Bug 1708394

Summary: the script 99-origin-dns.sh has the debug flag '-x' set to on
Product: OpenShift Container Platform Reporter: Russell Teague <rteague>
Component: InstallerAssignee: Russell Teague <rteague>
Installer sub component: openshift-ansible QA Contact: Gaoyun Pei <gpei>
Status: CLOSED ERRATA Docs Contact:
Severity: medium    
Priority: medium CC: aos-bugs, bbennett, gpei, jokerman, klaas, mmccomas, rdiazgav
Version: 3.9.0   
Target Milestone: ---   
Target Release: 3.9.z   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Cause: Bash debug flag is set in the script Consequence: Debugging info is output to logs Fix: Removed bash debug flag Result: Debugging info is not output to logs
 Story Points: ---
Clone Of: 1707799 Environment:
Last Closed: 2019-07-05 06:58:57 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1707799    
Bug Blocks: 1708393    

Description Russell Teague 2019-05-09 18:51:07 UTC 
+++ This bug was initially created as a clone of Bug #1707799 +++

Description of problem:

99-origin-dns.sh is executed every time the network status changes,  leaving the following traces in the messages file:

May  8 11:12:17 master1 dbus[3030]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service'
May  8 11:12:17 master1 nm-dispatcher: req:1 'connectivity-change': new request (4 scripts)
May  8 11:12:17 master1 nm-dispatcher: req:1 'connectivity-change': start running ordered scripts...
May  8 11:12:17 master1 nm-dispatcher: req:2 'down' [eth0]: new request (4 scripts)
May  8 11:12:17 master1 nm-dispatcher: + cd /etc/sysconfig/network-scripts
May  8 11:12:17 master1 nm-dispatcher: + . ./network-functions
May  8 11:12:17 master1 nm-dispatcher: ++ PATH=/sbin:/usr/sbin:/bin:/usr/bin
May  8 11:12:17 master1 nm-dispatcher: ++ export PATH
May  8 11:12:17 master1 nm-dispatcher: +++ hostname
May  8 11:12:17 master1 nm-dispatcher: ++ HOSTNAME=master1.ocplab.com
May  8 11:12:17 master1 nm-dispatcher: ++ '[' -z '' ']'
May  8 11:12:17 master1 nm-dispatcher: ++ . /etc/init.d/functions
May  8 11:12:17 master1 nm-dispatcher: +++ TEXTDOMAIN=initscripts
May  8 11:12:17 master1 nm-dispatcher: +++ umask 022
May  8 11:12:17 master1 nm-dispatcher: +++ PATH=/sbin:/usr/sbin:/bin:/usr/bin
May  8 11:12:17 master1 nm-dispatcher: +++ export PATH
May  8 11:12:17 master1 nm-dispatcher: +++ '[' 62390 -ne 1 -a -z '' ']'
May  8 11:12:17 master1 nm-dispatcher: +++ '[' -d /run/systemd/system ']'
May  8 11:12:17 master1 nm-dispatcher: +++ case "$0" in
May  8 11:12:17 master1 nm-dispatcher: +++ '[' -z '' ']'
May  8 11:12:17 master1 nm-dispatcher: +++ COLUMNS=80
May  8 11:12:17 master1 nm-dispatcher: +++ '[' -z '' ']'
May  8 11:12:17 master1 nm-dispatcher: +++ '[' -c /dev/stderr -a -r /dev/stderr ']'
May  8 11:12:17 master1 nm-dispatcher: +++ CONSOLETYPE=serial
May  8 11:12:17 master1 nm-dispatcher: +++ '[' -z '' ']'
May  8 11:12:17 master1 nm-dispatcher: +++ '[' -z '' ']'
May  8 11:12:17 master1 nm-dispatcher: +++ '[' -f /etc/sysconfig/i18n -o -f /etc/locale.conf ']'
May  8 11:12:17 master1 nm-dispatcher: +++ . /etc/profile.d/lang.sh
May  8 11:12:17 master1 nm-dispatcher: +++ unset LANGSH_SOURCED
May  8 11:12:17 master1 nm-dispatcher: +++ '[' -z '' ']'
May  8 11:12:17 master1 nm-dispatcher: +++ '[' -f /etc/sysconfig/init ']'
May  8 11:12:17 master1 nm-dispatcher: +++ . /etc/sysconfig/init
[...]

This is not harmful at all, but in terms of monitoring, it causes noise which the customer would prefer to avoid. The remediation is simple, but they would like to know why does the debug flag is set to ON? and does it needs to be set to ON?   

Could you add further clarification on this?

thanks!

--- Additional comment from Ben Bennett on 2019-05-08 08:21:30 EDT ---

Passing to the installer team because they may know the history.

--- Additional comment from Scott Dodson on 2019-05-08 13:50:11 EDT ---

It was useful in debugging when we first started using this. I think it can be safely removed now.

--- Additional comment from Roberto on 2019-05-08 14:20:45 EDT ---

ack, is there any plan to remove the debug flag at short term?

--- Additional comment from Russell Teague on 2019-05-08 14:29:27 EDT ---

https://github.com/openshift/openshift-ansible/pull/11592
Comment 1 Russell Teague 2019-05-09 18:52:33 UTC 
https://github.com/openshift/openshift-ansible/pull/11594
Comment 3 Gaoyun Pei 2019-06-28 08:26:43 UTC 
Verify this bug with openshift-ansible-3.9.85-1.git.0.7c950b1.el7.noarch.rpm

After fresh install, check the 99-origin-dns.sh file, "-x" has been removed.

[root@ip-172-18-10-104 dispatcher.d]# head -n1 99-origin-dns.sh
#!/bin/bash

Restart NetworkManager service, no debug info shown in messages log
Comment 5 errata-xmlrpc 2019-07-05 06:58:57 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:1642