Bug 1107841 - Spacewalk returning error 500 when receiving audit result
Summary: Spacewalk returning error 500 when receiving audit result
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Spacewalk
Classification: Community
Component: Clients
Version: 2.2
Hardware: x86_64
OS: Linux
unspecified
medium
Target Milestone: ---
Assignee: Matej Kollar
QA Contact: Red Hat Satellite QA List
URL:
Whiteboard:
Depends On:
Blocks: space23
TreeView+ depends on / blocked
 
Reported: 2014-06-10 18:38 UTC by Francis Lacoste
Modified: 2015-04-14 19:04 UTC (History)
8 users (show)

Fixed In Version: spacewalk-oscap-2.3.1-1
Clone Of:
: 1142808 (view as bug list)
Environment:
Last Closed: 2015-04-14 19:04:03 UTC
Embargoed:

Attachments (Terms of Use)

Description Francis Lacoste 2014-06-10 18:38:28 UTC 
Description of problem:
The client is able to run the scan and generate a proper xml file without any problem

How reproducible:
1. Install spacewalk-oscap
2. Schedule an audit
3. Look at error_log or rrcheck -vvvv output

Actual results:
Results are not inserted in Spacewalk but they are generated

Expected results:
Results inserted in Spacewalk

Additional info from error_log:
[Tue Jun 10 14:25:19 2014] [error] Spacewalk 1237 2014/06/10 14:25:19 -04:00: ('Unhandled exception', IntegrityError('new row for relation "rhnxccdfprofile" violates check constraint "vn_rhnxccdfprofile_identifier"\\nCONTEXT:  Error occurred on dblink connection named "at_conn": could not execute command.\\nSQL statement "SELECT  dblink_exec(\\'at_conn\\',  $1 , true)"\\nPL/pgSQL function "pg_dblink_exec" line 7 at PERFORM\\nSQL statement "SELECT  pg_dblink_exec( \\'insert into rhnXccdfProfile (id, identifier, title) values (\\' ||  $1  || \\', \\' || coalesce(quote_literal( $2 ), \\'NULL\\') || \\', \\' || coalesce(quote_literal( $3 ), \\'NULL\\') || \\')\\' )"\\nPL/pgSQL function "lookup_xccdf_profile" line 12 at PERFORM\\n',))

[Tue Jun 10 14:25:19 2014] [error] Exception Handler Information
[Tue Jun 10 14:25:19 2014] [error] Traceback (most recent call last):
[Tue Jun 10 14:25:19 2014] [error]   File "/usr/lib/python2.6/site-packages/spacewalk/server/apacheRequest.py", line 123, in call_function
[Tue Jun 10 14:25:19 2014] [error]     response = apply(func, params)
[Tue Jun 10 14:25:19 2014] [error]   File "/usr/share/rhn/server/handlers/xmlrpc/queue.py", line 471, in submit
[Tue Jun 10 14:25:19 2014] [error]     action_type=action_type)
[Tue Jun 10 14:25:19 2014] [error]   File "/usr/share/rhn/server/handlers/xmlrpc/queue.py", line 516, in process_extra_data
[Tue Jun 10 14:25:19 2014] [error]     result = method(self.server_id, action_id, data=data)
[Tue Jun 10 14:25:19 2014] [error]   File "/usr/lib/python2.6/site-packages/spacewalk/server/action_extra_data/scap.py", line 46, in xccdf_eval
[Tue Jun 10 14:25:19 2014] [error]     profiles[0], data['errors'])
[Tue Jun 10 14:25:19 2014] [error]   File "/usr/lib/python2.6/site-packages/spacewalk/server/action_extra_data/scap.py", line 64, in _process_testresult
[Tue Jun 10 14:25:19 2014] [error]     errors=errors
[Tue Jun 10 14:25:19 2014] [error]   File "/usr/lib/python2.6/site-packages/spacewalk/server/rhnSQL/sql_base.py", line 153, in execute
[Tue Jun 10 14:25:19 2014] [error]     return apply(self._execute_wrapper, (self._execute, ) + p, kw)
[Tue Jun 10 14:25:19 2014] [error]   File "/usr/lib/python2.6/site-packages/spacewalk/server/rhnSQL/driver_postgresql.py", line 290, in _execute_wrapper
[Tue Jun 10 14:25:19 2014] [error]     retval = apply(function, p, kw)
[Tue Jun 10 14:25:19 2014] [error]   File "/usr/lib/python2.6/site-packages/spacewalk/server/rhnSQL/sql_base.py", line 207, in _execute
[Tue Jun 10 14:25:19 2014] [error]     return self._execute_(args, kwargs)
[Tue Jun 10 14:25:19 2014] [error]   File "/usr/lib/python2.6/site-packages/spacewalk/server/rhnSQL/driver_postgresql.py", line 309, in _execute_
[Tue Jun 10 14:25:19 2014] [error]     self._real_cursor.execute(self.sql, params)
[Tue Jun 10 14:25:19 2014] [error] IntegrityError: new row for relation "rhnxccdfprofile" violates check constraint "vn_rhnxccdfprofile_identifier"
[Tue Jun 10 14:25:19 2014] [error] CONTEXT:  Error occurred on dblink connection named "at_conn": could not execute command.
[Tue Jun 10 14:25:19 2014] [error] SQL statement "SELECT  dblink_exec('at_conn',  $1 , true)"
[Tue Jun 10 14:25:19 2014] [error] PL/pgSQL function "pg_dblink_exec" line 7 at PERFORM
[Tue Jun 10 14:25:19 2014] [error] SQL statement "SELECT  pg_dblink_exec( 'insert into rhnXccdfProfile (id, identifier, title) values (' ||  $1  || ', ' || coalesce(quote_literal( $2 ), 'NULL') || ', ' || coalesce(quote_literal( $3 ), 'NULL') || ')' )"
[Tue Jun 10 14:25:19 2014] [error] PL/pgSQL function "lookup_xccdf_profile" line 12 at PERFORM
[Tue Jun 10 14:25:19 2014] [error]
Comment 1 Francis Lacoste 2014-06-10 18:44:34 UTC 
Actually, same as: https://www.redhat.com/archives/spacewalk-list/2014-May/msg00059.html
Comment 2 Thomas Ristic 2014-08-12 07:44:08 UTC 
Any news on this? We are facing the same problem.
Comment 3 Šimon Lukašík 2014-08-12 08:03:11 UTC 
I believe this is a regression against previous versions of Spacewalk.
Comment 6 Jan Chaloupka 2014-08-15 13:58:15 UTC 
Some output from oscap from client is like this:

<?xml version="1.0" encoding="UTF-8"?>\n<benchmark-resume xmlns:cdf="http://checklists.nist.gov/xccdf/1.1" xmlns:xccdf_12="http://checklists.nist.gov/xccdf/1.2" id="first" version="1.0"><profile title="Tailored profile" id=""/><TestResult id="xccdf_org.open-scap_testresult_default-profile" start-time="2014-08-15T09:44:42" end-time="2014-08-15T09:44:42"><pass><rr id="no_hashes_outside_shadow"><ident system="http://cce.mitre.org">CCE-14300-8</ident></rr></pass><fail/><error/><unknown/><notapplicable/><notchecked/><notselected/><informational/><fixed/></TestResult></benchmark-resume>

It contains

<profile title="Tailored profile" id=""/>

where id attribute is empty string.

Now, looking at /usr/lib/python2.6/site-packages/spacewalk/server/action_extra_data/scap.py, line 45.

All checks for len(profiles) passes, leaving profile.id equal to empty string. DB insert then fails because id has to be non-empty string (due to constraint on id column, table rhnXccdfProfile.

Sent email after exception should sent information about empty id attribute of profile tag.

Looking at source code of master branch, the check is still the same, no check on empty id attribute.
Comment 7 Pascal Gamelkoorn 2014-08-28 14:05:17 UTC 
Seems that the problem exists when using the default profile. When you provide the profile on the command-line within Spacewalk for openscap it works perfectly. I've reproduced this with multiple XML files with a profile_id provided as parameter. 

Perhaps this can help you guys with searching the issue.
Comment 8 Matej Kollar 2014-09-12 09:29:49 UTC 
What version of OpenSCAP you use when this occurs?
Comment 9 Pascal Gamelkoorn 2014-09-12 10:47:26 UTC 
I'm using this version :

openscap-1.0.8-1.0.1
openscap-utils-1.0.8-1.0.1
Comment 10 Matej Kollar 2014-09-17 12:07:12 UTC 
Thank you Pascal for info.

Patch that introduced this issue seems to be 4140bf90eb3e6b6e303ba41f79c3dec7fb24d676.

In the meantime people suffering from this can try downgrading to spacewalk-oscap-0.0.22. (Only difference there should be change in xslt and list of allowed arguments related to enabling support for tailoring).
Comment 11 Matej Kollar 2014-09-22 09:47:35 UTC 
spacewalk.git: 436604669a3496775e01beea1c6266d4c545d8ee

There was a corner case when using default profile.
Comment 12 Matej Kollar 2014-09-23 15:55:21 UTC 
Fix is in nightly build (spacewalk-oscap-2.3.1-1). Should you feel adventurous, you can try installing that package and sharing your findings ;-).
Comment 13 Grant Gainey 2015-03-23 16:59:32 UTC 
Moving bugs to ON_QA as we move to release Spacewalk 2.3
Comment 14 Grant Gainey 2015-04-14 19:04:03 UTC 
Spacewalk 2.3 has been released. See

https://fedorahosted.org/spacewalk/wiki/ReleaseNotes23
Note You need to log in before you can comment on or make changes to this bug.