the proper usage for hostnames would be "Require host rts_m01".
So basically when I (or the Agent's run) tries to restart apache2, it gets an error like this:
<pre>
root@rts_m01_r01:/# service apache2 restart
* Restarting web server apache2
...fail!
* The apache2 configtest failed.
Output of config test was:
AH00526: Syntax error on line 3 of /opt/rudder/etc/rudder-networks-24.conf:
ip address 'rts_m01' appears to be invalid
Action 'configtest' failed.
The Apache error log may have more information.
root@rts_m01_r01:/#
</pre>
Proposing to use host2ip on the value to make sure you have an IP