Bug 1427468
| Summary: | Upgrade from wrapper to wrapper failed (ConfigMigrationError) | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | [oVirt] ovirt-node | Reporter: | Huijuan Zhao <huzhao> | ||||||
| Component: | Installation & Update | Assignee: | Ryan Barry <rbarry> | ||||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Huijuan Zhao <huzhao> | ||||||
| Severity: | urgent | Docs Contact: | |||||||
| Priority: | unspecified | ||||||||
| Version: | 4.1 | CC: | bugs, cshao, dguo, dougsland, huzhao, jiawu, leiwang, peyu, qiyuan, rbarry, sbonazzo, weiwang, yaniwang, ycui, yzhao | ||||||
| Target Milestone: | ovirt-4.1.1 | Flags: | rule-engine:
ovirt-4.1+
rule-engine: blocker+ rule-engine: planning_ack+ sbonazzo: devel_ack+ ycui: testing_ack+ |
||||||
| Target Release: | 4.1 | ||||||||
| Hardware: | Unspecified | ||||||||
| OS: | Unspecified | ||||||||
| Whiteboard: | |||||||||
| Fixed In Version: | imgbased-0.9.18-0.1.el7ev | Doc Type: | If docs needed, set a value | ||||||
| Doc Text: | Story Points: | --- | |||||||
| Clone Of: | Environment: | ||||||||
| Last Closed: | 2017-04-21 09:38:25 UTC | Type: | Bug | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | Node | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Embargoed: | |||||||||
| Bug Depends On: | |||||||||
| Bug Blocks: | 1419535 | ||||||||
| Attachments: |
|
||||||||
|
Description
Huijuan Zhao
2017-02-28 09:54:58 UTC
*** Bug 1427478 has been marked as a duplicate of this bug. *** Target release should be placed once a package build is known to fix a issue. Since this bug is not modified, the target version has been reset. Please use target milestone to plan a fix for a oVirt release. I just tried updating: 4.0-20160916.0 4.0-20161116.1 4.1-20170308.1 Still can't reproduce... Another reproducer would be great, if possible. huzhao, Could you help to reply #c5? Thanks. (In reply to Ryan Barry from comment #5) > I just tried updating: > > 4.0-20160916.0 > 4.0-20161116.1 > 4.1-20170308.1 > > Still can't reproduce... > > Another reproducer would be great, if possible. Ryan, I reproduced again with another machine. 4.0-20160919.0 4.0-20161116.1 4.1-20170308.1 I modified /etc/ssh/ssh_host_ed25519_key to /etc/ssh/ssh_host_ed25519_key_backup, then can ssh successful. Please refer to attachment for log. And I will send ENV info via email. Created attachment 1262772 [details] comment 7 : sosreport and log I tried to reproduce this issue on my local testing machine, and it can be reproduced. The three builds are the same as comment #7. After upgrade to 4.1-20170308.1, I checked sshd.service and /etc/ssh: # systemctl status sshd ● sshd.service - OpenSSH server daemon Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled) Active: active (running) since Tue 2017-03-14 14:18:16 CST; 1min 1s ago Docs: man:sshd(8) man:sshd_config(5) Process: 21658 ExecStart=/usr/sbin/sshd $OPTIONS (code=exited, status=0/SUCCESS) Main PID: 21660 (sshd) CGroup: /system.slice/sshd.service └─21660 /usr/sbin/sshd Mar 14 14:18:16 dhcp-9-139.nay.redhat.com sshd[21658]: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Mar 14 14:18:16 dhcp-9-139.nay.redhat.com sshd[21658]: Permissions 0640 for '/etc/ssh/ssh_host_ed25519_key' are too open. Mar 14 14:18:16 dhcp-9-139.nay.redhat.com sshd[21658]: It is required that your private key files are NOT accessible by others. Mar 14 14:18:16 dhcp-9-139.nay.redhat.com sshd[21658]: This private key will be ignored. Mar 14 14:18:16 dhcp-9-139.nay.redhat.com sshd[21658]: bad permissions: ignore key: /etc/ssh/ssh_host_ed25519_key Mar 14 14:18:16 dhcp-9-139.nay.redhat.com sshd[21658]: Could not load host key: /etc/ssh/ssh_host_ed25519_key Mar 14 14:18:16 dhcp-9-139.nay.redhat.com systemd[1]: PID file /var/run/sshd.pid not readable (yet?) after start. Mar 14 14:18:16 dhcp-9-139.nay.redhat.com sshd[21660]: Server listening on 0.0.0.0 port 22. Mar 14 14:18:16 dhcp-9-139.nay.redhat.com systemd[1]: Started OpenSSH server daemon. Mar 14 14:18:16 dhcp-9-139.nay.redhat.com sshd[21660]: Server listening on :: port 22. # ls -al /etc/ssh drwxr-xr-x. 2 root root 225 Mar 14 14:06 . drwxr-xr-x. 118 root root 8192 Mar 14 14:16 .. -rw-r--r--. 1 root root 242153 Dec 21 00:27 moduli -rw-r--r--. 1 root root 2208 Dec 21 00:27 ssh_config -rw-------. 1 root root 4361 Dec 21 00:27 sshd_config -rw-r-----. 1 root input 227 Mar 14 05:17 ssh_host_ecdsa_key -rw-r--r--. 1 root root 162 Mar 14 05:17 ssh_host_ecdsa_key.pub -rw-r-----. 1 root input 387 Mar 14 05:17 ssh_host_ed25519_key -rw-r--r--. 1 root root 82 Mar 14 05:17 ssh_host_ed25519_key.pub -rw-r-----. 1 root input 1675 Mar 14 05:17 ssh_host_rsa_key -rw-r--r--. 1 root root 382 Mar 14 05:17 ssh_host_rsa_key.pub The group of ssh_host_ecdsa_key, ssh_host_ed25519_key, and ssh_host_rsa_key is input. This is incorrect, it should be ssh_keys. I changed the group to ssh_keys, using cmd: # chown root:ssh_keys ssh_host_ecdsa_key # chown root:ssh_keys ssh_host_ed25519_key # chown root:ssh_keys ssh_host_rsa_key and restart sshd using cmd: # systemctl restart sshd recheck sshd.service: # systemctl status sshd ● sshd.service - OpenSSH server daemon Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled) Active: active (running) since Tue 2017-03-14 14:22:09 CST; 17s ago Docs: man:sshd(8) man:sshd_config(5) Process: 21698 ExecStart=/usr/sbin/sshd $OPTIONS (code=exited, status=0/SUCCESS) Main PID: 21700 (sshd) CGroup: /system.slice/sshd.service └─21700 /usr/sbin/sshd Mar 14 14:22:09 dhcp-9-139.nay.redhat.com systemd[1]: Starting OpenSSH server daemon... Mar 14 14:22:09 dhcp-9-139.nay.redhat.com systemd[1]: PID file /var/run/sshd.pid not readable (yet?) after start. Mar 14 14:22:09 dhcp-9-139.nay.redhat.com sshd[21700]: Server listening on 0.0.0.0 port 22. Mar 14 14:22:09 dhcp-9-139.nay.redhat.com sshd[21700]: Server listening on :: port 22. Mar 14 14:22:09 dhcp-9-139.nay.redhat.com systemd[1]: Started OpenSSH server daemon. Finally, this issue has been resloved by this workaroud, sshd returns to normal status. Test version: Build1: redhat-virtualization-host-4.0-20160919.0 Build2: redhat-virtualization-host-4.0-20161116.0 Build3: redhat-virtualization-host-4.1-20170314.0 imgbased-0.9.18-0.1.el7ev.noarch Test steps: 1. Install build1 redhat-virtualization-host-4.0-20160919.0 2. Reboot and login build1, download redhat-virtualization-host-image-update-4.0-20161116.1.el7_3.noarch.rpm and update: # yum install redhat-virtualization-host-image-update-4.0-20161116.1.el7_3.noarch.rpm 3. Reboot and login build2 rhvh-4.0-0.20161116.0, setup local repos, update to build3 redhat-virtualization-host-4.1-20170314.0: # yum update 4. Reboot and focus on boot entry 5. Login redhat-virtualization-host-4.1-20170314.0, check files' group of /etc/ssh, ssh rhvh from other host. Test results: 1. In step3, there is no error info during update "#yum update" and upgrade successful. After update,there are 2 bases/layers. [root@dell-per730-35 ~]# imgbase layout rhvh-4.0-0.20161116.0 +- rhvh-4.0-0.20161116.0+1 rhvh-4.1-0.20170315.0 +- rhvh-4.1-0.20170315.0+1 2. In step4, there are two latest build boot entries. ------------------------ rhvh-4.1-0.20170315.0 rhvh-4.0-0.20161116.0 ------------------------ 3. In step5, sshd service run normally, ssh rhvh from other machine successfully. # ls -l /etc/ssh total 276 -rw-r--r--. 1 root root 242153 Dec 20 16:27 moduli -rw-r--r--. 1 root root 2208 Dec 20 16:27 ssh_config -rw-------. 1 root root 4361 Dec 20 16:27 sshd_config -rw-r-----. 1 root ssh_keys 227 Mar 16 03:24 ssh_host_ecdsa_key -rw-r--r--. 1 root root 162 Mar 16 03:24 ssh_host_ecdsa_key.pub -rw-r-----. 1 root ssh_keys 387 Mar 16 03:24 ssh_host_ed25519_key -rw-r--r--. 1 root root 82 Mar 16 03:24 ssh_host_ed25519_key.pub -rw-r-----. 1 root ssh_keys 1675 Mar 16 03:24 ssh_host_rsa_key -rw-r--r--. 1 root root 382 Mar 16 03:24 ssh_host_rsa_key.pub So this bug is fixed in imgbased-0.9.18-0.1.el7ev.noarch, change the status to VERIFIED. |