Bug 695451 - Func 0.28 fails to find certificates
Summary: Func 0.28 fails to find certificates
Alias: None
Product: Fedora EPEL
Classification: Fedora
Component: func
Version: el5
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
Assignee: Seth Vidal
QA Contact: Fedora Extras Quality Assurance
Depends On:
TreeView+ depends on / blocked
Reported: 2011-04-11 19:08 UTC by Erinn Looney-Triggs
Modified: 2014-01-21 23:18 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2011-04-13 17:17:16 UTC

Attachments (Terms of Use)

Description Erinn Looney-Triggs 2011-04-11 19:08:05 UTC
Description of problem:
It appears that func 0.28 requires libvirt which is not an RPM dependency, I am not sure but isn't libvirt part of the virtualization entitlement? It might be a good idea to make that dependency optional so func can be used on systems that are not entitled for virt.

This might be applicable to RHEL 6 as well, only tested for me on 5 though.

Version-Release number of selected component (if applicable):


Additional info:
2011-04-11 18:58:42,041 - WARNING - ['Traceback (most recent call last):\n', '  File "/usr/lib/python2.4/site-packages/func/module_loader.py", line 108, in load_modules\n    blip =  __import__("%s%s" % ( mod_dir,mod_imp_name), globals(), locals(), [mod_imp_name])\n', 'ValueError: Empty module name\n']
2011-04-11 18:58:42,047 - WARNING - Import error while loading virt module: No module named libvirt
2011-04-11 18:58:42,047 - WARNING - ['Traceback (most recent call last):\n', '  File "/usr/lib/python2.4/site-packages/func/module_loader.py", line 108, in load_modules\n    blip =  __import__("%s%s" % ( mod_dir,mod_imp_name), globals(), locals(), [mod_imp_name])\n', '  File "/usr/lib/python2.4/site-packages/func/minion/modules/virt.py", line 27, in ?\n    import libvirt\n', 'ImportError: No module named libvirt\n']
2011-04-11 18:58:42,169 - WARNING - Could not load  module
2011-04-11 18:58:42,169 - WARNING - ['Traceback (most recent call last):\n', '  File "/usr/lib/python2.4/site-packages/func/module_loader.py", line 108, in load_modules\n    blip =  __import__("%s%s" % ( mod_dir,mod_imp_name), globals(), locals(), [mod_imp_name])\n', 'ValueError: Empty module name\n']
2011-04-11 18:58:42,846 - INFO - Exception occured: exceptions.IndexError
2011-04-11 18:58:42,846 - INFO - Exception value: list index out of range
2011-04-11 18:58:42,846 - INFO - Exception Info:
  File "/usr/bin/funcd", line 23, in ?
   File "/usr/lib/python2.4/site-packages/func/minion/server.py", line 413, in main
   File "/usr/lib/python2.4/site-packages/func/minion/server.py", line 225, in serve
    server = setup_server()
   File "/usr/lib/python2.4/site-packages/func/minion/server.py", line 220, in setup_server
    server = FuncSSLXMLRPCServer((listen_addr, listen_port), config.module_list)
   File "/usr/lib/python2.4/site-packages/func/minion/server.py", line 265, in __init__
    self.cert = func_utils.find_files_by_hostname(hn, self.cm_config.cert_dir, '.cert')[0]

Comment 1 seth vidal 2011-04-11 19:26:35 UTC
func doesn't require it - but if you wish to use the virt module it does.

I believe this is the same as the func 0.24 in epel5 currently.

Comment 2 Erinn Looney-Triggs 2011-04-11 19:30:19 UTC
Well func fails to start in RHEL 5 due to the above errors. Version 0.24 does not.

Comment 3 Greg Swift 2011-04-12 15:28:50 UTC
that is not failing because of the libvirt error.  That is failing because it doesn't have a certificate.

Comment 4 Erinn Looney-Triggs 2011-04-12 16:58:20 UTC
Hey reading to the bottom, who would have thought :). Ok here is what I have, func-0.24 works like a charm on the system, tied in with the master etc, everything works. Upgrade to func 0.28, it no longer works, the client throws the aforementioned error. Now maybe I am missing something here, but it seems like it should start and work. I am able to roll back and the old version works, go forward, it fails.

Comment 5 Greg Swift 2011-04-12 20:45:52 UTC
So this is bash equivalent to what that piece of code is running:

ls $(awk '/^cert_dir/ { print $3}' /etc/certmaster/certmaster.conf)/$(hostname --fqdn).cert

what's interesting is that 3 lines before it it basically does this:

ls $(awk '/^cert_dir/ { print $3}' /etc/certmaster/certmaster.conf)/$(hostname --fqdn).pem

and that works... which means its finding your key, but not your certificate file.

ya know what?  It occurs to me that if you do: 

ls $(awk '/^cert_dir/ { print $3}' /etc/certmaster/certmaster.conf)

you will find the a set of 3 matching files with the extensions: cert, csr, and pem.

then you will find another pair with only the extensions: csr and pem

is that the case?

Comment 6 Erinn Looney-Triggs 2011-04-12 22:39:29 UTC
Here is what I have, I have fqdn.cert, fqdn.csr, and fqdn.pem in /etc/pki/certmaster. The other pair you are talking about don't seem to exist, though there is a ca.cert file in that directory as well. 


Comment 7 Greg Swift 2011-04-13 13:19:32 UTC
hrm... well... then i'm not 100% sure whats going on. you've got the bits that are supposed to be there file wise.

whats the output of when you are on 0.28:

python -c "from func import utils; print utils.get_hostname_by_route()"

Comment 8 seth vidal 2011-04-13 15:04:24 UTC
 could you run
 funcd --info

and report the output?

Comment 9 Erinn Looney-Triggs 2011-04-13 17:17:16 UTC
And now with more testing this problem disappears magically. Let's chalk this up to operator issues (the most likely cause of all problems), sorry to waste time. 


Note You need to log in before you can comment on or make changes to this bug.