Bug 2232241
| Summary: | kdump role: "Write new authorized_keys if needed" task idempotency issues | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 9 | Reporter: | Brian Smith <briasmit> | |
| Component: | rhel-system-roles | Assignee: | Rich Megginson <rmeggins> | |
| Status: | POST --- | QA Contact: | CS System Management SST QE <rhel-cs-system-management-subsystem-qe> | |
| Severity: | unspecified | Docs Contact: | ||
| Priority: | unspecified | |||
| Version: | 9.2 | CC: | djez, jharuda, rmeggins, spetrosi, vdanek | |
| Target Milestone: | rc | Keywords: | Triaged | |
| Target Release: | 9.3 | Flags: | rmeggins:
needinfo?
(djez) rmeggins: needinfo? (jharuda) rmeggins: needinfo? (vdanek) briasmit: needinfo? (rmeggins) |
|
| Hardware: | Unspecified | |||
| OS: | Unspecified | |||
| Whiteboard: | role:kdump | |||
| Fixed In Version: | Doc Type: | Bug Fix | ||
| Doc Text: |
Cause: The new key content had an extra newline at the end.
Consequence: The test to see if the new key content was in the
current authorized_key list failed, so the key was added every
time, and the task was not idempotent.
Fix: Ensure the new key value has no extra newline. Use a simple
list `in` test to see if the new value is in the existing list.
Result: The task to write authorized_keys is idempotent.
|
Story Points: | --- | |
| Clone Of: | ||||
| : | 2232391 (view as bug list) | Environment: | ||
| Last Closed: | Type: | Bug | ||
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 2232391 | |||
@briasmit can you try out the patch in https://github.com/linux-system-roles/kdump/pull/162 ? @rmeggins Yes, this fixed the issue for me. Thanks! |
Description of problem: The "Write new authorized_keys if needed" task does not appear to be idempotent. When running the kdump role against a single host for a second time, it will report a change for this task, and the authorized_keys file will end up with a duplicate entry. When running the kdump role against 2 hosts, each time the role is run, it will alternate showing a change on one host, and on the next run, the other host. The host that reports a change will have a duplicate entry in the authorized_keys file Version-Release number of selected component (if applicable): rhel-system-roles-1.21.1-1.el9_2.noarch How reproducible: Every time Steps to Reproduce: 1. From my controlnode (rhel9-controlnode.example.com) use this inventory file and run the kdump system role several times: all: hosts: rhel9-server1.example.com: rhel9-server2.example.com: vars: kdump_target: type: ssh location: kdump.com kdump_path: "/home/kdump/crash" kdump_sshkey: "/root/.ssh/kdump_id_rsa" kdump_ssh_user: kdump kdump_ssh_server: rhel9-controlnode.example.com Actual results: After the initial run, subsequent runs of the role report a change on the "Write new authorized_keys if needed" task, alternating each time between showing the change on rhel9-server1.example.com and rhel9-server2.example.com. The host that reports a change will have a duplicate entry in the authorized_keys file Expected results: This task is idempotent and does not report changes on subsequent runs. Entries are not duplicated in the authorized_keys file.