Bug 1052397

Summary: wsmancli without function: Connection failed. response code = 0
Product: [Fedora] Fedora Reporter: Andreas Thienemann <andreas>
Component: openwsmanAssignee: Vitezslav Crhonek <vcrhonek>
Status: CLOSED CURRENTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: unspecified    
Version: 20CC: praveen_paladugu, srinivas_g_gowda, vcrhonek
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-02-12 10:19:58 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Patch to .spec file upgrading to 2.4.3 none

Description Andreas Thienemann 2014-01-13 18:43:50 UTC 
Description of problem:
Trying to use wsman to fire off any commands to a remote machine immediately returns "Connection failed. response code = 0".


Version-Release number of selected component (if applicable):
wsmancli-2.3.0-3.fc20.x86_64


Steps to Reproduce:
[root@server ~]# rpm -q fedora-release
fedora-release-20-1.noarch
[root@server ~]# uname -a
Linux server.localdomain 3.12.6-300.fc20.x86_64 #1 SMP Mon Dec 23 16:44:31 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux
[root@server ~]# read -p "Password: " -s AMT_PASSWORD && export AMT_PASSWORD && echo
Password:
[root@server ~]# AMT_HOST=192.168.2.1 && export AMT_HOST
[root@server ~]# wsman identify -h ${AMT_HOST} --port 16992 --username admin -p ${AMT_PASSWORD}
Connection failed. response code = 0
[root@server ~]# journalctl _COMM=wsman | tail -n 1
Jan 13 19:33:27 server.localdomain wsman[4536]: [wrn][4536:/builddir/build/BUILD/openwsman-2.3.6/src/lib/wsman-client-transport.c:91:wsman_send_request] Couldn't send request to client: (null)
[root@server ~]#


Actual results:
Error. strace shows the process not actually sending anything to the network.

[root@server ~]# strace wsman identify -h ${AMT_HOST} --port 16992 --username admin -p ${AMT_PASSWORD}  2>&1 | tail -n 25
statfs("/sys/fs/selinux", {f_type=0xf97cff8c, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={0, 0}, f_namelen=255, f_frsize=4096}) = 0
statfs("/sys/fs/selinux", {f_type=0xf97cff8c, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={0, 0}, f_namelen=255, f_frsize=4096}) = 0
stat("/sys/fs/selinux", {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
brk(0)                                  = 0xeee000
brk(0xf0f000)                           = 0xf0f000
access("/etc/system-fips", F_OK)        = -1 ENOENT (No such file or directory)
futex(0x7f3256b260d0, FUTEX_WAKE_PRIVATE, 2147483647) = 0
gettid()                                = 22669
rt_sigaction(SIGPIPE, {SIG_IGN, [], SA_RESTORER, 0x7f32570e2cd0}, NULL, 8) = 0
open("/etc/localtime", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=2917, ...}) = 0
fstat(3, {st_mode=S_IFREG|0644, st_size=2917, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3257cd1000
read(3, "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\r\0\0\0\r\0\0\0\0"..., 4096) = 2917
lseek(3, -1843, SEEK_CUR)               = 1074
read(3, "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\16\0\0\0\16\0\0\0\0"..., 4096) = 1843
close(3)                                = 0
munmap(0x7f3257cd1000, 4096)            = 0
socket(PF_LOCAL, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 3
connect(3, {sa_family=AF_LOCAL, sun_path="/dev/log"}, 110) = 0
sendto(3, "<28>Jan 13 19:40:04 wsman: [wrn]"..., 173, MSG_NOSIGNAL, NULL, 0) = 173
write(2, "Connection failed. response code"..., 37Connection failed. response code = 0
) = 37
exit_group(0)                           = ?
+++ exited with 0 +++
[root@server ~]#

Expected results:
A recent checkout of openwsman and wsmancli built within a mock chroot works as expected.

<mock-chroot>[root@server src]# pwd
/builddir/build/BUILD/wsmancli/src
<mock-chroot>[root@server src]# LD_LIBRARY_PATH=/usr/local/lib64 ./wsman identify -h ${AMT_HOST} --port 16992 --username admin -p ${AMT_PASSWORD}
<?xml version="1.0" encoding="UTF-8"?>
<a:Envelope xmlns:a="http://www.w3.org/2003/05/soap-envelope" xmlns:b="http://schemas.dmtf.org/wbem/wsman/identity/1/wsmanidentity.xsd" xmlns:c="http://schemas.dmtf.org/wbem/dash/1/dash.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <a:Header/>
  <a:Body>
    <b:IdentifyResponse>
      <b:ProtocolVersion>http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd</b:ProtocolVersion>
      <b:ProductVendor>Intel(r)</b:ProductVendor>
      <b:ProductVersion>AMT 8.1</b:ProductVersion>
      <c:DASHVersion>1.0.0</c:DASHVersion>
      <b:SecurityProfiles>
        <b:SecurityProfileName>http://schemas.dmtf.org/wbem/wsman/1/wsman/secprofile/http/digest</b:SecurityProfileName>
        <b:SecurityProfileName>http://schemas.dmtf.org/wbem/wsman/1/wsman/secprofile/https/digest</b:SecurityProfileName>
        <b:SecurityProfileName>http://schemas.dmtf.org/wbem/wsman/1/wsman/secprofile/https/mutual/digest</b:SecurityProfileName>
        <b:SecurityProfileName>http://schemas.dmtf.org/wbem/wsman/1/wsman/secprofile/http/spnego-kerberos</b:SecurityProfileName>
        <b:SecurityProfileName>http://schemas.dmtf.org/wbem/wsman/1/wsman/secprofile/https/spnego-kerberos</b:SecurityProfileName>
        <b:SecurityProfileName>http://schemas.dmtf.org/wbem/wsman/1/wsman/secprofile/https/mutual/spnego-kerberos</b:SecurityProfileName>
      </b:SecurityProfiles>
    </b:IdentifyResponse>
  </a:Body>
</a:Envelope>
<mock-chroot>[root@server src]#
Comment 1 Andreas Thienemann 2014-01-13 18:58:03 UTC 
Some further debugging shows, that this is more likely a problem in openwsman libwsman1-2.3.6-8.fc20.x86_64.

That package needs an upgrade.
Comment 2 Andreas Thienemann 2014-01-22 15:38:34 UTC 
Created attachment 853922 [details]
Patch to .spec file upgrading to 2.4.3

Attached is a patch to the openwsman.spec file upgrading the library to 2.4.3, updating the source URL to the new github release page and fixing a date warning.

This has been tested and does fix the bug for my testcase.
Comment 3 Vitezslav Crhonek 2014-01-23 14:01:48 UTC 
There are two problems:

a) /etc/pam.d/openwsman is wrong - you have got to modify all pam_unix2.so to pam_unix.so 

I'll fix that in updated package.

b) by default, openwsman-server uses SSL connection, the wsman command should look like:

# wsman identify -h localhost --port 5986 --username root -p $PASS -v -c /etc/openwsman/servercert.pem

If are not connecting to localhost, get the certificate from server. Even if you reconfigured server to _not_ use SSL, the "-v" flag is necessary.
Comment 4 Fedora Update System 2014-02-01 20:41:16 UTC 
libvirt-1.1.3.3-5.fc20,openwsman-2.4.3-1.fc20 has been submitted as an update for Fedora 20.
https://admin.fedoraproject.org/updates/libvirt-1.1.3.3-5.fc20,openwsman-2.4.3-1.fc20
Comment 5 Fedora Update System 2014-02-10 03:14:46 UTC 
libvirt-1.1.3.3-5.fc20, openwsman-2.4.3-1.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 6 Andreas Thienemann 2014-02-12 10:19:58 UTC 
Just verified that wsmancli can be correctly installed from the repo, that dependencies are all correct as well.
Functionality of wsmancli is fixed as well.

Thanks everyone, closing bug.