Bug 1732818 - foreman_scap_client_cron not working for ansible deployments.
Summary: foreman_scap_client_cron not working for ansible deployments.
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Satellite 6
Classification: Red Hat
Component: SCAP Plugin
Version: 6.6.0
Hardware: Unspecified
OS: Unspecified
medium
medium vote
Target Milestone: 6.6.0
Assignee: Ondřej Pražák
QA Contact: Jameer Pathan
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-07-24 12:33 UTC by Jameer Pathan
Modified: 2019-10-22 19:51 UTC (History)
4 users (show)

Fixed In Version: ansiblerole-foreman_scap_client-0.0.3
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-10-22 19:51:57 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Foreman Issue Tracker 27417 Normal Closed foreman_scap_client_cron not working for ansible deployments. 2020-01-30 14:52:49 UTC

Description Jameer Pathan 2019-07-24 12:33:13 UTC
Description of problem:
foreman_scap_client_cron not working for ansible deployments.

Version-Release number of selected component (if applicable):
- Satellite 6.6.0 snap 11
- rubygem-foreman_scap_client-0.4.6-1.el7sat.noarch

How reproducible:
always

Steps to Reproduce:
1. Create a host with scap configured via ansible. 
2. Wait till scheduled cron time is complete. 

Actual results:
- No reports generated even after scheduled cron time.

Expected results:
- Reports generated even after scheduled cron time.

Additional info:
- Issue seems to be occurring because of cron command in /etc/cron.d/foreman_scap_client_cron 

# cat /etc/cron.d/foreman_scap_client_cron 
# DO NOT EDIT THIS FILE MANUALLY
# IT IS MANAGED BY ANSIBLE
# ANY MANUAL CHANGES WILL BE LOST ON THE NEXT ANSIBLE EXECUTION
#
# Executing foreman_scap_client from command line may be useful for debugging purposes.

# foreman_scap_client cron job
*/10 * * * * root "/bin/sleep 32; /usr/bin/foreman_scap_client 3 > /dev/null"

- after removing quotes the command runs fine.

- while same file when configured scap_client using puppet looks like 

# cat /etc/cron.d/foreman_scap_client_cron 
# DO NOT EDIT THIS FILE MANUALLY
# IT IS MANAGED BY PUPPET
# ANY MANUAL CHANGES WILL BE LOST ON THE NEXT PUPPET RUN
#
# Executing foreman_scap_client from command line may be useful for debugging purposes.
# It may generate warnings due to a reference to a missing file.

# foreman_scap_client cron job

# Runs foreman_scap_client 1
*/30 * * * * root /bin/sleep 517 ; /usr/bin/foreman_scap_client 1 2>&1 | logger -t foreman_scap_client

Comment 3 Sanket Jagtap 2019-07-24 12:45:15 UTC
As the intended use of foreman_scap_client is with cron, this would be a possible blocker for feature

Comment 4 Ondřej Pražák 2019-07-24 13:10:30 UTC
Created redmine issue https://projects.theforeman.org/issues/27417 from this bug

Comment 6 Jameer Pathan 2019-07-30 10:08:39 UTC
Verified

Verified with:
- Satellite 6.6.0 snap 13

Test steps:
1. Host with scap configured via ansible. 
2. Wait till scheduled cron time is complete.

Observation:
- Reports were being generated after scheduled cron time.

Comment 7 Jameer Pathan 2019-07-30 10:35:35 UTC
- Content of /etc/cron.d/foreman_scap_client_cron file on host.
#cat /etc/cron.d/foreman_scap_client_cron
# DO NOT EDIT THIS FILE MANUALLY
# IT IS MANAGED BY ANSIBLE
# ANY MANUAL CHANGES WILL BE LOST ON THE NEXT ANSIBLE EXECUTION
#
# Executing foreman_scap_client from command line may be useful for debugging purposes.

# foreman_scap_client cron job
*/10 * * * * root /bin/sleep 271; /usr/bin/foreman_scap_client 3 2>&1 | logger -t foreman_scap_client

Comment 8 Bryan Kearney 2019-10-22 19:51:57 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2019:3172


Note You need to log in before you can comment on or make changes to this bug.