Project

General

Profile

Bug #7268

Updated by Janos Mattyasovszky about 9 years ago

Hi folks, 
 Anyone actually running a rudder server on ubuntu? 

 I have the Problem, that the Server defines an ACL who can access it, and it contains hostnames and also IPs, and the generated rudder-networks-24.conf uses statements that only work for IP-s. 

 Root server: rts_m01 
 Relay server: rts_m01_r01 
 Base OS: 14.04.2 LTS, Trusty Tahr 

 I have traced the issue to the following bundles: 
 +rudder-techniques/techniques/system/common/1.0/cf-served.st+ 
 <pre> 
 bundle common def 
 { 
 [...] 
     policy_server:: 
       "acl" slist => { 
       "127.0.0.0/8" , "::1", 
       "${def.policy_server}", # the policy server can connect to a relay 
       "172.17.0.0/16", 
     }; 
 [...] 
 </pre> 

 The culprit is the plain _"${def.policy_server}"_. 

 This evaluates to a config file like this (on the relay), since the Relay has a Name in its policy_server.dat, not an IP Address: 
 <pre> 
 root@rts_m01_r01:/# cat /opt/rudder/etc/rudder-networks-24.conf 
 Require ip 127.0.0.0/8 
 Require ip ::1 
 Require ip rts_m01 
 Require ip 172.17.0.0/16 
 </pre> 

 However, according to the Documentation of Apache 2.4 @ [[http://httpd.apache.org/docs/2.4/howto/access.html]], the proper usage for hostnames would be "Require host rts_m01". 

 So basically when I (or the Agent's run) tries to restart apache2, it gets an error like this: 
 <pre> 
 root@rts_m01_r01:/# service apache2 restart 
  * Restarting web server apache2 
    ...fail! 
  * The apache2 configtest failed. 
 Output of config test was: 
 AH00526: Syntax error on line 3 of /opt/rudder/etc/rudder-networks-24.conf: 
 ip address 'rts_m01' appears to be invalid 
 Action 'configtest' failed. 
 The Apache error log may have more information. 
 root@rts_m01_r01:/# 
 </pre> 

 Proposing to use host2ip on the value to make sure you have an IP

Back